# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1 -t 30 -c check_init_service -a 'sshd'
NRPE: Unable to read output
errors on cron and ssh checks after centos update
Re: errors on cron and ssh checks after centos update
Not quite, back to the original message:
Re: errors on cron and ssh checks after centos update
When you ran these commands on 192.168.1.102:
Did you run "su - nagios" before? It didn't ask for a password, correct?
If not, please do and send us the full output.
Also, please send me the output of these commands on 192.168.1.102:
Code: Select all
sudo /usr/local/nagios/libexec/check_init_service sshd
sudo /usr/local/nagios/libexec/check_init_service crond
Code: Select all
su - nagios
sudo /usr/local/nagios/libexec/check_init_service sshd
sudo /usr/local/nagios/libexec/check_init_service crond
Also, please send me the output of these commands on 192.168.1.102:
Code: Select all
grep -R 'check_init_service' /usr/local/nagios/etc
ps aux | grep nrpe
Re: errors on cron and ssh checks after centos update
OK. I think you're figuring it out. When I ran that command before on the server being monitored I had done it as root, not as the nagios user.
Here's what it says if I su to nagios and run it with sudo:
The nagios user is in sudoers with the following lines added by the installer:
Maybe something changed with the say sudo or PAM works? Selinux is still totally disabled, by the way.
Here's what it says if I su to nagios and run it with sudo:
Code: Select all
# su - nagios
Last login: Thu Aug 2 10:02:39 EDT 2018 on pts/0
$ sudo /usr/local/nagios/libexec/check_init_service sshd
sudo: pam_open_session: System error
sudo: policy plugin failed session initialization
Code: Select all
# NEEDED TO ALLOW NAGIOS TO CHECK SERVICE STATUS
Defaults:nagios !requiretty
nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_init_service
# ASTERISK-SPECIFIC CHECKS
# NOTE: You can uncomment the following line if you are monitoring Asterisk locally
#nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_asterisk_sip_peers.sh, /usr/local/nagios/libexec/nagisk.pl, /usr/sbin/asterisk
Re: errors on cron and ssh checks after centos update
Code: Select all
# grep -R 'check_init_service' /usr/local/nagios/etc
/usr/local/nagios/etc/nrpe/common.cfg:command[check_init_service]=sudo /usr/local/nagios/libexec/check_init_service $ARG1$
/usr/local/nagios/etc/nrpe/common.cfg.save:command[check_init_service]=sudo /usr/local/nagios/libexec/check_init_service $ARG1$
# ps aux | grep nrpe
root 8295 0.0 0.0 112708 976 pts/0 S+ 12:46 0:00 grep --color=auto nrpe
Re: errors on cron and ssh checks after centos update
Figured it out!
The password had expired on the nagios account and somehow the yum update must have loaded a new PAM config file that started enforcing expiration. I set the password to never expire on the nagios user and now it works. Even though it didn't need the password to sudo, it still failed because the non-existent password had expired.
Thanks for the help steering me through what I should be looking at to fix it, and please feel free to close this.
The password had expired on the nagios account and somehow the yum update must have loaded a new PAM config file that started enforcing expiration. I set the password to never expire on the nagios user and now it works. Even though it didn't need the password to sudo, it still failed because the non-existent password had expired.
Thanks for the help steering me through what I should be looking at to fix it, and please feel free to close this.