Configuration Verification issue

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
User avatar
lmiltchev
Bugs find me
Posts: 13589
Joined: Mon May 23, 2011 12:15 pm

Re: Configuration Verification issue

Post by lmiltchev »

Can cron run as nagios? Run the following commands and show us the output:

Code: Select all

service crond restart
ps -ef | grep cron
chage nagios -l
tail -50 /var/log/cron
Be sure to check out our Knowledgebase for helpful articles and solutions!
Top
raamardhani7
Posts: 459
Joined: Tue Jun 02, 2015 12:36 am

Re: Configuration Verification issue

Post by raamardhani7 »

lmiltchev wrote:Can cron run as nagios? Run the following commands and show us the output:

Code: Select all

service crond restart
ps -ef | grep cron
chage nagios -l
tail -50 /var/log/cron
Hi..

Please find the output updated below:

Code: Select all

[root@lussvpnagiosxi00 ~]# service crond restart
Stopping crond:                                            [  OK  ]
Starting crond:                                            [  OK  ]

Code: Select all

[root@lussvpnagiosxi00 ~]# ps -ef | grep cron
root      9815     1 27 00:14 ?        00:00:01 crond
root      9837  5882  0 00:14 pts/1    00:00:00 grep cron

Code: Select all

[root@lussvpnagiosxi00 ~]# chage nagios -l
Last password change                                    : Jun 17, 2015
Password expires                                        : Sep 15, 2015
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 7
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 7

Code: Select all

[root@lussvpnagiosxi00 ~]# tail -50 /var/log/cron
Sep 23 00:09:01 lussvpnagiosxi00 crond[8579]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:09:01 lussvpnagiosxi00 crond[8572]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8789]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8794]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8792]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8796]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8793]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8790]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8788]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8797]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8795]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8791]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 CROND[8811]: (root) CMD (LANG=C LC_ALL=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok)
Sep 23 00:10:01 lussvpnagiosxi00 CROND[8812]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9017]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9019]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9022]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9024]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9018]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9020]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9023]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9021]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9227]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9226]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9229]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9230]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9232]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9225]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9228]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9231]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9443]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9442]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9445]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9446]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9447]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9444]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9441]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9448]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9671]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9668]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9666]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9667]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9670]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9673]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9672]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9669]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:36 lussvpnagiosxi00 crond[9815]: (CRON) STARTUP (1.4.4)
Sep 23 00:14:36 lussvpnagiosxi00 crond[9815]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 83% if used.)
Sep 23 00:14:37 lussvpnagiosxi00 crond[9815]: (CRON) INFO (running with inotify support)
Sep 23 00:14:37 lussvpnagiosxi00 crond[9815]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
Top
User avatar
lmiltchev
Bugs find me
Posts: 13589
Joined: Mon May 23, 2011 12:15 pm

Re: Configuration Verification issue

Post by lmiltchev »

Here's your issue:
Sep 23 00:10:01 lussvpnagiosxi00 crond[8796]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
You need to allow cron to run as nagios (not only as root)... Modify your PAM settings. The "ps" output would normally show the nagios cron jobs running, i.e.:

Code: Select all

ps -ef | grep cron
root      1625     1  0 Sep14 ?        00:00:18 crond
nagios   20816 20814  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php > /usr/local/nagiosxi/var/cmdsubsys.log 2>&1
nagios   20817 20812  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php > /usr/local/nagiosxi/var/feedproc.log 2>&1
nagios   20819 20808  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cleaner.php > /usr/local/nagiosxi/var/cleaner.log 2>&1
nagios   20820 20813  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php > /usr/local/nagiosxi/var/eventman.log 2>&1
nagios   20821 20815  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php > /usr/local/nagiosxi/var/sysstat.log 2>&1
nagios   20822 20816  4 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php
nagios   20823 20811  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php > /usr/local/nagiosxi/var/perfdataproc.log 2>&1
nagios   20824 20817  5 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php
nagios   20825 20820  7 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php
nagios   20826 20821  5 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php
nagios   20829 20819  9 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cleaner.php
nagios   20830 20823  4 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php
root     20928 18009  0 10:07 pts/2    00:00:00 grep cron
Is your nagios password expired?
Password expires : Sep 15, 2015
You can remove the password on nagios user by running:

Code: Select all

chage -I -1 -m -1 -E -1 nagios
Be sure to check out our Knowledgebase for helpful articles and solutions!
Top
raamardhani7
Posts: 459
Joined: Tue Jun 02, 2015 12:36 am

Re: Configuration Verification issue

Post by raamardhani7 »

lmiltchev wrote:Here's your issue:
Sep 23 00:10:01 lussvpnagiosxi00 crond[8796]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
You need to allow cron to run as nagios (not only as root)... Modify your PAM settings. The "ps" output would normally show the nagios cron jobs running, i.e.:

Code: Select all

ps -ef | grep cron
root      1625     1  0 Sep14 ?        00:00:18 crond
nagios   20816 20814  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php > /usr/local/nagiosxi/var/cmdsubsys.log 2>&1
nagios   20817 20812  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php > /usr/local/nagiosxi/var/feedproc.log 2>&1
nagios   20819 20808  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cleaner.php > /usr/local/nagiosxi/var/cleaner.log 2>&1
nagios   20820 20813  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php > /usr/local/nagiosxi/var/eventman.log 2>&1
nagios   20821 20815  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php > /usr/local/nagiosxi/var/sysstat.log 2>&1
nagios   20822 20816  4 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php
nagios   20823 20811  0 10:07 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php > /usr/local/nagiosxi/var/perfdataproc.log 2>&1
nagios   20824 20817  5 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php
nagios   20825 20820  7 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php
nagios   20826 20821  5 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php
nagios   20829 20819  9 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cleaner.php
nagios   20830 20823  4 10:07 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php
root     20928 18009  0 10:07 pts/2    00:00:00 grep cron
Is your nagios password expired?
Password expires : Sep 15, 2015
You can remove the password on nagios user by running:

Code: Select all

chage -I -1 -m -1 -E -1 nagios
Hi..
Sep 23 00:10:01 lussvpnagiosxi00 crond[8796]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Could you please let me know how can I make it run using Nagios user too

I ran the command you asked me to execute.

Code: Select all

chage -I -1 -m -1 -E -1 nagios
[/quote]

I restarted the Nagios services and crond service, below is the output of:

Code: Select all

tail -10 /var/log/cron
Sep 23 15:22:53 lussvpnagiosxi00 crond[27787]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27833]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27831]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27828]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27829]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27832]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27830]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27827]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27834]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Top
User avatar
lmiltchev
Bugs find me
Posts: 13589
Joined: Mon May 23, 2011 12:15 pm

Re: Configuration Verification issue

Post by lmiltchev »

Can you run the following commands again and show the output?

Code: Select all

chage nagios -l
ps -ef | grep cron
It seems to me that someone has modified PAM. You will need to talk to whoever "hardened" the box as modifying PAM is out of the scope of Nagios support. I would recommend checking the "/etc/pam.d/crond" and "/etc/security/access.conf" files. Do you have "/etc/cron.allow" or "/etc/cron.deny" on this box?
Be sure to check out our Knowledgebase for helpful articles and solutions!
Top
raamardhani7
Posts: 459
Joined: Tue Jun 02, 2015 12:36 am

Re: Configuration Verification issue

Post by raamardhani7 »

lmiltchev wrote:Can you run the following commands again and show the output?

Code: Select all

chage nagios -l
ps -ef | grep cron
It seems to me that someone has modified PAM. You will need to talk to whoever "hardened" the box as modifying PAM is out of the scope of Nagios support. I would recommend checking the "

Code: Select all

/etc/pam.d/crond
" and "/etc/security/access.conf" files. Do you have "/etc/cron.allow" or "/etc/cron.deny" on this box?
Hi Please find the output

Code: Select all

[root@lussvpnagiosxi00 ~]# chage nagios -l
Last password change                                    : Jun 17, 2015
Password expires                                        : Sep 15, 2015
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : -1
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 7

Code: Select all

[root@lussvpnagiosxi00 ~]# ps -ef | grep cron
root     22231 22144  0 22:00 pts/1    00:00:00 grep cron
root     27787     1  0 15:22 ?        00:00:03 crond

Code: Select all

[root@lussvpnagiosxi00 pam.d]# cat crond
#
# The PAM configuration file for the cron daemon
#
#
# No PAM authentication called, auth modules not needed
account    required   pam_access.so
account    include    password-auth
session    required   pam_loginuid.so
session    include    password-auth
auth       include    password-auth

Code: Select all

[root@lussvpnagiosxi00 pam.d]# cat /etc/security/access.conf
# Login access control table.
#
# Comment line must start with "#", no space at front.
# Order of lines is important.
#
# When someone logs in, the table is scanned for the first entry that
# matches the (user, host) combination, or, in case of non-networked
# logins, the first entry that matches the (user, tty) combination.  The
# permissions field of that table entry determines whether the login will
# be accepted or refused.
#
# Format of the login access control table is three fields separated by a
# ":" character:
#
# [Note, if you supply a 'fieldsep=|' argument to the pam_access.so
# module, you can change the field separation character to be
# '|'. This is useful for configurations where you are trying to use
# pam_access with X applications that provide PAM_TTY values that are
# the display variable like "host:0".]
#
#       permission : users : origins
#
# The first field should be a "+" (access granted) or "-" (access denied)
# character.
#
# The second field should be a list of one or more login names, group
# names, or ALL (always matches). A pattern of the form user@host is
# matched when the login name matches the "user" part, and when the
# "host" part matches the local machine name.
#
# The third field should be a list of one or more tty names (for
# non-networked logins), host names, domain names (begin with "."), host
# addresses, internet network numbers (end with "."), ALL (always
# matches), NONE (matches no tty on non-networked logins) or
# LOCAL (matches any string that does not contain a "." character).
#
# You can use @netgroupname in host or user patterns; this even works
# for @usergroup@@hostgroup patterns.
#
# The EXCEPT operator makes it possible to write very compact rules.
#
# The group file is searched only when a name does not match that of the
# logged-in user. Both the user's primary group is matched, as well as
# groups in which users are explicitly listed.
# To avoid problems with accounts, which have the same name as a group,
# you can use brackets around group names '(group)' to differentiate.
# In this case, you should also set the "nodefgroup" option.
#
# TTY NAMES: Must be in the form returned by ttyname(3) less the initial
# "/dev" (e.g. tty1 or vc/1)
#
##############################################################################
#
# Disallow non-root logins on tty1
#
#-:ALL EXCEPT root:tty1
#
# Disallow console logins to all but a few accounts.
#
#-:ALL EXCEPT wheel shutdown sync:LOCAL
#
# Same, but make sure that really the group wheel and not the user
# wheel is used (use nodefgroup argument, too):
#
#-:ALL EXCEPT (wheel) shutdown sync:LOCAL
#
# Disallow non-local logins to privileged accounts (group wheel).
#
#-:wheel:ALL EXCEPT LOCAL .win.tue.nl
#
# Some accounts are not allowed to login from anywhere:
#
#-:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL
#
# All other accounts are allowed to login from anywhere.
#
##############################################################################
# All lines from here up to the end are building a more complex example.
##############################################################################
#
# User "root" should be allowed to get access via cron .. tty5 tty6.
#+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6
#
# User "root" should be allowed to get access from hosts with ip addresses.
#+ : root : 192.168.200.1 192.168.200.4 192.168.200.9
#+ : root : 127.0.0.1
#
# User "root" should get access from network 192.168.201.
# This term will be evaluated by string matching.
# comment: It might be better to use network/netmask instead.
#          The same is 192.168.201.0/24 or 192.168.201.0/255.255.255.0
#+ : root : 192.168.201.
#
# User "root" should be able to have access from domain.
# Uses string matching also.
#+ : root : .foo.bar.org
#
# User "root" should be denied to get access from all other sources.
#- : root : ALL
#
# User "foo" and members of netgroup "nis_group" should be
# allowed to get access from all sources.
# This will only work if netgroup service is available.
#+ : @nis_group foo : ALL
#
# User "john" should get access from ipv4 net/mask
#+ : john : 127.0.0.0/24
#
# User "john" should get access from ipv4 as ipv6 net/mask
#+ : john : ::ffff:127.0.0.0/127
#
# User "john" should get access from ipv6 host address
#+ : john : 2001:4ca0:0:101::1
#
# User "john" should get access from ipv6 host address (same as above)
#+ : john : 2001:4ca0:0:101:0:0:0:1
#
# User "john" should get access from ipv6 net/mask
#+ : john : 2001:4ca0:0:101::/64
#
# All other users should be denied to get access from all sources.
#- : ALL : ALL

Code: Select all

[root@lussvpnagiosxi00 etc]# ls -ltr /etc/cron.allow
-r--------. 1 root root 5 Jul 16  2013 /etc/cron.allow
[root@lussvpnagiosxi00 etc]# ls -ltr /etc/cron.deny
-rw-------. 1 root root 0 Sep 12  2013 /etc/cron.deny

Code: Select all

[root@lussvpnagiosxi00 etc]# cat /etc/cron.allow
root
[root@lussvpnagiosxi00 etc]# cat /etc/cron.deny
[root@lussvpnagiosxi00 etc]#
I am not sure who changed the PAM settings on this server. Could you please help me with this here,as I am not havin any clue on it. thanks..
Top
User avatar
lmiltchev
Bugs find me
Posts: 13589
Joined: Mon May 23, 2011 12:15 pm

Re: Configuration Verification issue

Post by lmiltchev »

For some reason, the password expiration line didn't change after running the command I gave you. You still have:

Code: Select all

Password expires                                        : Sep 15, 2015
but you should have:

Code: Select all

Password expires                                        : never
Did you use "-1" (number one) or "-l" (letter L)? This needs to be a number:

Code: Select all

chage -I -1 -m -1 -E -1 nagios
Try running the above command again and check to see if the password expiration line changed:

Code: Select all

chage nagios -l
Next, try stopping/starting crond again:

Code: Select all

service crond stop
killall crond
service crond start
and check to see if cronjobs are running:

Code: Select all

ps -ef | grep cron
If this doesn't resolve your issue, I would recommend contacting your security/admin team. There is no way for us to know what they have changed on the system.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Top
raamardhani7
Posts: 459
Joined: Tue Jun 02, 2015 12:36 am

Re: Configuration Verification issue

Post by raamardhani7 »

lmiltchev wrote:For some reason, the password expiration line didn't change after running the command I gave you. You still have:

Code: Select all

Password expires                                        : Sep 15, 2015
but you should have:

Code: Select all

Password expires                                        : never
Did you use "-1" (number one) or "-l" (letter L)? This needs to be a number:

Code: Select all

chage -I -1 -m -1 -E -1 nagios
Try running the above command again and check to see if the password expiration line changed:

Code: Select all

chage nagios -l
Next, try stopping/starting crond again:

Code: Select all

service crond stop
killall crond
service crond start
and check to see if cronjobs are running:

Code: Select all

ps -ef | grep cron
If this doesn't resolve your issue, I would recommend contacting your security/admin team. There is no way for us to know what they have changed on the system.
Hi..

Thanks a lot for your help, thanks to all for your guidance..

The issue is now sorted out, and the command that worked or helped to close this issue is:

Code: Select all

chage -m 0 -M 99999 -I -1 -E -1 nagios

Code: Select all

 chage --list nagios
Last password change                                    : Jun 17, 2015
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

Code: Select all

[root@lussvpnagiosxi00 ~]# service crond stop
Stopping crond:                                            [  OK  ]
[root@lussvpnagiosxi00 ~]# killall crond
[root@lussvpnagiosxi00 ~]# service crond start
Starting crond:                                            [  OK  ]
[root@lussvpnagiosxi00 ~]# ps -ef | grep cron
nagios   12882     1  0 08:16 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php > /usr/local/nagiosxi/var/cmdsubsys.log 2>&1
nagios   12883     1  0 08:16 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php > /usr/local/nagiosxi/var/feedproc.log 2>&1
nagios   12885     1  0 08:16 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php > /usr/local/nagiosxi/var/sysstat.log 2>&1
nagios   12886     1  0 08:16 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php > /usr/local/nagiosxi/var/perfdataproc.log 2>&1
nagios   12888     1  0 08:16 ?        00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php > /usr/local/nagiosxi/var/eventman.log 2>&1
nagios   12891 12885  0 08:16 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php
nagios   12893 12882  0 08:16 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php
nagios   12894 12888  0 08:16 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php
nagios   12895 12886  0 08:16 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php
nagios   12896 12883  0 08:16 ?        00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php
nagios   13081 12482  0 08:16 ?        00:00:00 /usr/local/nagios/libexec/check_nrpe -H 172.28.45.65 -t 30 -c check_services -a cron
root     13094     1 20 08:16 ?        00:00:01 crond
root     13154 21674  0 08:16 pts/1    00:00:00 grep cron
[root@lussvpnagiosxi00 ~]# service nagios restart
Running configuration check...
Stopping nagios: done.
Starting nagios: done.
You can now close this thread.. :)
Thanks again to all who contributed in fixing the issue...
Top
Locked

Return to “Nagios XI”