Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

NagiosXI not emailing scheduled reports

https://support.nagios.com/forum/viewtopic.php?t=42832

Page 2 of 3

Re: NagiosXI not emailing scheduled reports

Posted: Wed Mar 08, 2017 5:41 pm
by dwhitfield
For the purposes of testing, can you use this sudoers:

Code: Select all

## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
##
## Examples are provided at the bottom of the file for collections
## of related commands, which can then be delegated out to particular
## users or groups.
##
## This file must be edited with the 'visudo' command.

## Host Aliases
## Groups of machines. You may prefer to use hostnames (perhaps using
## wildcards for entire domains) or IP addresses instead.
# Host_Alias     FILESERVERS = fs1, fs2
# Host_Alias     MAILSERVERS = smtp, smtp2

## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem


## Command Aliases
## These are groups of related commands...

## Networking
# Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool

## Installation and management of software
# Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum

## Services
# Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig, /usr/bin/systemctl start, /usr/bin/systemctl stop, /usr/bin/systemctl reload, /usr/bin/systemctl restart, /usr/bin/systemctl status, /usr/bin/systemctl enable, /usr/bin/systemctl disable

## Updating the locate database
# Cmnd_Alias LOCATE = /usr/bin/updatedb

## Storage
# Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount

## Delegating permissions
# Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp

## Processes
# Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall

## Drivers
# Cmnd_Alias DRIVERS = /sbin/modprobe

# Defaults specification

#
# Refuse to run if unable to disable echo on the tty.
#
Defaults   !visiblepw

#
# Preserving HOME has security implications since many programs
# use it when searching for configuration files. Note that HOME
# is already set when the the env_reset option is enabled, so
# this option is only effective for configurations where either
# env_reset is disabled or HOME is present in the env_keep list.
#
Defaults    always_set_home

Defaults    env_reset
Defaults    env_keep =  "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS"
Defaults    env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
Defaults    env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
Defaults    env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
Defaults    env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"

#
# Adding HOME to env_keep may enable a user to run unrestricted
# commands via sudo.
#
# Defaults   env_keep += "HOME"

Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin

## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
##      user    MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL

## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL

## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

## Allows members of the users group to mount and unmount the
## cdrom as root
# %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system
# %users  localhost=/sbin/shutdown -h now

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d
User_Alias      NAGIOSXI=nagios
User_Alias              NAGIOSXIWEB=apache
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios start
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios stop
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios restart
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios reload
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios status
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios checkconfig
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db start
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db stop
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db restart
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db reload
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db status
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd start
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd stop
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd restart
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd reload
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd status
NAGIOSXI ALL = NOPASSWD:/usr/bin/php /usr/local/nagiosxi/html/includes/components/autodiscovery/scripts/autodiscover_new.php *
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/html/includes/components/profile/getprofile.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/upgrade_to_latest.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/change_timezone.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/manage_services.sh *
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/reset_config_perms.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/backup_xi.sh *
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/tail -100 /var/log/messages
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/tail -100 /var/log/httpd/error_log
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/tail -100 /var/log/mysqld.log
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/php /usr/local/nagiosxi/html/includes/components/autodiscovery/scripts/autodiscover_new.php *
NAGIOSXIWEB ALL = NOPASSWD:/usr/local/nagiosxi/html/includes/components/profile/getprofile.sh
NAGIOSXIWEB ALL = NOPASSWD:/etc/init.d/snmptt restart
NAGIOSXIWEB ALL = NOPASSWD:/usr/local/nagiosxi/scripts/repair_databases.sh
NAGIOSXIWEB ALL = NOPASSWD:/usr/local/nagiosxi/scripts/manage_services.sh *
I know you've got notices in there saying not to modify it, but I just want to do that temporarily to see if that's the issue.

Also, please run the following command and provide output.

Code: Select all

[root@sender tmp]# ll /usr/bin/crontab
-rwsr-xr-x. 1 root root 57552 Mar 31  2016 /usr/bin/crontab

Re: NagiosXI not emailing scheduled reports

Posted: Thu Mar 09, 2017 1:20 pm
by sampath.krb
Here is the output of command you asked for.

-rwsr-xr-x 1 root root 57552 Feb 23 2016 /usr/bin/crontab

I am trying to see if we can use the sudoers you sent....But just to check, I compared the contents between the sudoers you sent and the one already present on my server. I do not see any difference between them. They both have the exact content.

I can still try and use the sudoers you sent.

Meanwhile, Please let me know if there is anything else I can try.

Re: NagiosXI not emailing scheduled reports

Posted: Thu Mar 09, 2017 6:03 pm
by tgriep
Can you run the following as root on the XI server and post the output?

Code: Select all

echo "select * from xi_usermeta where keyname='scheduled_reports';"|psql nagiosxi nagiosxi
echo "select * from xi_usermeta where keyname='scheduled_reports';"|mysql -u root -pnagiosxi nagiosxi
Depending on what database the system is using, one of those will error out but the output will show the information of the scheduled reports in the SQL databases.

Re: NagiosXI not emailing scheduled reports

Posted: Fri Mar 10, 2017 10:24 am
by sampath.krb
I PM'd you the output of requested command (mysql).

Re: NagiosXI not emailing scheduled reports

Posted: Fri Mar 10, 2017 1:33 pm
by tgriep
Thanks for the PM. It is saved in the forum files for access by the other techs.

The entries in the SQL database look like they should work but the missing settings in the crontab file looks like that is the issue.
The settings are stored in the SQL database but the cron actually runs the report.

It maybe a permission issue or an issue with the Apache account that runs the scripts.
Can you run the following commands and post the output?

Code: Select all

chage -l apache
grep apache /etc/passwd
ls -l /var/spool/
ls -l /var/spool/cron/
Hopefully this will show us the issue.

Re: NagiosXI not emailing scheduled reports

Posted: Fri Mar 10, 2017 4:47 pm
by sampath.krb
Below are the requested ouputs:

Code: Select all

root@<Srv-Name>:[~]: chage -l apache
Last password change                                    : Oct 15, 2015
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : -1
Maximum number of days between password change          : -1
Number of days of warning before password expires       : -1


<Srv-Name>:[/]: grep apache /etc/passwd
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin


<Srv-Name>:[/]: ls -l /var/spool/
total 60
drwxr-x--x.  2 root   abrt   4096 Mar 10 13:34 abrt
drwx------.  2 abrt   abrt   4096 Oct 30  2015 abrt-upload
drwxr-xr-x.  2 root   root   4096 Feb 23  2016 anacron
drwx------.  3 daemon daemon 4096 Jun 22  2015 at
drwxrwx---.  2 smmsp  smmsp  4096 Mar 10 07:00 clientmqueue
drwx------.  2 root   root   4096 Feb 13 15:22 cron
drwxr-xr-x.  2 root   root   4096 May 25  2015 lpd
drwxrwxr-x.  2 root   mail   4096 Sep 26 14:36 mail
drwx------.  2 root   mail   4096 Mar 10 07:00 mqueue
drwxr-xr-x   2 nagios nagios 4096 Dec 29  2015 nagios
drwxr-xr-x.  2 root   root   4096 Oct 26  2015 plymouth
drwxr-xr-x. 16 root   root   4096 Oct 15  2015 postfix
drwxr-xr-x.  2 root   root   4096 Jan 13  2016 rhn
drwxr-xr-x.  3 root   root   4096 Oct 15  2015 rhsm
drwx------.  2 root   root   4096 Feb 18 01:57 up2date

<Srv-Name>:[/]: sudo ls -l /var/spool/cron/
total 8
-rw------- 1 root root 25 Oct 15  2015 apache
-rw------- 1 root root 51 Feb 13 15:22 nagios

Re: NagiosXI not emailing scheduled reports

Posted: Mon Mar 13, 2017 9:11 am
by tgriep
The permission of the Apache crontab is not setup correctly and the Apache user cannot write the scheduled reports to that file so they will not run.
To fix this, login as root to the server and run the following to fix that issue.

Code: Select all

chown apache.apache /var/spool/cron/apache
Next, go in to the XI GUI and update the schedules so they get written to the Apache crontab file.
To verify that those settings are written to the file and will be scheduled, run the following.

Code: Select all

cat /var/spool/cron/apache
Let us know the outcome of this.

Re: NagiosXI not emailing scheduled reports

Posted: Mon Mar 13, 2017 10:47 am
by sampath.krb
No luck even after changing the permissions...I still do not see any scheduled written.

root@brnagios1:[~]: ls -l /var/spool/cron/apache
-rw------- 1 apache apache 25 Oct 15 2015 /var/spool/cron/apache

root@brnagios1:[~]: cat /var/spool/cron/apache
#crontab for apache user

Re: NagiosXI not emailing scheduled reports

Posted: Mon Mar 13, 2017 11:10 am
by tgriep
Try deleting the reports in the XI GUI and recreate them and see if that updates the setting in the Apache Crontab file.
While you are recreating the reports, run the following as root on the server and post the output so we can check it for any errors.

Code: Select all

tail -f /var/log/httpd/*_log

Re: NagiosXI not emailing scheduled reports

Posted: Mon Mar 13, 2017 12:16 pm
by Sampath.Basireddy
I deleted and recreated the reports and nothing is changed in Apache Crontab file.

I will PM you the output of "tail -f /var/log/httpd/*_log"
All times are UTC-05:00
Page 2 of 3

Powered by phpBB® Forum Software © phpBB Limited