Source string Source string

English
Additional Steps After Installation
It is essential that the Central Cacti server can communicate via MySQL to each remote Cacti database server. Once the install is complete, you must edit the Remote Data Collector and ensure the settings are correct. You can verify using the 'Test Connection' when editing the Remote Data Collector.
Critical Binary Locations and Versions
Make sure all of these values are correct before continuing.
One or more paths appear to be incorrect, unable to proceed
Directory Permission Checks
Please ensure the directory permissions below are correct before proceeding. During the install, these directories need to be owned by the Web Server user. These permission changes are required to allow the Installer to install Device Template packages which include XML and script files that will be placed in these directories. If you choose not to install the packages, there is an 'install_package.php' cli script that can be used from the command line after the install is complete.
After the install is complete, you can make some of these directories read only to increase security.
These directories will be required to stay read writable after the install so that the Cacti remote synchronization process can update them as the Main Cacti Web Site changes
If you are installing packages, once the packages are installed, you should change the scripts directory back to read only as this presents some exposure to the web site.
For remote pollers, it is critical that the paths that you will be updating frequently, including the plugins, scripts, and resources paths have read/write access as the data collector will have to update these paths from the main web server content.
Required Writable at Install Time Only
Not Writable
Required Writable after Install Complete
Potential permission issues
Please make sure that your webserver has read/write access to the cacti folders that show errors below.
If SELinux is enabled on your server, you can either permanently disable this, or temporarily disable it and then add the appropriate permissions using the SELinux command-line tools.
The user '%s' should have MODIFY permission to enable read/write.
An example of how to set folder permissions is shown here, though you may need to adjust this depending on your operating system, user accounts and desired permissions.
EXAMPLE:
Once installation has completed the CSRF path, should be set to read-only.
All folders are writable
Input Validation Whitelist Protection
Cacti Data Input methods that call a script can be exploited in ways that a non-administrator can perform damage to either files owned by the poller account, and in cases where someone runs the Cacti poller as root, can compromise the operating system allowing attackers to exploit your infrastructure.
Therefore, several versions ago, Cacti was enhanced to provide Whitelist capabilities on the these types of Data Input Methods. Though this does secure Cacti more thoroughly, it does increase the amount of work required by the Cacti administrator to import and manage Templates and Packages.
The way that the Whitelisting works is that when you first import a Data Input Method, or you re-import a Data Input Method, and the script and or arguments change in any way, the Data Input Method, and all the corresponding Data Sources will be immediatly disabled until the administrator validates that the Data Input Method is valid.
To make identifying Data Input Methods in this state, we have provided a validation script in Cacti's CLI directory that can be run with the following options:
This script option will search for any Data Input Methods that are currently banned and provide details as to why.
This script option un-ban the Data Input Methods that are currently banned.
This script option will re-enable any disabled Data Sources.
It is strongly suggested that you update your config.php to enable this feature by uncommenting the <b>$input_whitelist</b> variable and then running the three CLI script options above after the web based install has completed.
Component Translation Difference to current string
This translation Propagated Read only Cacti/core
The following string has the same context and source.
Propagated Read only Cacti/core (v1.2.x)

Loading…

No matching activity found.

Browse all component changes

Glossary

English English
No related strings found in the glossary.

String information

Flags
read-only
Source string location
lib/installer.php:2562
String age
3 years ago
Source string age
3 years ago
Translation file
locales/po/cacti.pot, string 3849