Installing NRPE on FreePBX Distro

[Tim7473]

It's running under xinetd. I've restarted the service and the whole VM several times. Just rebooted again before running ps -ef|grep nrpe. Result:
root 1956 1903 0 13:15 pts/0 00:00:00 grep nrpe

Also tried:
# service xinetd status
xinetd (pid 2094) is running...

I tried ./check_nrpe -H <FREEPBXIP> -n from the Nagios box again and this is the error I'm seeing in /var/log/messages on the FreePBX box when that runs:

xinetd[2094]: START: nrpe pid=2539 from=::ffff:<NAGIOSBOXIP>
nrpe[2539]: Error: Could not complete SSL handshake. 1
xinetd[2094]: EXIT: nrpe status=0 pid=2539 duration=0(sec)

The FreePBX box is just a test system I have set up to try and get NRPE working. Should I reimage and just try the install again from scratch?

[rkennedy]

Can you please post your cat /etc/xinetd.d/nrpe file for us to review?

[Tim7473]

# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 <NAGIOS SERVER IP>
per_source = UNLIMITED
instances = UNLIMITED
}

[rkennedy]

Let's check the NRPE log out, can you run this command and post the output?

Code: Select all

grep 'nrpe' /var/log/messages

[Tim7473]

Here is the output:

Feb 17 11:09:03 <<FREEPBX HOSTNAME>> xinetd[5784]: START: nrpe pid=10144 from=::1
Feb 17 11:09:03 <<FREEPBX HOSTNAME>> xinetd[10144]: FAIL: nrpe address from=::1
Feb 17 11:09:03 <<FREEPBX HOSTNAME>> xinetd[5784]: EXIT: nrpe status=0 pid=10144 duration=0(sec)
Feb 17 16:57:09 <<FREEPBX HOSTNAME>> xinetd[1095]: START: nrpe pid=1951 from=::1
Feb 17 16:57:09 <<FREEPBX HOSTNAME>> xinetd[1951]: FAIL: nrpe address from=::1
Feb 17 16:57:09 <<FREEPBX HOSTNAME>> xinetd[1095]: EXIT: nrpe status=0 pid=1951 duration=0(sec)
Feb 17 16:57:20 <<FREEPBX HOSTNAME>> xinetd[1095]: START: nrpe pid=1974 from=::1
Feb 17 16:57:20 <<FREEPBX HOSTNAME>> xinetd[1974]: FAIL: nrpe address from=::1
Feb 17 16:57:20 <<FREEPBX HOSTNAME>> xinetd[1095]: EXIT: nrpe status=0 pid=1974 duration=0(sec)
Feb 17 16:58:31 <<FREEPBX HOSTNAME>> xinetd[1095]: START: nrpe pid=2052 from=::1
Feb 17 16:58:31 <<FREEPBX HOSTNAME>> xinetd[2052]: FAIL: nrpe address from=::1
Feb 17 16:58:31 <<FREEPBX HOSTNAME>> xinetd[1095]: EXIT: nrpe status=0 pid=2052 duration=0(sec)
Feb 18 09:24:04 <<FREEPBX HOSTNAME>> xinetd[1095]: START: nrpe pid=1984 from=::1
Feb 18 09:24:04 <<FREEPBX HOSTNAME>> xinetd[1984]: FAIL: nrpe address from=::1
Feb 18 09:24:04 <<FREEPBX HOSTNAME>> xinetd[1095]: EXIT: nrpe status=0 pid=1984 duration=0(sec)
Feb 18 09:25:06 <<FREEPBX HOSTNAME>> xinetd[1095]: START: nrpe pid=2015 from=::ffff:<<NAGIOS SERVER IP>>
Feb 18 09:25:06 <<FREEPBX HOSTNAME>> nrpe[2015]: Error: Could not complete SSL handshake. 5
Feb 18 09:25:06 <<FREEPBX HOSTNAME>> xinetd[1095]: EXIT: nrpe status=0 pid=2015 duration=0(sec)
Feb 18 09:26:05 <<FREEPBX HOSTNAME>> xinetd[1095]: START: nrpe pid=2041 from=::ffff:<<NAGIOS SERVER IP>>
Feb 18 09:26:05 <<FREEPBX HOSTNAME>> nrpe[2041]: Error: Could not complete SSL handshake. 1
Feb 18 09:26:05 <<FREEPBX HOSTNAME>> xinetd[1095]: EXIT: nrpe status=0 pid=2041 duration=0(sec)
Feb 18 13:17:00 <<FREEPBX HOSTNAME>> xinetd[1102]: START: nrpe pid=1963 from=::ffff:<<NAGIOS SERVER IP>>
Feb 18 13:17:00 <<FREEPBX HOSTNAME>> nrpe[1963]: Error: Could not complete SSL handshake. 1
Feb 18 13:17:00 <<FREEPBX HOSTNAME>> xinetd[1102]: EXIT: nrpe status=0 pid=1963 duration=0(sec)
Feb 18 13:20:28 <<FREEPBX HOSTNAME>> xinetd[2078]: START: nrpe pid=2082 from=::ffff:<<NAGIOS SERVER IP>>
Feb 18 13:20:28 <<FREEPBX HOSTNAME>> nrpe[2082]: Error: Could not complete SSL handshake. 1
Feb 18 13:20:28 <<FREEPBX HOSTNAME>> xinetd[2078]: EXIT: nrpe status=0 pid=2082 duration=0(sec)
Feb 18 13:31:53 <<FREEPBX HOSTNAME>> xinetd[2094]: START: nrpe pid=2381 from=::ffff:<<NAGIOS SERVER IP>>
Feb 18 13:31:53 <<FREEPBX HOSTNAME>> nrpe[2381]: Error: Could not complete SSL handshake. 5
Feb 18 13:31:53 <<FREEPBX HOSTNAME>> xinetd[2094]: EXIT: nrpe status=0 pid=2381 duration=0(sec)
Feb 18 13:31:58 <<FREEPBX HOSTNAME>> xinetd[2094]: START: nrpe pid=2382 from=::ffff:<<NAGIOS SERVER IP>>
Feb 18 13:31:58 <<FREEPBX HOSTNAME>> nrpe[2382]: Error: Could not complete SSL handshake. 1
Feb 18 13:31:58 <<FREEPBX HOSTNAME>> xinetd[2094]: EXIT: nrpe status=0 pid=2382 duration=0(sec)
Feb 18 13:37:07 <<FREEPBX HOSTNAME>> xinetd[2094]: START: nrpe pid=2539 from=::ffff:<<NAGIOS SERVER IP>>
Feb 18 13:37:07 <<FREEPBX HOSTNAME>> nrpe[2539]: Error: Could not complete SSL handshake. 1
Feb 18 13:37:07 <<FREEPBX HOSTNAME>> xinetd[2094]: EXIT: nrpe status=0 pid=2539 duration=0(sec)

[jolson]

Is SELinux running?

Code: Select all

sestatus

Check library dependencies of your NRPE binary:

Code: Select all

ldd <path to NRPE binary>

Example:

Code: Select all

ldd /usr/local/nagios/bin/nrpe

Is the nagios user generated and not-expired?

Code: Select all

grep nagios /etc/passwd
chage -l nagios

[ssax]

In addition to jolson's post, please try this:

Code: Select all

mkdir -p /usr/local/nagios/etc
cp /tmp/nrpe-2.15/sample-config/nrpe.cfg /usr/local/nagios/etc
chown -R nagios.nagios /usr/local/nagios/etc/
service xinetd restart

[Tim7473]

Thanks for the suggestions.

# sestatus
SELinux status: disabled

# ldd /usr/local/nagios/bin/nrpe
linux-vdso.so.1 => (0x00007fff2a7ff000)
libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007fbadc8d6000)
libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007fbadc4f3000)
libnsl.so.1 => /lib64/libnsl.so.1 (0x00007fbadc2d9000)
libc.so.6 => /lib64/libc.so.6 (0x00007fbadbf45000)
libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007fbadbd01000)
libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fbadba1a000)
libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fbadb816000)
libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007fbadb5ea000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007fbadb3e5000)
libz.so.1 => /lib64/libz.so.1 (0x00007fbadb1cf000)
/lib64/ld-linux-x86-64.so.2 (0x00007fbadcb4d000)
libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007fbadafc4000)
libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fbadadc0000)
libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fbadaba6000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fbada989000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fbada769000)

# grep nagios /etc/passwd
nagios500:500::/home/nagios:/bin/bash

# chage -l nagios
Last password change : Feb 15, 2016
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

ssax, I had already created the /user/local/nagios/etc directory and moved the sample config over. I hadn't changed the ownership though, which I did and restarted xinetd and it seems to be giving me the same result.

[lmiltchev]

What happens if you comment out the "only_from" line in the "/etc/xinetd.d/nrpe" file, and restart xinetd?

Code: Select all

service xinetd restart

Does your check work then? You may also try running:

Code: Select all

service fail2ban stop
service iptables stop
service ip6tables stop

Test the check from Nagios XI:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H <remote ip>

If it fails again, run the following command on the remote (FreePBX) box, and post the output in code wraps:

Code: Select all

tail -100 /var/log/messages

I tested this yesterday, and it seemed to work for me. See below:

example01.PNG

example02.PNG