<div class="gmail_extra"><div class="gmail_quote">On Sat, Apr 28, 2012 at 2:38 AM, Morty <<a href="mailto:morty+nagios@frakir.org" target="_blank">morty+nagios@frakir.org</a>> wrote: <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> Is there a way for an NRPE script to know the remote server's IP? I'm not seeing anything in the environment for NRPE 2.12. getpeername on STDIN doesn't seem to help; presumably nrpe doesn't connect the script directly to the sockets. Detailed scenario: I have two nagios servers running in an active/active cluster. So each nagios instance is checking all servers. Some services utilize NRPE. One service check is a script that wants to see change in a certain system parameter since last time. It then saves the value in a statefile, so it can check the next time. Problem: race condition. If the two nagios servers both check at around the same time, one of them will set the state file. Then the other one sees the recent statefile and sees no change in the system parameter, and the service check goes critical. A lockfile won't solve the problem, because the problem isn't when the two are running at the same time, it's when the two run shortly after one another. One fix would be to have the script use a statefile that includes the nagios server IP. So it would use a different statefile depending on which nagios server queries, and there would be no conflict. The problem is, I can't see a way to supply the server IP to the script. No such variable appears in the NRPE environment. getpeername isn't working, at least on STDIN. I could try to do something with a nagios macro, but NRPE scripts are supposed to have fixed options unless I turn on dont_blame_nrpe=1, which I don't want to do. - Morty </blockquote><div> dont_blame_nrpe isnt that big a security issue if you trust your Nagios servers security and restrict whos allowed to run nrpe commands. You could then pass in a custom macro from Nagios. The only other way I could think would be to run a different client side check / service for each Nagios server. if you use the _exact_ same config on each Nagios server you can probably use a custom macro in the service's command definition. I have not tried it my self but i dont see why it wont work. service { name statefile command $USER1$/statefile_$USER5$.pl } where $USER5$ is set to the Nagios servers host name and just define two nrpe commands on the client's. HTH Ritchie, -- <--Time flies like an arrow; fruit flies like a banana. --> </div><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. <a href="http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/" target="_blank">http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/</a> _______________________________________________ Nagios-users mailing list <a href="mailto:Nagios-users@lists.sourceforge.net">Nagios-users@lists.sourceforge.net</a> <a href="https://lists.sourceforge.net/lists/listinfo/nagios-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/nagios-users</a> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null </blockquote></div> </div>