Closed Bug 783198 Opened 13 years ago Closed 11 years ago

Non services operations personnel can modify production nagios

Categories

(Cloud Services :: Operations: Miscellaneous, task)

Product:
Cloud Services
Component:
Operations: Miscellaneous
Platform:
x86_64
Linux
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: gene, Unassigned)

Details

(Whiteboard: [qa-])

People outside of services operations have the ability to VPN in to market post tower. One effect of that is that they can reach the nagios web UI. Nagios doesn't have any authentication enabled. We may want to either : * enable auth on nagios so some users can read/view and others have admin rights * prevent non service ops folks from accessing MPT but allowing them to still reach things like pencil * some other solution
Whiteboard: [qa-]
(In reply to Eugene Wood [:gene] from comment #0) > * prevent non service ops folks from accessing MPT but allowing them to > still reach things like pencil Moving nagios to a new IP address on each admin server (using an aliased interface) would effectively block non-production users as desired, without any further changes beyond an altered Listen line in the webserver config.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.