NRPE Problems
Gerald Wichmann
gwichman at zantaz.com
Tue Nov 12 21:14:52 CET 2002
That was it.. Guess it wants the full path in there. This problem would be
easily averted if they'd put a sample nrpe.cfg somewhere in the docs. I was
actually looking at the nrpe.cfg file wondering if it wanted the full path
earlier when I saw the permission denied. Thought maybe it was trying to run
the directory instead of the actual nrpe executable. Didn't have a chance to
try it though until now. Thanks again
Gerald Wichmann
Senior Systems Development Engineer
Zantaz, Inc.
925.598.3099 (w)
-----Original Message-----
From: Carroll, Jim P [Contractor] [mailto:jcarro10 at sprintspectrum.com]
Sent: Tuesday, November 12, 2002 11:48 AM
To: Gerald Wichmann; nagios-users at lists.sourceforge.net
Subject: RE: NRPE Problems
I think I know what the problem is. It's in your /etc/xinetd.d/nrpe file.
Here's mine:
$ cat nrpe
# default: on
# description: NRPE
service nrpe
{
flags = REUSE
socket_type = stream
wait = no
user = nagios
server = /home/nagios/bin/nrpe
server_args = -i /home/nagios/etc/nrpe.cfg
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 10.108.58.68 10.108.58.69
}
For reference, my server binary is /home/nagios/bin/nrpe, and the config
file is /home/nagios/etc/nrpe.cfg.
Make the necessary changes and see if that helps.
jc
-----Original Message-----
From: Gerald Wichmann [mailto:gwichman at zantaz.com]
Sent: Tuesday, November 12, 2002 1:21 PM
To: nagios-users at lists.sourceforge.net
Cc: Carroll, Jim P [Contractor]
Subject: NRPE Problems
Ok you guys were right. It was monitoring my local box not the boxes I
thought it was. In my attempts to implement NRPE I seem to have done
something wrong.. All the files I believe are in place and xinetd seems to
start normally. But when I do a check_nrpe for some command it fails. My
Nagios service page lists status as UNKNOWN and status information as
"CHECK_NRPE: Error receiving data from host." Any ideas as to what I'm
missing? I can post more output as necessary but I think the below is
everything.:
[root at PS-NAT libexec]# ./check_nrpe 10.1.82.30 -c check_disk1
CHECK_NRPE: Error receiving data from host.
[root at PS-NAT libexec]#
/var/log/messages of xinetd restarting and then a log for when I attempt the
above check_nrpe:
Nov 12 11:03:38 ps-sm-poly-00 xinetd[8359]: Exiting...
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: chargen disabled, removing
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: chargen disabled, removing
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: daytime disabled, removing
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: daytime disabled, removing
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: echo disabled, removing
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: echo disabled, removing
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: rsync disabled, removing
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: time disabled, removing
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: time disabled, removing
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: xinetd Version 2.3.0 started
with libwrap options compiled in.
Nov 12 11:03:38 ps-sm-poly-00 xinetd[3178]: Started working: 2 available
services
Nov 12 11:04:15 ps-sm-poly-00 xinetd[4990]: execv( /usr/sbin ) failed:
Permission denied (errno = 13)
NOTE the bottom entry. That's what it logs anytime I try to do a check_nrpe
command from the nagios server (so my log is filled with them)
Attempt to Telnet to port 5666 on the box running NRPE (from the nagios
server):
[root at PS-NAT libexec]# telnet 10.1.82.30 5666
OLE_LINK1Trying 10.1.82.30...
Connected to 10.1.82.30.
Escape character is '^]'.
Connection closed by foreign host.
[root at PS-NAT libexec]#
Which differs from when I try to connect to a port where nothing is
listening on:
Trying 10.1.82.30...
telnet: connect to address 10.1.82.30: Connection refused
Various files, paths, configs, permissions of NRPE setup:
[root at ps-sm-poly-00 /root]# cat /etc/xinetd.d/nrpe
# default: on
# description: NRPE
service nrpe
{
flags = REUSE
socket_type = stream
wait = no
user = nagios
server = /usr/sbin
server_args = -i /usr/local/nagios
log_on_failure += USERID
disable = no
only_from = 10.1.82.21
}
[root at ps-sm-poly-00 /root]# ls -l /usr/local/nagios
total 6
drwxr-xr-x 2 root root 1304 Nov 11 22:37 libexec
-rw-r--r-- 1 root root 3303 Nov 11 22:29 nrpe.cfg
[root at ps-sm-poly-00 /root]# ls -l /usr/sbin/nrpe
-rwxr-xr-x 1 root root 80002 Nov 11 22:28 /usr/sbin/nrpe
[root at ps-sm-poly-00 /root]# cat /usr/local/nagios/nrpe.cfg
############################################################################
#
# Sample NRPE Config File
# Written by: Ethan Galstad (nagios at nagios.org)
#
# Last Modified: 06-03-2002
#
# NOTES:
# This is a sample configuration file for the NRPE daemon. It needs to be
# located on the remote host that is running the NRPE daemon, not the host
# from which the check_nrpe client is being executed.
############################################################################
#
# PORT NUMBER
# Port number we should wait for connections on.
# NOTE: This must be a non-priviledged port (i.e. > 1024).
# NOTE: This option is ignored if NRPE is running under either inetd or
xinetd
server_port=5666
# SERVER ADDRESS
# Address that nrpe should bind to in case there are more than one interface
# and you do not want nrpe to bind on all interfaces.
# NOTE: This option is ignored if NRPE is running under either inetd or
xinetd
server_address=10.1.82.21
# ALLOWED HOST ADDRESSES
# This is a comma-delimited list of IP address of hosts that are allowed
# to talk to the NRPE daemon.
#
# NOTE: The daemon only does rudimentary checking of the client's IP
# address. I would highly recommend adding entries in your
# /etc/hosts.allow file to allow only the specified host to connect
# to the port you are running this daemon on.
#
# NOTE: This option is ignored if NRPE is running under either inetd or
xinetd
allowed_hosts=10.1.82.21
# NRPE USER
# This determines the effective user that the NRPE daemon should run as.
# You can either supply a username or a UID.
#
# NOTE: This option is ignored if NRPE is running under either inetd or
xinetd
nrpe_user=nagios
# NRPE GROUP
# This determines the effective group that the NRPE daemon should run as.
# You can either supply a group name or a GID.
#
# NOTE: This option is ignored if NRPE is running under either inetd or
xinetd
nrpe_group=nagios
# DEBUGGING OPTION
# This option determines whether or not debugging messages are logged to the
# syslog facility.
# Values: 0=debugging off, 1=debugging on
debug=1
# COMMAND DEFINITIONS
# Command definitions that this daemon will run. Definitions
# are in the following format:
#
# command[<command_name>]=<command_line>
#
# When the daemon receives a request to return the results of <command_name>
# it will execute the command specified by the <command_line> argument.
#
# Unlike Nagios, the command line cannot contain macros - it must be
# typed exactly as it should be executed.
#
# Note: Any plugins that are used in the command lines must reside
# on the machine that this daemon is running on! The examples below
# assume that you have plugins installed in a /usr/local/nagios/libexec
# directory.
command[check_users]=/usr/local/nagios/libexec/check_users 5 10
command[check_load]=/usr/local/nagios/libexec/check_load 5 10 15 20 25 30
command[check_disk1]=/usr/local/nagios/libexec/check_disk 80 95 /dev/hda6
command[check_disk2]=/usr/local/nagios/libexec/check_disk 80 95 /dev/hda10
command[check_disk3]=/usr/local/nagios/libexec/check_disk 80 95 /dev/sda1
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs 5 10 Z
command[check_total_procs]=/usr/local/nagios/libexec/check_procs 150 200
command[check_smtp]=/usr/local/nagios/libexec/check_smtp
[root at ps-sm-poly-00 /root]# ls -l /usr/local/nagios/libexec/
total 696
-rwxr-xr-x 1 root root 2264 Jul 8 08:37 check_breeze
-rwxr-xr-x 1 root root 21557 Jul 8 08:37 check_by_ssh
-rwxr-xr-x 1 root root 21468 Jul 8 08:37 check_disk
-rwxr-xr-x 1 root root 7741 Jul 8 08:37 check_disk_smb
-rwxr-xr-x 1 root root 21554 Jul 8 08:37 check_dns
-rwxr-xr-x 1 root root 11462 Jul 8 08:37 check_dummy
-rwxr-xr-x 1 root root 3830 Jul 8 08:37 check_flexlm
-rwxr-xr-x 1 root root 19341 Jul 8 08:37 check_ftp
-rwxr-xr-x 1 root root 37436 Jul 8 08:37 check_http
-rwxr-xr-x 1 root root 19072 Jul 8 08:37 check_imap
-rwxr-xr-x 1 root root 7434 Jul 8 08:37 check_ircd
-rwxr-xr-x 1 root root 19372 Jul 8 08:37 check_load
-rwxr-xr-x 1 root root 5207 Jul 8 08:37 check_log
-rwxr-xr-x 1 root root 17699 Jul 8 08:37 check_mrtg
-rwxr-xr-x 1 root root 16036 Jul 8 08:37 check_mrtgtraf
-rwxr-xr-x 1 root root 19527 Jul 8 08:37 check_nagios
-rwxr-xr-x 1 root root 20291 Jul 8 08:37 check_nntp
-rwxr-xr-x 1 root root 7853 Jul 8 08:37 check_ntp
-rwxr-xr-x 1 root root 27386 Jul 8 08:37 check_nwstat
-rwxr-xr-x 1 root root 4324 Jul 8 08:37 check_oracle
-rwxr-xr-x 1 root root 21786 Jul 8 08:37 check_overcr
-rwxr-xr-x 1 root root 24254 Jul 8 08:37 check_ping
-rwxr-xr-x 1 root root 19296 Jul 8 08:37 check_pop
-rwxr-xr-x 1 root root 23856 Jul 8 08:37 check_procs
-rwxr-xr-x 1 root root 21050 Jul 8 08:37 check_real
-rwxr-xr-x 1 root root 9695 Jul 8 08:37 check_rpc
-rwxr-xr-x 1 root root 1180 Jul 8 08:37 check_sensors
-rwxr-xr-x 1 root root 19590 Jul 8 08:37 check_smtp
-rwxr-xr-x 1 root root 17952 Jul 8 08:37 check_ssh
-rwxr-xr-x 1 root root 19382 Jul 8 08:37 check_swap
-rwxr-xr-x 1 root root 24484 Jul 8 08:37 check_tcp
-rwxr-xr-x 1 root root 20547 Jul 8 08:37 check_time
-rwxr-xr-x 1 root root 19293 Jul 8 08:37 check_udp
-rwxr-xr-x 1 root root 24689 Jul 8 08:37 check_ups
-rwxr-xr-x 1 root root 17946 Jul 8 08:37 check_users
-rwxr-xr-x 1 root root 19259 Jul 8 08:37 check_vsz
-rwxr-xr-x 1 root root 3016 Jul 8 08:37 check_wave
-rwxr-xr-x 1 root root 16752 Jul 8 08:37 urlize
-rwxr-xr-x 1 root root 1974 Jul 8 08:37 utils.pm
-rwxr-xr-x 1 root root 739 Jul 8 08:37 utils.sh
[root at ps-sm-poly-00 /root]#
Gerald Wichmann
Senior Systems Development Engineer
Zantaz, Inc.
925.598.3099 (w)
This e-mail has been captured and archived by the ZANTAZ Digital Safe(tm)
service. For more information, visit us at www.zantaz.com.
IMPORTANT: This electronic mail message is intended only for the use of the
individual or entity to which it is addressed and may contain information
that is privileged, confidential or exempt from disclosure under applicable
law. If the reader of this message is not the intended recipient, or the
employee or agent responsible for delivering this message to the intended
recipient, you are hereby notified that any dissemination, distribution or
copying of this communication is strictly prohibited. If you have received
this communication in error, please notify the sender immediately by
telephone or directly reply to the original message(s) sent. Thank you.
This e-mail has been captured and archived by the ZANTAZ Digital Safe(tm)
service. For more information, visit us at www.zantaz.com.
IMPORTANT: This electronic mail message is intended only for the use of the
individual or entity to which it is addressed and may contain information
that is privileged, confidential or exempt from disclosure under applicable
law. If the reader of this message is not the intended recipient, or the
employee or agent responsible for delivering this message to the intended
recipient, you are hereby notified that any dissemination, distribution or
copying of this communication is strictly prohibited. If you have received
this communication in error, please notify the sender immediately by
telephone or directly reply to the original message(s) sent. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20021112/05f90870/attachment.html>
More information about the Users
mailing list