nv-l
[Top] [All Lists]

Re: Neview Security

To: nv-l@lists.tivoli.com
Subject: Re: Neview Security
From: "James Shanks" <jshanks@us.ibm.com>
Date: Mon, 29 Oct 2001 09:29:59 -0500
Yes and no.  NetView security allows access to certain NetView functions
for non-root users but no all.  Only root is allowed to configure traps and
to define SNMP collections because of the security implications of those
function.  With traps especially, you could configure a trap to give
yourself or some other user root access to the box, so we require that only
root can configure traps.   That is the  "yes" part of the answer.  The
"no" part is that NetView does not give you a supported mechanism to give
the non-root user these permissions.  You can of course change the UNIX
permissions on the config files but if you do, then you are solely
responsible for any adverse results.

James Shanks
Level 3 Support  for Tivoli NetView for UNIX and NT
Tivoli Software / IBM Software Group




                                                                                
              
                    jmfrancoz@solu                                              
              
                    ziona.com            To:     nv-l@tkg.com                   
              
                    Sent by:             cc:                                    
              
                    owner-nv-l@tkg       Subject:     [NV-L] Neview Security    
              
                    .com                                                        
              
                                                                                
              
                                                                                
              
                    10/29/01 09:07                                              
              
                    AM                                                          
              
                    Please respond                                              
              
                    to IBM NetView                                              
              
                    Discussion                                                  
              
                                                                                
              
                                                                                
              






Hi all:

I´m having some problems with the security in the Netview environment.

I would want to create a Netview user with all Netview capabilities (equal
to
initial Unix root user but with another Unix user login)

First of all I have create a Netview User (user_nv) who belongs to the
default
Netview Group SrAdmin, using the nvsec_admin utility.


Unix user= user1
Netview user= user_nv

PROBLEM DESCRIPTION:

1- Log in like user "user1" in Unix. By the way this user is a "Login name"
of a
Tivoli user who has all the Tivoli Framework roles.
2- Run Netview and the login Netview interfase appears.
3- Log in like user "user_nv" and group SrAdmin

And... for example:

* The window "Event configuration/Trap customization..." is open Read-only

* When I try to run "Data Collection and threshold..." I receive the error
message:

    "Could not lock file /usr/OV/conf/snmpCol.conf"
   " Colud not fopen /usr/OV/conf/snmpCol.conf" Permission Denied (errno:
13)


Could anyone help me??

Thanks


_________________________________________________________________________
NV-L List information and Archives: http://www.tkg.com/nv-l


<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web