Running NCPA plugin as sudo

[IT-OPS-SYS]

Hi team,

I have a ncpa plugin (nfs-kern.py script) which i have put under the location /usr/local/ncpa/plugins and given the user group as nagios:nagios.

i have edited the ncpa.cfg with the below changes as i have to run this script as sudo as we cannot run this script as Nagios user:

Comma separated list of plugins to run through sudo. Note: You will need to update your sudoers
# configuration for these plugins to work when called with sudo.
nfs-kern.py
# Example: check_special,check_root_files
# (Command line: sudo /<plugin_absolute_path>/check_special <arguments>)
#
# This is for Unix only (Linux, Mac OS X, etc)
#
run_with_sudo = /usr/local/ncpa/plugins/nfs-kern.py

after this when i am running the plugin using the nagios user, I am getting an error :PermissionError: [Errno 13] Permission denied:

Note: i have already added nagios user in the sudo group using command: sudo usermod -aG sudo nagios.

[vtrac]

Hi,
How are you doing?
Since you already add the below to your remote NCPA agent, we also need to add the script to the "sudoers" file also.

Code: Select all

run_with_sudo = /usr/local/ncpa/plugins/nfs-kern.py

NOTE, the command you used in your last replied "sudo usermod -aG sudo nagios",
which only add "nagios" to the group call "sudo" .... this is NOT what we want.

Please use "visudo" command to add the followings to the "/etc/sudoers" file on your remote NCPA agent.
This will give "nfs-kern.py" to be ran with "sudo".

Code: Select all

nagios ALL=(ALL) NOPASSWD:/usr/local/ncpa/plugins/nfs-kern.py

Also, the "run_with_sudo" was add to NCPA 2.1, so please make sure you are using NCPA 2.1 or newer version.
https://www.nagios.org/ncpa/help/2.2/index.html


Best Regards,
Vinh

[IT-OPS-SYS]

hi Vinh,

thanks for the reply!!!

i am using the NCPA version 2.3.1-1 on ubuntu. Added the sudoers file as per the above directions and if i run this script as Nagios user i get the permission denied error:

root@iadoscomp005:/usr/local/ncpa/plugins# su -c /usr/local/ncpa/plugins/nfs-kern.py nagios
Traceback (most recent call last):
File "/usr/local/ncpa/plugins/nfs-kern.py", line 11, in <module>
with open('/var/log/kern.log', 'r') as file:
PermissionError: [Errno 13] Permission denied: '/var/log/kern.log'
root@iadoscomp005:/usr/local/ncpa/plugins#

See the user permission in the attached screenshots. Check the attached screenshot for further information.

[vtrac]

Hi,
How are you doing?
Based on the command used (below), you logged in as "root" and you instructed its to run as "nagios" user:

su -c /usr/local/ncpa/plugins/nfs-kern.py nagios

So, "nagios" user might not have permission to write to "/var/log/kern.log".

Please run the below command and post the outputs:

Code: Select all

ls -l /var/log/kern.log

You can also change the permission of "/var/log/kern.log" as follows, the re-ran the script again:

Code: Select all

chmod 666 /var/log/kern.log

Also, please upload your "nfs-kern.py" script.


Best Regards,
Vinh

[IT-OPS-SYS]

i m not writing to that file , i just wanted to read from that file.

attached is the script

[vtrac]

Hi,
Sorry, you are right .... you open the file for reading ....

Please do the followings, the re-ran your command again:

Code: Select all

chmod 666 /var/log/kern.log

Best Regards,
Vinh

[IT-OPS-SYS]

now it worked buddy!!!

wat extra did u do now which i missed earlier.

[vtrac]

Hi,
Great!! .... glad that it is working now.

Your only issue earlier was permission of "/var/log/kern.log", which was fixed.

May I close this ticket?


Regards,
Vinh

[IT-OPS-SYS]

u may close the ticket. thanks and have a good one!!

[vtrac]

Great!! .... locking ticket ...