how can an NRPE script know the remote server's IP?
RichTea
mail at catsnest.co.uk
Sat Apr 28 14:23:58 CEST 2012
On Sat, Apr 28, 2012 at 2:38 AM, Morty <morty+nagios at frakir.org> wrote:
> Is there a way for an NRPE script to know the remote server's IP? I'm
> not seeing anything in the environment for NRPE 2.12. getpeername on
> STDIN doesn't seem to help; presumably nrpe doesn't connect the script
> directly to the sockets.
>
> Detailed scenario:
>
> I have two nagios servers running in an active/active cluster. So
> each nagios instance is checking all servers. Some services utilize
> NRPE. One service check is a script that wants to see change in a
> certain system parameter since last time. It then saves the value in
> a statefile, so it can check the next time.
>
> Problem: race condition. If the two nagios servers both check at
> around the same time, one of them will set the state file. Then the
> other one sees the recent statefile and sees no change in the system
> parameter, and the service check goes critical.
>
> A lockfile won't solve the problem, because the problem isn't when the
> two are running at the same time, it's when the two run shortly after
> one another.
>
> One fix would be to have the script use a statefile that includes the
> nagios server IP. So it would use a different statefile depending on
> which nagios server queries, and there would be no conflict. The
> problem is, I can't see a way to supply the server IP to the script.
> No such variable appears in the NRPE environment. getpeername isn't
> working, at least on STDIN.
>
> I could try to do something with a nagios macro, but NRPE scripts are
> supposed to have fixed options unless I turn on dont_blame_nrpe=1,
> which I don't want to do.
>
> - Morty
>
dont_blame_nrpe isnt that big a security issue if you trust your Nagios
servers security and restrict whos allowed to run nrpe commands.
You could then pass in a custom macro from Nagios.
The only other way I could think would be to run a different client side
check / service for each Nagios server.
if you use the _exact_ same config on each Nagios server you can probably
use a custom macro in the service's command definition.
I have not tried it my self but i dont see why it wont work.
service {
name statefile
command $USER1$/statefile_$USER5$.pl
}
where $USER5$ is set to the Nagios servers host name and just define two
nrpe commands on the client's.
HTH
Ritchie,
--
<--Time flies like an arrow; fruit flies like a banana. -->
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20120428/d70ba57a/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list