Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

nagios service issue

https://support.nagios.com/forum/viewtopic.php?t=43772

Page 2 of 9

Re: nagios service issue

Posted: Wed May 10, 2017 11:37 am
by dwhitfield
no, your error message is about localhost. If you get other errors after this one, then you will need to resolve those through the CCM as well.
Error: Could not find any host matching 'localhost' (config file '/usr/local/nagios/etc/hostgroups.cfg', starting on line 16)

Re: nagios service issue

Posted: Wed May 10, 2017 12:43 pm
by nschetu
Now I am able to start nagios service but status is showing still error message. Also not able to start Monitoring engine still.

[root@bhusprv024 init.d]#
[root@bhusprv024 init.d]# systemctl stop nagios.service
[root@bhusprv024 init.d]# systemctl stop ndo2db.service
[root@bhusprv024 init.d]# systemctl start ndo2db.service
[root@bhusprv024 init.d]# systemctl start nagios.service
[root@bhusprv024 init.d]# systemctl status nagios.service
● nagios.service - Nagios
Loaded: loaded (/etc/systemd/system/nagios.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2017-05-10 13:33:14 EDT; 6s ago
Process: 699 ExecStart=/usr/local/nagios/bin/nagios /usr/local/nagios/etc/nagios.cfg (code=exited, status=254)
Main PID: 699 (code=exited, status=254)

May 10 13:33:12 bhusprv024.bhprod.ibm.com nagios[699]: LOG VERSION: 2.0
May 10 13:33:12 bhusprv024.bhprod.ibm.com nagios[699]: wproc: Registry request: name=Core Worker 701;pid=701
May 10 13:33:12 bhusprv024.bhprod.ibm.com nagios[699]: wproc: Registry request: name=Core Worker 713;pid=713
May 10 13:33:12 bhusprv024.bhprod.ibm.com nagios[699]: wproc: Registry request: name=Core Worker 702;pid=702
May 10 13:33:12 bhusprv024.bhprod.ibm.com nagios[699]: wproc: Registry request: name=Core Worker 714;pid=714
May 10 13:33:12 bhusprv024.bhprod.ibm.com nagios[699]: wproc: Registry request: name=Core Worker 712;pid=712
May 10 13:33:12 bhusprv024.bhprod.ibm.com nagios[699]: wproc: Registry request: name=Core Worker 715;pid=715
May 10 13:33:12 bhusprv024.bhprod.ibm.com systemd[1]: nagios.service: main process exited, code=exited, status=254/n/a
May 10 13:33:14 bhusprv024.bhprod.ibm.com systemd[1]: Unit nagios.service entered failed state.
May 10 13:33:14 bhusprv024.bhprod.ibm.com systemd[1]: nagios.service failed.
[root@bhusprv024 init.d]# systemctl status ndo2db.service
● ndo2db.service - Nagios Data Out Daemon
Loaded: loaded (/usr/lib/systemd/system/ndo2db.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2017-05-10 13:33:03 EDT; 35s ago
Docs: http://www.nagios.org/documentation
Process: 683 ExecStopPost=/bin/rm -f /usr/local/nagios/var/ndo2db.pid (code=exited, status=0/SUCCESS)
Process: 680 ExecStart=/usr/local/nagios/bin/ndo2db -c /usr/local/nagios/etc/ndo2db.cfg -f (code=exited, status=1/FAILURE)
Main PID: 680 (code=exited, status=1/FAILURE)

May 10 13:33:03 bhusprv024.bhprod.ibm.com systemd[1]: Started Nagios Data Out Daemon.
May 10 13:33:03 bhusprv024.bhprod.ibm.com systemd[1]: Starting Nagios Data Out Daemon...
May 10 13:33:03 bhusprv024.bhprod.ibm.com ndo2db[680]: Could not bind socket: Address already in use
May 10 13:33:03 bhusprv024.bhprod.ibm.com systemd[1]: ndo2db.service: main process exited, code=exited, status=1/FAILURE
May 10 13:33:03 bhusprv024.bhprod.ibm.com systemd[1]: Unit ndo2db.service entered failed state.
May 10 13:33:03 bhusprv024.bhprod.ibm.com systemd[1]: ndo2db.service failed.
[root@bhusprv024 init.d]# grep live /usr/local/nagios/var/nagios.log
[root@bhusprv024 init.d]# grep broker /usr/local/nagios/etc/nagios.cfg
broker_module=/usr/local/nagios/bin/ndomod.o config_file=/usr/local/nagios/etc/ndomod.cfg
event_broker_options=-1
[root@bhusprv024 init.d]# ll /usr/local/lib/mk-livestatus
ls: cannot access /usr/local/lib/mk-livestatus: No such file or directory
[root@bhusprv024 init.d]# ll /usr/local/nagios/var/rw
total 0
srw-rw---- 1 nagios nagcmd 0 May 10 13:33 nagios.qh
[root@bhusprv024 init.d]#

Re: nagios service issue

Posted: Wed May 10, 2017 12:55 pm
by dwhitfield
It appears as though you did not run through https://support.nagios.com/kb/article.p ... ategory=44 or if you did, something funky happened in the process. Please post your /etc/sudoers file. If you use sudoers in a different location, then that is the problem. You must have the appropriate file at /etc/sudoers for Nagios XI to work.

Since there are no time stamps in this log, it's also possible you ran through the kb and I am seeing an old log message. There are a couple of other odd things, like there's nothing in your apache or mariadb logs, but at this point, I'm assuming those issues are due to permissions.

If you run through the knowledge base and continue to have issues, please generate a new profile and post.

In the new profile, I'll be checking to make sure cmdsubsys.txt does not contain the following errors:

Code: Select all

sudo: unable to open /etc/sudoers: Permission denied
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

Re: nagios service issue

Posted: Wed May 10, 2017 1:32 pm
by nschetu
Please find the sudoers file detail after running below command and attached profile file.

[root@bhusprv024 tmp]# wget https://assets.nagios.com/downloads/nag ... 2.9.tar.gz
--2017-05-10 14:11:36-- https://assets.nagios.com/downloads/nag ... 2.9.tar.gz
Resolving assets.nagios.com (assets.nagios.com)... 72.14.181.71, 2600:3c00::f03c:91ff:fedf:b821
Connecting to assets.nagios.com (assets.nagios.com)|72.14.181.71|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 50919957 (49M) [application/x-gzip]
Saving to: ‘xi-5.2.9.tar.gz.1’

100%[===========================================================================================================================================================>] 50,919,957 1.51MB/s in 32s

2017-05-10 14:12:09 (1.50 MB/s) - ‘xi-5.2.9.tar.gz.1’ saved [50919957/50919957]

[root@bhusprv024 tmp]# tar xzf xi-5.2.9.tar.gz nagiosxi/nagiosxi/nagiosxi.sudoers --strip-components 2
[root@bhusprv024 tmp]# grep -v NAGIOSXI /etc/sudoers > /etc/sudoers.new
[root@bhusprv024 tmp]# mv -f /etc/sudoers.new /etc/sudoers
[root@bhusprv024 tmp]# rm -rf /etc/sudoers.d/nagiosxi
[root@bhusprv024 tmp]# sed -i 's/^Defaults requiretty/#Defaults requiretty/g' /etc/sudoers
[root@bhusprv024 tmp]# cat /tmp/nagiosxi.sudoers >> /etc/sudoers
[root@bhusprv024 tmp]# chmod 440 /etc/sudoers
[root@bhusprv024 tmp]#
[root@bhusprv024 tmp]#

[root@bhusprv024 tmp]# cat /etc/sudoers
# This file MUST be edited with the 'visudo' command as root.
#
# Modification History
# 09-30-2014 CH10258614 Global Compliance changes with new Include lists
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#
# Defaults specification

#Sets up the sudo log file.
#>> This isn't required, per documentation 'default' is to log via syslog
#>> which is certainly fine. This item was left in, as much as anything,
#>> to serve as a reminder that some 'per account ' customization is
#>> permitted, and may even be very important based on customer requirements.
Defaults logfile=/var/log/sudo.log

#>> The 'NA sudoers standard template' below content comes from
#>> https://ibm.biz/NAsudoTemplates
#>> entry: 201_NArevStandAliases_NA
#>> with customizations of:
#>> Eliminating change control information (most comments 'may' be removed,
#>> but do NOT eliminate the Begin / End comments).
#>> Eliminated 'sample' #include lines, which cause syntax errors.
#>> Commented out: # Defaults!IBM_SHELLESCAPE_ALL noexec
#>> as, for this example, the commercial customer has not approved
#>> this entry. Note: IBM Internal customers must accept this entry.
#>>
# Begin NA sudoers standard template Ver 8.1NA Date 2014-07-09 * Master * Refer NA14211028 Begin #
# Description Standard sudoers template
#
# Version control
# [ deleted version control data for conciseness, for details see pRAM ]
#------------------------------------------------------------------------------
# Sudo implementation team instruction:
# This special template is NOT to be # included. Instead, this template
# has content which must, for functional purposes, be 'spread over' the
# entire span of the /etc/sudoers file. For instance, the
# Defaults env_file=/etc/sudo.env
# line should be 'early' in the file, while the line:
# ALL ALL=!SUDOSUDO
# needs to be after the last 'additive' sudo entry to ensure all sudo entries
# are appropriately protected.
#
#------------------------------------------------------------------------------
# Defaults
#------------------------------------------------------------------------------
#
# The following entries are required if you allow users to run
# smit / smitty on AIX:
#
# For sudo 1.7.0 and up, include the following entries in the
# /etc/sudo.env file:
# SMIT_SHELL=n
# SMIT_SEMI_COLON=n
# SMIT_QUOTE=n
# and define sudo environment file within /etc/sudoers (or included
# file) via:
# Note: if you are using a sudo level older than 1.7.0 on AIX,
# contact 'Sudo Deployment AG/Hartford/IBM,' for guidance.
#
Defaults env_file=/etc/sudo.env # Includes the sudo environment file
#
#
#-----------------------------------------------------------------------------
#
# The following entry is only required if you are using a secondary logging
# method which cannot capture commands issued in shell outs.
# This will help ensure that commands with shell outs are
# appropriately controled:
#
Defaults!IBM_SHELLESCAPE_ALL noexec
### Account notes: This commercial customer has not approved this entry, and
### thus this entry has been commented out.
# CAUTION: This affects all entries; ensure your customer is aware this is being
# added on first implementation, and appropriate testing is done.
#
#-----------------------------------------------------------------------------
# User Aliases
#-----------------------------------------------------------------------------
# Add ant 'in line' User_Alias here.
#
#-----------------------------------------------------------------------------
# Host Aliases
#-----------------------------------------------------------------------------
# Add any 'in line' Host_Alias here.
#
#
#-----------------------------------------------------------------------------
# Required Command Aliases
#-----------------------------------------------------------------------------
#
# sudo
#
Cmnd_Alias SUDOSUDO = /usr/local/bin/sudo, /usr/bin/sudo, /bin/sudo
#
# Fully qualified commands not present on the server are not required to be in this list.
# Commands on this list that do not exist on the servers have no impact.
# Add any local paths.
#
# Forbidden commands: Commands only system admin might be permitted.
#
Cmnd_Alias IBM_NONE_ALL = /usr/bin/su * , /bin/su *, \
/bin/bash2bug, /usr/bin/bash2bug, \
/usr/bin/chuser *root*, /usr/bin/mkuser, \
/usr/bin/chgroup, /usr/bin/chgrpmem -*, /usr/bin/smit*, \
/usr/sbin/visudo, /usr/bin/vi *sudo*, /usr/bin/more *sudo*, \
/usr/bin/view *sudo*, /usr/bin/cp *sudo*, /usr/bin/mv *sudo*, \
/usr/bin/rm *sudo*, /usr/bin/view /etc/passwd*, /usr/bin/vi /etc/passwd*, \
/usr/bin/view /etc/security/passwd*, /usr/bin/vim /etc/security/passwd*, \
/usr/bin/vi /etc/security/passwd*, \
/bin/view /etc/security/passwd*, /bin/vim /etc/security/passwd*, \
/bin/vi /etc/security/passwd*, \
/bin/view /etc/shadow*, /usr/bin/vim /etc/shadow*, /bin/vi /etc/shadow*, \
/usr/sbin/sam, \
/usr/bin/view /etc/group*, /usr/bin/vi /etc/group*, /usr/bin/command, \
/usr/bin/hostname, /usr/sbin/chdev *hostname*, \
/usr/local/sbin/visudo, /bin/chmod * /etc/*, /bin/chmod * /etc/security/*, \
/bin/chmod * /root/*, /bin/chmod * /*, \
/bin/chown * /etc/*, /bin/chown * /etc/security/*, \
/bin/chown * /root/*, /bin/chmod * /usr/local/sbin/visudo, \
/bin/chown * /usr/local/sbin/visudo, \
/bin/time *, /usr/bin/time *
# If you remove anything you need to provide documentation,rationale and
# secondary controls if required; if an alternative -technical- control
# is in place, document.
# Commands not present on the server are not required to be in this list.
# Commands on this list that do not exist on the servers have no impact.
# It is permissible to hard code these to the exact directory structure where
# the commands are present on the system if installed in a different location.
#
# su commands
#
Cmnd_Alias IBM_NONE_SA = /usr/bin/su, /usr/bin/su root, \
/bin/su, /bin/su root
# if you remove anything you need to provide documentation,rationale and
# secondary controls if required; if an alternative -technical- control is
# in place, document.
# Commands not present on the server are not required to be in this list.
# Commands on this list that do not exist on the servers have no impact.
#
# Shells
#
Cmnd_Alias IBM_SHELLS_ALL = /bin/ash, /usr/bin/ash, \
/bin/bash, /usr/bin/bash, /opt/freeware/bin/bash, /usr/opt/freeware/bin/bash, \
/bin/bash1, /usr/bin/bash1, /bin/bash2, /usr/bin/bash2 , \
/bin/bsh, /usr/bin/bsh, /bin/ch, /usr/bin/ch, /bin/csh, /usr/bin/csh , \
/bin/jsh, /usr/bin/jsh, /bin/ksh, /usr/bin/ksh, /bin/ksh93, /usr/bin/ksh93, \
/bin/pfcsh, /usr/bin/pfcsh , \
/bin/pfksh, /usr/bin/pfksh, /bin/pfsh, /usr/bin/pfsh, /bin/psh, /usr/bin/psh, \
/bin/recsh, /usr/bin/recsh, /bin/rksh, /usr/bin/rksh, \
/bin/rsh, /usr/bin/rsh, /usr/ucb/rsh, \
/bin/sh, /usr/bin/sh, /usr/samples/tcpip/sendmail/sh , \
/usr/shell, /usr/bin/shell, \
/bin/tclsh, /usr/bin/tclsh, /opt/freeware/bin/tclsh, /usr/opt/freeware/bin/tclsh, \
/bin/tclsh8.4, /usr/bin/tclsh8.4, /opt/freeware/bin/tclsh8.4, \
/usr/opt/freeware/bin/tclsh8.4, \
/bin/tcsh, /usr/bin/tcsh, /bin/tsh, /usr/bin/tsh , \
/bin/wish, /usr/bin/wish, /opt/freeware/bin/wish, /usr/opt/freeware/bin/wish, \
/bin/wish8.4, /usr/bin/wish8.4, /opt/freeware/bin/wish8.4, \
/usr/opt/freeware/bin/wish8.4, \
/bin/wishx, /usr/bin/wishx, \
/bin/zsh, /usr/bin/zsh
# Shells not present on the server are not required to be in this list.
# Shells on this list that do not exist on the servers have no impact.
# Add any local shells.
#
# Shell Escapes
#
Cmnd_Alias IBM_SHELLESCAPE_ALL = /usr/bin/ed, \
/usr/bin/bash2bug, /usr/bin/bashbug, \
/usr/bin/find * -exec *, /usr/bin/find * -ok *, \
/bin/find * -exec *, /bin/find * -ok *, \
/usr/bin/find * -execdir *, /usr/bin/find * -okdir *, \
/bin/find * -execdir *, /bin/find * -okdir *, \
/bin/ftp, /usr/bin/ftp, \
/bin/ex, /usr/bin/ex, /usr/bin/less, /usr/bin/more, /bin/pg, /usr/bin/pg, \
/usr/bin/vi, /bin/vi, /bin/ex, /bin/view, /bin/gvim, /bin/gview, /bin/evim, \
/bin/eview, /bin/vimdiff, /bin/vim, /usr/bin/vim, /usr/bin/ex, \
/usr/bin/view, /usr/bin/gvim, \
/usr/bin/gview, /usr/bin/evim, /usr/bin/eview, /usr/bin/vimdiff, \
/bin/more
# Commands not present on the server are not required to be in this list.
# Commands on this list that do not exist on the servers have no impact.
# Add any local commands.
#
#
# Disallowed editors
#
Cmnd_Alias IBM_NONE_EDITOR = /bin/vi, /bin/tvi, /bin/vim, /bin/rvim, /bin/gvim, \
/bin/evim, /bin/emacs, /bin/ed, /usr/bin/vi, /usr/bin/tvi, /usr/bin/vim, \
/usr/bin/rvim, /usr/bin/gvim, /usr/bin/evim, /usr/bin/emacs, /usr/bin/ed, \
/bin/view, /usr/bin/view, /bin/rvi, /usr/bin/rvi
#
# Commands not present on the server are not required to be in this list.
# Commands on this list that do not exist on the servers have no impact.
# Add any local commands.
#--------------------------------------------------------------------------------
#
# IBM SA command Aliases
#
Cmnd_Alias IBM_UNIX_SA_CMDS = /usr/bin/su -, /bin/su -, /usr/bin/su - root, \
/bin/su - root
# This Cmnd_Alias can only be used if secondary logging are in place on the server.
#
#
## END 'top' part of 201_NArevStandAliases_NA

#>> The 'NA System Admin' below content comes from
#>> https://ibm.biz/NAsudoTemplates
#>> entry: 201_SystemAdmin_NA
#>> with the only customization being to set to the 'local' group used by the
#>> SA team:
#>> User_Alias IBM_SA_BAU = %uss
#>>
## Begin NA System Admin Ver 1.2.2 Date 2014-07-15 * Master * Refer NA1001415501 Begin #
# Description
# Software products and versions
# Supported OS platforms : All Unix/Linux variants.
# This sudo profile is the 'typical' system admin sudo entry
# where secondary logging is in use. This entry is only to
# be used where secondary logging 'like' the methods
# documented on: https://ibm.biz/NAsudo2log
# are in use. Implementing team is responsible to ensure
# logging methodology works in their environment. If secondary
# logging is not in use, then the SA team must request an
# 'account-level'override exception.
#
# Self serve access considerations are 'Not applicable' for this template
#
#
# Use of this IBM approved standard template must follow NA
# Sudo deployment requirements.
# Local adjustments, excepting the Host_Alias (For any needed
# segregation of hosts) and User_Alias (to identify the local
# group name in use) for specific customer environments
# must be approved by 'Sudo Deployment AG/Hartford/IBM'
#
#
# Version control
# V1.0 - [email protected] - new template
# V1.1 - highc - add IBM_SA_AIXSMIT materials to allow for system
# system admins to use smit with appropriate logging.
# V1.2 - highc - based on v7.1 of standard aliases https://ibm.biz/GsudoStdAlias
# being released,remove 'EXEC: smit' type lines.
# Be certain to include the SMIT_SHELL=n materials from
# v7.1 of the standard aliases on AIX systems.
# V1.2.1 - highc- fix syntax/line continuation error.
# V1.2.2 - highc- adjust user alias to better conform to global standard.
#
# BEGIN the Middleware templates relevant for the server
#include /etc/sudoers.d/010_STD_NEG_GLB
#include /etc/sudoers.d/010_STD_SA_GLB
#include /etc/sudoers.d/102_AWS_GLB
#include /etc/sudoers.d/108_ORACLE_GLB
#include /etc/sudoers.d/113_TEM_GLB
#include /etc/sudoers.d/118_TSM_GLB
#include /etc/sudoers.d/120_WAS_GLB
#include /etc/sudoers.d/123_AE_GLB
#include /etc/sudoers.d/205_ITIMEPAIGANA_LINUX_NA
#include /etc/sudoers.d/217_TADDMDISC_NA
#include /etc/sudoers.d/228_DGNAE_NA
#include /etc/sudoers.d/237_DB2_NA
#include /etc/sudoers.d/402_AWS_NA_IGA_AHE_CPE_ADJ
#include /etc/sudoers.d/402_AWS_NA_IGA_AHE_EPRICER_ADJ
#include /etc/sudoers.d/413_TEM_NA_IGA_AHE_ADJ
#include /etc/sudoers.d/420_WAS_NA_IGA_AHE_CPE_ADJ
#include /etc/sudoers.d/420_WAS_NA_IGA_AHE_EPRICER_ADJ
#include /etc/sudoers.d/460_SAMETIME_NA_IGA_LCL
#include /etc/sudoers.d/461_NUS_W_SSLINUX_NA_IGA_LCL
#include /etc/sudoers.d/461_ODCSISS_NA_IGA_LCL
#include /etc/sudoers.d/462_MKT_NA_IGA_LCL
#include /etc/sudoers.d/476_LDAP_DB2_IGA_NA_LCL
#include /etc/sudoers.d/481_NESSUS_NA_IGA_LCL
#include /etc/sudoers.d/489_AvocentDSView_NA_IGA_AHE_LCL
# END the Middleware templates relevant for the server
#include /etc/sudoers.d/241_CHANGEMANAE_NA


# Start of CUSTOMER SECTION -------------------------------------------------
####
#>> Customer specific items have been removed from sample, but
#>> this would be any of your current content which are sudo entries
#>> for your customers.
####
# End of CUSTOMER SECTION -----------------------------------------------------
## Start of 'bottom' part of 201_NArevStandAliases_NA
#------------------------------------------------------------------------------
#
#
User_Alias ITIMADM5 = %itimadm
ITIMADM5 ALL=NOPASSWD: /bin/cat, /bin/chmod, /bin/cp, /bin/kill, /bin/ls, \
/usr/bin/chage, /bin/ed, /usr/bin/ed, /usr/bin/faillog, /usr/bin/groups, \
/usr/bin/passwd, /usr/bin/tee, /usr/sbin/groupadd, /usr/sbin/groupdel, \
/usr/sbin/groupmod, /usr/sbin/useradd, /usr/sbin/userdel, /usr/sbin/usermod


Host_Alias LINUX101TO199HOSTLIST = `bhusprv024.bhprod.ibm.com`

User_Alias LINUXV6GRPS = %#101,%#102,%#103,%#103,%#104,%#105,%#106,%#107,%#108,%#109, \
%#110,%#111,%#112,%#113,%#113,%#114,%#115,%#116,%#117,%#118,%#119, \
%#120,%#121,%#122,%#123,%#123,%#124,%#125,%#126,%#127,%#128,%#129, \
%#130,%#131,%#132,%#133,%#133,%#134,%#135,%#136,%#137,%#138,%#139, \
%#140,%#141,%#142,%#143,%#143,%#144,%#145,%#146,%#147,%#148,%#149, \
%#150,%#151,%#152,%#153,%#153,%#154,%#155,%#156,%#157,%#158,%#159, \
%#160,%#161,%#162,%#163,%#163,%#164,%#165,%#166,%#167,%#168,%#169, \
%#170,%#171,%#172,%#173,%#173,%#174,%#175,%#176,%#177,%#178,%#179, \
%#180,%#181,%#182,%#183,%#183,%#184,%#185,%#186,%#187,%#188,%#189, \
%#190,%#191,%#192,%#193,%#193,%#194,%#195,%#196,%#197,%#198,%#199

LINUXV6GRPS LINUX101TO199HOSTLIST = (nobody) /bin/df

#
#Temp sudo access
ghkong ALL=(ALL) ALL
dfcosta0 ALL=(ALL) NOPASSWD:ALL
# The following line must be after the last 'additive' line in this file, only
# 'negations' and comments should follow this:
#
ALL ALL=!SUDOSUDO
#
# End NA sudoers standard template Ver 8.1NA Date 2014-07-09 * Master * Refer NA14211028 End #


User_Alias NAGIOSXI=nagios
User_Alias NAGIOSXIWEB=apache
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios start
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios stop
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios restart
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios reload
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios status
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios checkconfig
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db start
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db stop
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db restart
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db reload
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db status
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd start
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd stop
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd restart
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd reload
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd status
NAGIOSXI ALL = NOPASSWD:/usr/bin/php /usr/local/nagiosxi/html/includes/components/autodiscovery/scripts/autodiscover_new.php *
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/html/includes/components/profile/getprofile.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/upgrade_to_latest.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/change_timezone.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/manage_services.sh *
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/reset_config_perms.sh
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/tail -100 /var/log/messages
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/tail -100 /var/log/httpd/error_log
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/tail -100 /var/log/mysqld.log
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/php /usr/local/nagiosxi/html/includes/components/autodiscovery/scripts/autodiscover_new.php *
NAGIOSXIWEB ALL = NOPASSWD:/usr/local/nagiosxi/html/includes/components/profile/getprofile.sh
NAGIOSXIWEB ALL = NOPASSWD:/etc/init.d/snmptt restart
NAGIOSXIWEB ALL = NOPASSWD:/usr/local/nagiosxi/scripts/repair_databases.sh
NAGIOSXIWEB ALL = NOPASSWD:/usr/local/nagiosxi/scripts/manage_services.sh *


[root@bhusprv024 tmp]#

Re: nagios service issue

Posted: Wed May 10, 2017 1:37 pm
by nschetu
If you want I can download once again and reinstall nagios tool but I need uninstall steps to clear all installed files or packages which are belongs to nagios tool.

Re: nagios service issue

Posted: Wed May 10, 2017 1:55 pm
by dwhitfield
I'm not sure why you have a modified sudoers after running those commands, but below is the proper sudoers. Please use that instead of your custom sudoers. Once you get things working, you can try modify the sudoers piece by piece, but ultimately, we cannot support a modified sudoers if you run into issues using that with your installation.

Code: Select all

## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
##
## Examples are provided at the bottom of the file for collections
## of related commands, which can then be delegated out to particular
## users or groups.
##
## This file must be edited with the 'visudo' command.

## Host Aliases
## Groups of machines. You may prefer to use hostnames (perhaps using
## wildcards for entire domains) or IP addresses instead.
# Host_Alias     FILESERVERS = fs1, fs2
# Host_Alias     MAILSERVERS = smtp, smtp2

## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem


## Command Aliases
## These are groups of related commands...

## Networking
# Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool

## Installation and management of software
# Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum

## Services
# Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig, /usr/bin/systemctl start, /usr/bin/systemctl stop, /usr/bin/systemctl reload, /usr/bin/systemctl restart, /usr/bin/systemctl status, /usr/bin/systemctl enable, /usr/bin/systemctl disable

## Updating the locate database
# Cmnd_Alias LOCATE = /usr/bin/updatedb

## Storage
# Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount

## Delegating permissions
# Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp

## Processes
# Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall

## Drivers
# Cmnd_Alias DRIVERS = /sbin/modprobe

# Defaults specification

#
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
#         You have to run "ssh -t hostname sudo <cmd>".
#
#Defaults    requiretty

#
# Refuse to run if unable to disable echo on the tty. This setting should also be
# changed in order to be able to use sudo without a tty. See requiretty above.
#
Defaults   !visiblepw

#
# Preserving HOME has security implications since many programs
# use it when searching for configuration files. Note that HOME
# is already set when the the env_reset option is enabled, so
# this option is only effective for configurations where either
# env_reset is disabled or HOME is present in the env_keep list.
#
Defaults    always_set_home

Defaults    env_reset
Defaults    env_keep =  "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS"
Defaults    env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
Defaults    env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
Defaults    env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
Defaults    env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"

#
# Adding HOME to env_keep may enable a user to run unrestricted
# commands via sudo.
#
# Defaults   env_keep += "HOME"

Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin

## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
##      user    MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL

## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL

## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

## Allows members of the users group to mount and unmount the
## cdrom as root
# %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system
# %users  localhost=/sbin/shutdown -h now

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d


User_Alias      NAGIOSXI=nagios
User_Alias              NAGIOSXIWEB=apache
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios start
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios stop
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios restart
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios reload
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios status
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios checkconfig
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db start
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db stop
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db restart
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db reload
NAGIOSXI ALL = NOPASSWD:/etc/init.d/ndo2db status
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd start
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd stop
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd restart
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd reload
NAGIOSXI ALL = NOPASSWD:/etc/init.d/npcd status
NAGIOSXI ALL = NOPASSWD:/usr/bin/php /usr/local/nagiosxi/html/includes/components/autodiscovery/scripts/autodiscover_new.php *
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/html/includes/components/profile/getprofile.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/upgrade_to_latest.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/change_timezone.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/manage_services.sh *
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/reset_config_perms.sh
NAGIOSXI ALL = NOPASSWD:/usr/local/nagiosxi/scripts/backup_xi.sh *
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/tail -100 /var/log/messages
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/tail -100 /var/log/httpd/error_log
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/tail -100 /var/log/mysqld.log
NAGIOSXIWEB ALL = NOPASSWD:/usr/bin/php /usr/local/nagiosxi/html/includes/components/autodiscovery/scripts/autodiscover_new.php *
NAGIOSXIWEB ALL = NOPASSWD:/usr/local/nagiosxi/html/includes/components/profile/getprofile.sh
NAGIOSXIWEB ALL = NOPASSWD:/etc/init.d/snmptt restart
NAGIOSXIWEB ALL = NOPASSWD:/usr/local/nagiosxi/scripts/repair_databases.sh
NAGIOSXIWEB ALL = NOPASSWD:/usr/local/nagiosxi/scripts/manage_services.sh *

Re: nagios service issue

Posted: Wed May 10, 2017 2:27 pm
by nschetu
As per your mail. I have updated proper sudoers which you have provided. Please let me know further step.

Re: nagios service issue

Posted: Wed May 10, 2017 2:50 pm
by dwhitfield
First off, what's the output of the following?

Code: Select all

df -i
df -h
It's possible you are out of space.


Regarding the instructions below, if you do not have killall, you can install it via the following command:
yum install psmisc

If psmisc is not in your repos, then instead you can check to make sure nagios is not running with
ps -aef | grep nagios

You are having some ndo lock issues at the very least, so please run through the following

Code: Select all

service nagios stop
service ndo2db stop
service mysqld stop
service crond stop
service httpd stop
killall -9 nagios
killall -9 ndo2db
rm -f /usr/local/nagios/var/ndo.sock
rm -f /usr/local/nagios/var/ndo2db.lock
service ndo2db start
service nagios start
service mysqld start
service crond start
service httpd start
It's hard to know since your profile did not have any db logs, but you may need to look at https://assets.nagios.com/downloads/nag ... tabase.pdf and report any errors. If you stop at any point, please know at which point you stop.

Also, what's the output of which mysql and which mariadb?

Re: nagios service issue

Posted: Wed May 10, 2017 3:03 pm
by nschetu
Please find the details below and installed psmisc but getting some output after executing “ps -aef | grep nagios”. Request to verify once and let me know, so that I can do further steps.


[root@bhusprv024 tmp]# df -i
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/mapper/rhel-root 1933920 124037 1809883 7% /
devtmpfs 4095175 395 4094780 1% /dev
tmpfs 4097786 1 4097785 1% /dev/shm
tmpfs 4097786 694 4097092 1% /run
tmpfs 4097786 16 4097770 1% /sys/fs/cgroup
/dev/sda1 128016 351 127665 1% /boot
/dev/mapper/rheldata-data 19595264 11 19595253 1% /data
tmpfs 4097786 1 4097785 1% /run/user/0
tmpfs 4097786 1 4097785 1% /run/user/1023
tmpfs 4097786 1 4097785 1% /run/user/1024
[root@bhusprv024 tmp]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/rhel-root 29G 8.6G 19G 32% /
devtmpfs 16G 0 16G 0% /dev
tmpfs 16G 0 16G 0% /dev/shm
tmpfs 16G 42M 16G 1% /run
tmpfs 16G 0 16G 0% /sys/fs/cgroup
/dev/sda1 477M 183M 265M 41% /boot
/dev/mapper/rheldata-data 295G 65M 280G 1% /data
tmpfs 3.2G 0 3.2G 0% /run/user/0
tmpfs 3.2G 0 3.2G 0% /run/user/1023
tmpfs 3.2G 0 3.2G 0% /run/user/1024
[root@bhusprv024 tmp]#
[root@bhusprv024 tmp]# yum install psmisc
Loaded plugins: product-id, search-disabled-repos, subscription-manager
epel/x86_64/metalink | 12 kB 00:00:00
epel | 4.3 kB 00:00:00
nagios-base | 1.5 kB 00:00:00
nagiosxi-deps | 1.5 kB 00:00:00
Resolving Dependencies
There are unfinished transactions remaining. You might consider running yum-complete-transaction, or "yum-complete-transaction --cleanup-only" and "yum history redo last", first to finish them. If those don't work you'll have to try removing/installing packages by hand (maybe package-cleanup can help).
--> Running transaction check
---> Package psmisc.x86_64 0:22.20-11.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=====================================================================================================================================================================================================
Package Arch Version Repository Size
=====================================================================================================================================================================================================
Installing:
psmisc x86_64 22.20-11.el7 rhel-7-server-rpms 141 k

Transaction Summary
=====================================================================================================================================================================================================
Install 1 Package

Total download size: 141 k
Installed size: 479 k
Is this ok [y/d/N]: y
Downloading packages:
psmisc-22.20-11.el7.x86_64.rpm | 141 kB 00:00:05
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : psmisc-22.20-11.el7.x86_64 1/1
Verifying : psmisc-22.20-11.el7.x86_64 1/1

Installed:
psmisc.x86_64 0:22.20-11.el7

Complete!
[root@bhusprv024 tmp]#

[root@bhusprv024 tmp]# ps -aef | grep nagios
nagios 1143 1 0 May09 ? 00:00:00 /usr/local/nagios/bin/npcd -d -f /usr/local/nagios/etc/pnp/npcd.cfg
nagios 13067 13058 0 15:55 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php >> /usr/local/nagiosxi/var/eventman.log 2>&1
nagios 13069 13067 0 15:55 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php
nagios 13070 13056 0 15:55 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php >> /usr/local/nagiosxi/var/feedproc.log 2>&1
nagios 13074 13055 0 15:55 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php >> /usr/local/nagiosxi/var/perfdataproc.log 2>&1
nagios 13075 13057 0 15:55 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/event_handler.php >> /usr/local/nagiosxi/var/event_handler.log 2>&1
nagios 13076 13060 0 15:55 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php >> /usr/local/nagiosxi/var/sysstat.log 2>&1
nagios 13077 13059 0 15:55 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php >> /usr/local/nagiosxi/var/cmdsubsys.log 2>&1
nagios 13078 13077 0 15:55 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php
nagios 13079 13074 0 15:55 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php
nagios 13081 13076 0 15:55 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php
nagios 13082 13070 0 15:55 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php
nagios 13088 13075 0 15:55 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/event_handler.php
root 13604 24588 0 15:55 pts/0 00:00:00 grep --color=auto nagios
nagios 31139 1 0 13:26 ? 00:00:00 /usr/local/nagios/bin/ndo2db -c /usr/local/nagios/etc/ndo2db.cfg
[root@bhusprv024 tmp]#

Re: nagios service issue

Posted: Wed May 10, 2017 3:11 pm
by dwhitfield
Thank you for the output. The following commands are the ones I want you to run, in order. The ps -aef | grep nagios was *only* if you couldn't install killall, which you were able to do, so you should be able to run through them without issue.

Code: Select all

    service nagios stop
    service ndo2db stop
    service mysqld stop
    service crond stop
    service httpd stop
    killall -9 nagios
    killall -9 ndo2db
    rm -f /usr/local/nagios/var/ndo.sock
    rm -f /usr/local/nagios/var/ndo2db.lock
    service ndo2db start
    service nagios start
    service mysqld start
    service crond start
    service httpd start
Please send the profile if that does not resolve your issue.

Also, what is the output of which mysql?
All times are UTC-05:00
Page 2 of 9

Powered by phpBB® Forum Software © phpBB Limited