Различия

Здесь показаны различия между двумя версиями данной страницы.

--- freebsd:cacti [2020/01/06 21:33]
alex
+++ freebsd:cacti [2021/11/13 16:54] (текущий)
alex
@@ Строка 281: / Строка 281: @@
-Из файла
+Из файла ///usr/local/share/cacti/include/config.php.sample// создаю файл конфигурации в котором указываю пользователя и пароль базы данных cacti.
-/usr/local/share/cacti/include/config.php.sample создаю файл конфигурации в котором указываю пользователя и пароль базы данных cacti.
+загружаю временные зоны в MySQL
+  mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql
+В папке ///var/log/cacti// создаю файл для логов **log**  и задаю права доступа www:www
+  touch /var/log/cacti/log
+Меняю права доступа к папке cacti
+  chown -R www:www /usr/local/share/cacti/
+Создаю папку и меняю права доступа
+  mkdir -p /usr/local/share/cacti/log/
+  chown -R www:www /usr/local/share/cacti/log/
+В браузере набираю cacti.klotik.ru. На приглашение логина и пароля набираю **admin/admin**. Cacti предложит сменить пароль.
+  Input Validation Whitelist Protection
+  Cacti Data Input methods that call a script can be exploited in ways that a non-administrator can perform damage
+  to either files owned by the poller account, and in cases where someone runs the Cacti poller as root, can
+  compromise the operating system allowing attackers to exploit your infrastructure.
+  Therefore, several versions ago, Cacti was enhanced to provide Whitelist capabilities on the these types of Data
+  Input Methods. Though this does secure Cacti more thouroughly, it does increase the amount of work required by
+  the Cacti administrator to import and manage Templates and Packages.
+  The way that the Whitelisting works is that when you first import a Data Input Method, or you re-import a Data
+  Input Method, and the script and or aguments change in any way, the Data Input Method, and all the corresponding
+  Data Sources will be immediatly disabled until the administrator validates that the Data Input Method is valid.
+  To make identifying Data Input Methods in this state, we have provided a validation script in Cacti's CLI
+  directory that can be run with the following options:
+  php -q input_whitelist.php --audit - This script option will search for any Data Input Methods that are currently
+  banned and provide details as to why.
+  php -q input_whitelist.php --update - This script option un-ban the Data Input Methods that are currently banned.
+  php -q input_whitelist.php --push - This script option will re-enable any disabled Data Sources.
+  It is strongly suggested that you update your config.php to enable this feature by uncommenting the
+  $input_whitelist variable and then running the three CLI script options above after the web based install has completed.
+  Check the Checkbox below to acknowledge that you have read and understand this security concern
+=== Обновление старого cacti ===
 После обновления cacti внёс изменения в базу данных MySQL
@@ Строка 336: / Строка 393: @@
   # ln -s /usr/local/lib/libpng16.so.16.23.0 /usr/local/lib/libpng15.so.15
+Ссылки:\\
 http://dnaeon.github.io/cacti-freebsd/\\
 https://ctopmbi4.wordpress.com/2014/08/29/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0-cacti-%D0%BD%D0%B0-freebsd/\\

klotik.ru

Инструменты пользователя

Инструменты сайта

Различия

Инструменты страницы