NCPA listener timing out on LDAP enabled RHEL servers
Posted: Fri Aug 09, 2019 12:33 pm
We are running into an issue when installing ncpa 2.1.7 on RHEL servers. This exact issue which says was resolved in 2.1.7: https://github.com/NagiosEnterprises/ncpa/issues/523.
We have the below set in the config file but it is still walking the NFS mounted filesystem:
exclude_fs_types = aufs,autofs,binfmt_misc,cifs,cgroup,configfs,debugfs,devpts,devtmpfs,encryptfs,efivarfs,fuse,fusectl,hugetlbfs,mqueue,nfs,overlayfs,proc,pstore,rpc_pipefs,securityfs,selinuxfs,smb,sysfs,tmpfs,tracefs
The NCPA installs, but cannot start the listener. The listener is walking the NFS mounted filesystem and it looks like it runs as root which has no privileges in the remote filesystems. It sees a directory entry and tries to get to that file or directory, not sure which, and cannot see it. After about 5 minutes of walking the tree the listener dies.
There must be a way to config ncpa to NOT walk the tree or at least not walk remote filesystem tree.
We have a lot of servers with over 320 remote mounts and some with over a 1000.
The first thing it does is attempt to create a group called nagios, and most of these systems are LDAP enabled, so it attempts to create the group in LDAP, which fails.
Are there any other workarounds to this?
We have the below set in the config file but it is still walking the NFS mounted filesystem:
exclude_fs_types = aufs,autofs,binfmt_misc,cifs,cgroup,configfs,debugfs,devpts,devtmpfs,encryptfs,efivarfs,fuse,fusectl,hugetlbfs,mqueue,nfs,overlayfs,proc,pstore,rpc_pipefs,securityfs,selinuxfs,smb,sysfs,tmpfs,tracefs
The NCPA installs, but cannot start the listener. The listener is walking the NFS mounted filesystem and it looks like it runs as root which has no privileges in the remote filesystems. It sees a directory entry and tries to get to that file or directory, not sure which, and cannot see it. After about 5 minutes of walking the tree the listener dies.
There must be a way to config ncpa to NOT walk the tree or at least not walk remote filesystem tree.
We have a lot of servers with over 320 remote mounts and some with over a 1000.
The first thing it does is attempt to create a group called nagios, and most of these systems are LDAP enabled, so it attempts to create the group in LDAP, which fails.
Are there any other workarounds to this?