Nagios - new user doesn't get enabled permissions

I follow simple steps from guides all over the web:

a) add an user to Nagios via command htpasswd htpasswd.users username

b) in cgi.cfg file add this user to lines:

authorized_for_system_information=nagiosadmin, username
authorized_for_configuration_information=nagiosadmin, username
authorized_for_system_commands=nagiosadmin, username
authorized_for_all_services=nagiosadmin, username
authorized_for_all_hosts=nagiosadmin, username
authorized_for_all_service_commands=nagiosadmin, username
authorized_for_all_host_commands=nagiosadmin, username

c) restart nagios3 service, even restart apache2 service

but when I try to list anything from nagios web interface it still gives me this annoying message:

It appears as though you do not have permission to view information for any of the services you requested...
If you believe this is an error, check the HTTP server authentication requirements for accessing this CGI
and check the authorization options in your CGI configuration file.

Where could be a problem please?


Check out the Nagios FAQ at No permission to view configuration, which says:

Description: If you click on "View Config" and you get: """It appears as though you do not have permission to view the configuration information you requested... If you believe this is an error, check the HTTP server authentication requirements for accessing this CGI and check the authorization options in your CGI configuration file."""

Solution: You need to set "authorized_for_configuration_information" in cgi.cfg

By default on my EL6 system, 'authorized_for_configuration_information' is set to be 'nagiosadmin'. Many sites set this to be authorized_for_configuration_information=*, which fixes your issue.

Also, make sure you are using HTTP authentication correctly. See http://nagios.sourceforge.net/docs/3_0/cgiauth.html

Enabling Authentication/Authorization Functionality In The CGIs

The next thing you need to do is make sure that the CGIs are configured to use the authentication and authorization functionality in determining what information and/or commands users have access to. This is done be setting the use_authentication variable in the CGI configuration file to a non-zero value. Example:

use_authentication=1


edit /usr/local/nagios/etc/cgi.cfg

add username , without any space like this

authorized_for_system_information=nagiosadmin,username,username2

save file and restart nagios service using service nagios restart


  1. In terminal:

    sudo htpasswd -c /etc/nagios/htpasswd.users new_user
        # set password for user "new_user"
    
  2. In terminal:

    nano /usr/local/nagios/etc/cgi.cfg
    

    (in cgi.cfg file, look for this section):

    # GLOBAL HOST/SERVICE VIEW ACCESS
    # These two options are comma-delimited lists of all usernames that
    # can view information for all hosts and services that are being
    # monitored.  By default, users can only view information
    # for hosts or services that they are contacts for (unless you
    # you choose to not use authorization). You may use an asterisk (*)
    # to authorize any user who has authenticated to the web server.
    

    (at the end of the line, add the user "new_user"):

    authorized_for_all_services=nagiosadmin,new_user
    authorized_for_all_hosts=nagiosadmin,new_user
    

    (save and exit nano)

  3. Restart nagios service:

    sudo systemctl restart nagios.service
    

Now you can access the web page with "new_user" and monitor all objects.


make sure below line in cgi.cfg in nagios folder

authorized_for_all_services=nagiosadmin,noc authorized_for_all_hosts=nagiosadmin,noc