NRPE and CHECK_MFI on FreeBSD

[krw]

Have an old server running FreeBSD 8.1 with NRPE.

Running check_nrpe from NagiosXI server to both old and new:
Old server:
[root@nagiosxi]# /usr/local/nagios/libexec/check_nrpe -H 209.145.xx.xx -n
NRPE v2.12

New Server:
[root@nagiosxi]# /usr/local/nagios/libexec/check_nrpe -H 209.145.yy.yy -n
NRPE v3.2.1

They are Dell servers, using the MFI driver for file systems so am using the
check_mfi plugin.

check_mfi plugin requires sudo access for nagios. NRPE runs under the user:nagios
on both servers.

Added nagios to the sudoers on new server, setup NRPE.CFG same as old server, though
paths have changed between FBSD 8.1 and 11.3.

NRPE.CFG file for the check:

command[check_mfi]=/usr/local/libexec/nagios/check_mfi

This is the same on both servers, except for the path, which is different on the new machine.

Running check_nrpe from NagiosXI to both old and new:

Old server:
[root@nagios]# /usr/local/nagios/libexec/check_nrpe -H 209.145.xx.xx -t 30 -c check_mfi -n -2
OK: mfid0:33G:RAID-1:OPTIMAL mfid1:33G:RAID-1:OPTIMAL mfid2:33G:RAID-1:OPTIMAL mfid3:558G:RAID-5:OPTIMAL Drives:10

Testing New server:
[root@nagios]# /usr/local/nagios/libexec/check_nrpe -H 209.145.yy.yy -t 30 -c check_mfi -n -2
UNKNOWN: error: Could not execute sudo /usr/sbin/mfiutil -u 0 show volumes

Nagios sudoer is the same in both sudo files:

##NAGIOS SUDO User
nagios ALL=(ALL) NOPASSWD: /usr/sbin/mfiutil

Old server:
sudo -u nagios /usr/local/nagios/libexec/check_mfi
OK: mfid0:33G:RAID-1:OPTIMAL mfid1:33G:RAID-1:OPTIMAL mfid2:33G:RAID-1:OPTIMAL mfid3:558G:RAID-5:OPTIMAL Drives:10

New Server:
sudo -u nagios /usr/local/libexec/nagios/check_mfi
OK: mfid0:2235G:RAID-1:OPTIMAL Drives:0

I'm not sure what to else to check here. NRPE on both old and new are running under the nagios user though
the new server is quite a bit newer version of NRPE.

Might be related to the check_mfi plugin but not sure as it works locally.
Perl on old: 5.10.1 and new is 5.30.1
Might be sudo related but don't know enough about it to know for sure as this is the
only thing for which we use sudo.

Anyone have an idea on what to look at here? I'm sorta not sure where to look next.
I have had this running on the old server for near five years and have been alerted to
3 disk failures using this mechanism on this old server.

Thanks,
Keith

[tgriep]

I am guessing that the check_mfi is a script that runs other applications and /usr/sbin/mfiutil is one of them.
Are there any other applications in the check that need to be ran as root?

Try this, edit the /sudoers file and add the plugin to it's settings.

Code: Select all

nagios ALL=NOPASSWD: /usr/local/libexec/nagios/check_mfi

Edit the command in the nrpe.cfg file and add sudo top it like the following example

Code: Select all

command[check_mfi]=sudo /usr/local/libexec/nagios/check_mfi

Save the change and restart the nrpe agent.

Test the check from the nagios server and see if it works.

Another thing, you may have to edit the script and add sudo to the line that is running the /usr/sbin/mfiutil command in the script.

[krw]

Code: Select all

nagios ALL=(ALL) NOPASSWD: /usr/sbin/mfiutil

I am using this on the old server which has worked for years and just
added that line to the sudoers on the new server and that didn't work.

I changed it to as suggested:

Code: Select all

nagios ALL=(ALL) NOPASSWD: /usr/local/libexec/nagios/check_mfi

along with the other change to NRPE, reloaded and got an error when testing from Nagios GUI:

Code: Select all

NRPE: Unable to read output

Backed out the NRPE change of adding sudo before the command line:

Code: Select all

Command completed with return code 3 and output: UNKNOWN: error: Could not execute sudo /usr/sbin/mfiutil -u 0 show volumes
[1582919206] Return Code: 3, Output: UNKNOWN: error: Could not execute sudo /usr/sbin/mfiutil -u 0 show volumes

I am pretty sure its a sudo issue somehow with nagios.

Issuing this on the command line:

Code: Select all

 sudo -u nagios /usr/local/libexec/nagios/check_mfi 
OK: mfid0:2235G:RAID-1:OPTIMAL Drives:0

Returns OK, but Drives is 0 which should be 4 so there is something in the count
that is not right with the the check_mfi script.

For something that should have been simple is turned into a PIA.
Thanks.

[tgriep]

I did not say to remove the following line from the sudoers file.

Code: Select all

nagios ALL=(ALL) NOPASSWD: /usr/sbin/mfiutil

I asked to have another line added to the file.
Leave the original line alone and add this to the sudoers file.

Code: Select all

nagios ALL=NOPASSWD: /usr/local/libexec/nagios/check_mfi

And add this line to the sudoers file.

Code: Select all

Defaults:nagios !requiretty

Change the nrpe.cfg file and test the plugin from nagios.

[krw]

Apologies, misunderstood and did not read properly.

Have added to sudoers:

nagios ALL=(ALL) NOPASSWD: /usr/sbin/mfiutil
nagios ALL=(ALL) NOPASSWD: /usr/local/libexec/nagios/check_mfi

Defaults:nagios !requiretty

Changed NRPE to add sudo to the command line:

command[check_mfi]=sudo /usr/local/libexec/nagios/check_mfi

Result in nrpe.log:

Running command: sudo /usr/local/libexec/nagios/check_mfi
[1582926647] Command completed with return code 3 and output:
[1582926647] Return Code: 3, Output: NRPE: Unable to read output

[krw]

Since sudo was not working I thought why not just try without.

I commented out nagios stuff in sudoers, removed the sudo from
the nrpe.cfg file for the check_mfi, restarted nrpe and su'd to the
nagios user directly:

[nagios@target_server ~]$ /usr/local/libexec/nagios/check_mfi
OK: mfid0:2235G:RAID-1:OPTIMAL Drives:0

Worked.

So tried from nagios CLI:

[root@nagios]# /usr/local/nagios/libexec/check_nrpe -H 209.145.xx.xx -t 30 -c check_mfi -n -2 -E
OK: Drives:0

worked, tested from GUI and it worked as well. Still cannot see why sudo works on old system and
not on the new one, but at least it returns an OK now, but does not return other info I need. Thats
on check_mfi and will go see why that is.

Lock thread. I think this is done.
Thanks for the help. Much appreciated.