can't write to a file...
Hi all
I'm writing a script/plugin for Nagios for testing a WebLogic server.. I redirect some output to a file, and then i read that file to get some data, but i can't seem to write to that file with my script :s... this is the most important code Code:
$JAVA_HOME/java -classpath $CLASSPATH weblogic.Admin -url t3://$host:$port -username $user -password $pass GET -pretty -type $service > /usr/lib/nagios/plugins/lib/output.txt everytime i execute my plugin he needs to rewrite that file ('>'), but that doesn't seem to work... to file is accessible and everything... does anyone have a suggestion? * EDIT * When i execute this script through a local terminal (PuTTy), it works but when i execute it from Nagios, it doesn't work.. |
solved it
appearently, when Nagios executes a script, he becomes a user, named apache (don't ask me why) and because of that, he doesn't have enough rights to read a file... so i changed the permissions of that file Code:
# chmod 777 output.txt it's only a output file, no info of interests for other people :p so it doesn't matter thanks anyways guys :hattip: |
Why not add apache to the group of the file so you at least stop world from writing. Also, is setting it to execute such a good idea?
|
yes, but i find it strange that he executes it as apache...
because i use some sort of software (NRPE) and i had to made a user 'Nagios', so i thought he need that user to execute plugins.. can you perhaps explain how i can add apache to that group? i know that those permissions are not necessary, but it is only a file where nothing important gets stored in what is your suggestion for this? |
hello,
i am not really familiar with nagios but found this, it might help http://www.supportsages.com/blog/200...gios-and-nrpe/ "Create a new nagcmd group for allowing external commands to be submitted through the web interface. Add both the nagios user and the apache user to the group." Code:
/usr/sbin/groupadd nagcmd |
Have a look at the usermod command and specifically its -G option (check man page). As it is only to be read or written to, I would suggest something like 664.
This was both owner and group members can read and update the file but the world can only look at it ( which may be good for when you are using your own login :) ) You say that it holds nothing important now, but the last thing you want to o is find there is a single executable line in it at some point and someone runs the file mistakenly. |
All times are GMT -5. The time now is 11:25 PM. |