errors on cron and ssh checks after centos update

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
amunter
Posts: 33
Joined: Wed Aug 01, 2018 1:08 pm

Re: errors on cron and ssh checks after centos update

Post by amunter »

Not quite, back to the original message:
# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1 -t 30 -c check_init_service -a 'sshd'
NRPE: Unable to read output
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: errors on cron and ssh checks after centos update

Post by ssax »

When you ran these commands on 192.168.1.102:

Code: Select all

sudo /usr/local/nagios/libexec/check_init_service sshd
sudo /usr/local/nagios/libexec/check_init_service crond
Did you run "su - nagios" before? It didn't ask for a password, correct?

Code: Select all

su - nagios
sudo /usr/local/nagios/libexec/check_init_service sshd
sudo /usr/local/nagios/libexec/check_init_service crond
If not, please do and send us the full output.

Also, please send me the output of these commands on 192.168.1.102:

Code: Select all

grep -R 'check_init_service' /usr/local/nagios/etc
ps aux | grep nrpe
amunter
Posts: 33
Joined: Wed Aug 01, 2018 1:08 pm

Re: errors on cron and ssh checks after centos update

Post by amunter »

OK. I think you're figuring it out. When I ran that command before on the server being monitored I had done it as root, not as the nagios user.

Here's what it says if I su to nagios and run it with sudo:

Code: Select all

# su - nagios
Last login: Thu Aug  2 10:02:39 EDT 2018 on pts/0
$ sudo /usr/local/nagios/libexec/check_init_service sshd
sudo: pam_open_session: System error
sudo: policy plugin failed session initialization
The nagios user is in sudoers with the following lines added by the installer:

Code: Select all

# NEEDED TO ALLOW NAGIOS TO CHECK SERVICE STATUS
Defaults:nagios !requiretty
nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_init_service

# ASTERISK-SPECIFIC CHECKS
# NOTE: You can uncomment the following line if you are monitoring Asterisk locally
#nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_asterisk_sip_peers.sh, /usr/local/nagios/libexec/nagisk.pl, /usr/sbin/asterisk
Maybe something changed with the say sudo or PAM works? Selinux is still totally disabled, by the way.
amunter
Posts: 33
Joined: Wed Aug 01, 2018 1:08 pm

Re: errors on cron and ssh checks after centos update

Post by amunter »

Code: Select all

# grep -R 'check_init_service' /usr/local/nagios/etc
/usr/local/nagios/etc/nrpe/common.cfg:command[check_init_service]=sudo /usr/local/nagios/libexec/check_init_service $ARG1$
/usr/local/nagios/etc/nrpe/common.cfg.save:command[check_init_service]=sudo /usr/local/nagios/libexec/check_init_service $ARG1$
# ps aux | grep nrpe
root      8295  0.0  0.0 112708   976 pts/0    S+   12:46   0:00 grep --color=auto nrpe
I'm not surprised that nrpe isn't running because it gets launched through xinetd in my case.
amunter
Posts: 33
Joined: Wed Aug 01, 2018 1:08 pm

Re: errors on cron and ssh checks after centos update

Post by amunter »

Figured it out!

The password had expired on the nagios account and somehow the yum update must have loaded a new PAM config file that started enforcing expiration. I set the password to never expire on the nagios user and now it works. Even though it didn't need the password to sudo, it still failed because the non-existent password had expired.

Thanks for the help steering me through what I should be looking at to fix it, and please feel free to close this.
Locked