Code: Select all
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.
Code: Select all
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.
Code: Select all
# COMMAND ARGUMENT PROCESSING
# This option determines whether or not the NRPE daemon will allow clients
# to specify arguments to commands that are executed. This option only works
# if the daemon was configured with the --enable-command-args configure script
# option.
#
# *** ENABLING THIS OPTION IS A SECURITY RISK! ***
# Read the SECURITY file for information on some of the security implications
# of enabling this variable.
#
# Values: 0=do not allow arguments, 1=allow command arguments
dont_blame_nrpe=1
Code: Select all
in nagios-nrpe_2.15-1ubuntu1.diff:
nagios-nrpe (2.15-1) unstable; urgency=high
This update disables the command-args support in nrpe. The feature
has several security problems and is often used wrong. If you have to
use this feature recompile the package with --enable-command-args
in debian/rules.
-- Alexander Wirt <formorer@debian.org> Tue, 15 Jul 2014 09:52:48 +0200
This files are included from the /etc/nagios/nrpe.cfg
This package is built without support for command argument processing. If you
want to enable it, you will have to rebuild this package with
--enable-command-args in debian/rules.
The feature has several security problems and should not be used. If you
really need some dynamic argument processing try check_by_ssh or something
similar.
Code: Select all
ubuntu@compute1:~$ grep dont_blame_nrpe= /etc/nagios/nrpe.cfg
dont_blame_nrpe=1
ubuntu@head1:~$ grep dont_blame_nrpe= /etc/nagios/nrpe.cfg
dont_blame_nrpe=1
Code: Select all
ubuntu@compute1:~$ grep nrpe /var/log/syslog |tail -n 6
Nov 29 21:31:41 compute01 nrpe[22879]: Error: Request contained command arguments!
Nov 29 21:31:41 compute01 nrpe[22879]: Client request was invalid, bailing out...
Nov 29 21:31:42 compute01 nrpe[22881]: Error: Request contained command arguments!
Nov 29 21:31:42 compute01 nrpe[22881]: Client request was invalid, bailing out...
Code: Select all
ubuntu@compute1:~$ sudo service nagios-nrpe-server status
● nagios-nrpe-server.service - LSB: Start/Stop the Nagios remote plugin execution daemon
Loaded: loaded (/etc/init.d/nagios-nrpe-server; bad; vendor preset: enabled)
Active: active (running) since Tue 2016-11-22 23:54:03 UTC; 6 days ago
Docs: man:systemd-sysv-generator(8)
Tasks: 1
Memory: 516.0K
CPU: 4min 35.056s
CGroup: /system.slice/nagios-nrpe-server.service
└─15176 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
Nov 29 21:55:59 compute1 nrpe[26628]: Error: Request contained command arguments!
Nov 29 21:56:02 compute1 nrpe[26630]: Error: Request contained command arguments!
Nov 29 21:56:37 compute1 nrpe[26688]: Error: Request contained command arguments!
Nov 29 21:56:40 compute1 nrpe[26694]: Error: Request contained command arguments!
Nov 29 21:56:42 compute1 nrpe[26698]: Error: Request contained command arguments!
Nov 29 21:56:57 compute1 nrpe[26706]: Error: Request contained command arguments!
Nov 29 21:56:58 compute1 nrpe[26711]: Error: Request contained command arguments!
Nov 29 21:57:00 compute1 nrpe[26713]: Error: Request contained command arguments!
Nov 29 21:57:42 compute1 nrpe[26750]: Error: Request contained command arguments!
Nov 29 21:57:42 compute1 nrpe[26752]: Error: Request contained command arguments!