Solaris 10: Running nrpe in a non-global zone
Grant Byers
grant.byers at gmail.com
Thu Jul 9 05:01:27 CEST 2009
Your exec line is wrong. It should read ;
exec="/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg
-i"
arg0="/usr/local/nagios/bin/nrpe"
2009/7/9 Justin Amburn <Justin at marketlive.com>
> Thanks for replies, guys!
>
>
>
> I can run nrpe in global zones under SMF. I can even get nrpe in the
> non-global zones to run with the command:
>
> /usr/local/nagios/bin/nrpe –c /usr/local/nagios/etc/nrpe.cfg –i
>
> root at vz3haadp01# /usr/local/nagios/libexec/check_nrpe -H localhost
>
> NRPE v2.12
>
>
>
> **BUT**, when I run it under SMF in the non-global zones I get the SSL
> handshake error. In the global zone this works just fine. It’s just the
> non-global that is causing me a headache.
>
>
>
> I’ve verified that the results from:
>
> inetadm -l svc:/network/nrpe/tcp:default
>
> the evil /etc/nsswitch.conf
>
> /etc/services
>
> crle
>
> ldd
>
> /var/svc/manifest/network/nrpe-tcp.xml
>
>
>
> Are the same between the global and the non-global.
>
>
>
> See, my ldd shows no errors:
>
>
>
> bash-3.00# ldd /usr/local/nagios/bin/nrpe
>
> libssl.so.0.9.7 => /usr/sfw/lib/libssl.so.0.9.7
>
> libcrypto.so.0.9.7 => /usr/sfw/lib/libcrypto.so.0.9.7
>
> libnsl.so.1 => /lib/libnsl.so.1
>
> libsocket.so.1 => /lib/libsocket.so.1
>
> libc.so.1 => /lib/libc.so.1
>
> libmp.so.2 => /lib/libmp.so.2
>
> libmd.so.1 => /lib/libmd.so.1
>
> libscf.so.1 => /lib/libscf.so.1
>
> libdoor.so.1 => /lib/libdoor.so.1
>
> libuutil.so.1 => /lib/libuutil.so.1
>
> libgen.so.1 => /lib/libgen.so.1
>
> libssl_extra.so.0.9.7 => /usr/sfw/lib/libssl_extra.so.0.9.7
>
> libcrypto_extra.so.0.9.7 =>
> /usr/sfw/lib/libcrypto_extra.so.0.9.7
>
> libm.so.2 => /lib/libm.so.2
>
>
>
> I've kept adding and adding to the crle file:
>
>
>
> bash-3.00# crle
>
>
>
> Configuration file [version 4]: /var/ld/ld.config
>
> Default Library Path (ELF): /lib:/usr/lib:/usr/sfw/lib:/usr/local/lib
>
> Trusted Directories (ELF): /lib/secure:/usr/lib/secure (system
> default)
>
>
>
> Command line:
>
> crle -c /var/ld/ld.config -l /lib:/usr/lib:/usr/sfw/lib:/usr/local/lib
>
>
>
> BUT, since nrpe works in the non-global when not running under SMF, this
> seems to be strictly an SMF issue.
>
>
>
> Here's my manifest values for both the good and bad zones:
>
>
>
> bash-3.00# inetadm -l svc:/network/nrpe/tcp:default
>
> SCOPE NAME=VALUE
>
> name="nrpe"
>
> endpoint_type="stream"
>
> proto="tcp"
>
> isrpc=FALSE
>
> wait=FALSE
>
> exec="/usr/sfw/sbin/tcpd -c /usr/local/nagios/etc/nrpe.cfg -i"
>
> arg0="/usr/local/nagios/bin/nrpe"
>
> user="nagios"
>
> default bind_addr=""
>
> default bind_fail_max=-1
>
> default bind_fail_interval=-1
>
> default max_con_rate=-1
>
> default max_copies=-1
>
> default con_rate_offline=-1
>
> default failrate_cnt=40
>
> default failrate_interval=60
>
> default inherit_env=TRUE
>
> default tcp_trace=FALSE
>
> tcp_wrappers=TRUE
>
> default connection_backlog=10
>
>
>
> Also, in my /etc/nsswitch.conf all of the LDAP references have been
> removed. Every attribute is ‘files’.
>
>
>
> I’m out of ideas here! Does anyone see anything that I may be missing in
> the setup?
>
>
>
>
>
> Thanks!
>
>
>
> Justin Amburn
>
>
> ------------------------------
>
> *From:* Grant Byers [mailto:grant.byers at gmail.com]
> *Sent:* Monday, July 06, 2009 8:05 PM
> *To:* Nagios Developers List
> *Subject:* Re: [Nagios-devel] Solaris 10: Running nrpe in a non-global
> zone
>
>
>
> I'm running NRPE in non-global Solaris 10 zones. Either configure & build
> with LDFLAGS="-R/usr/sfw/lib", or add /usr/sfw/lib to the runtime linker
> search path. See crle(1).
>
>
>
> Regards,
>
> Grant
>
>
>
> 2009/7/7 Justin Amburn <Justin at marketlive.com>
>
> Hi all,
>
> Does anyone know what custom tweaks need to happen to get nrpe running in
> non-global zones on a Solaris 10 box? It’s working good in the global zone,
> but I get the darned SSL handshake error inside the non-globals. I’m
> guessing this is an environment var or LD link issue. Any ideas?
>
> Thanks,
>
> Justin Amburn
>
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Nagios-devel mailing list
> Nagios-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-devel
>
>
>
>
> ------------------------------------------------------------------------------
> Enter the BlackBerry Developer Challenge
> This is your chance to win up to $100,000 in prizes! For a limited time,
> vendors submitting new applications to BlackBerry App World(TM) will have
> the opportunity to enter the BlackBerry Developer Challenge. See full prize
> details at: http://p.sf.net/sfu/Challenge
> _______________________________________________
> Nagios-devel mailing list
> Nagios-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-devel
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/developers/attachments/20090709/10c8b5e3/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge
This is your chance to win up to $100,000 in prizes! For a limited time,
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize
details at: http://p.sf.net/sfu/Challenge
-------------- next part --------------
_______________________________________________
Nagios-devel mailing list
Nagios-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-devel
More information about the Developers
mailing list