On the monitored host, it works without a flaw:
Code: Select all
[rks@vns-iweprd-1 ~]$ /opt/jabber/nagios/libexec/check_swap -w 70% -c 60%
SWAP OK - 100% free (4094 MB out of 4094 MB) |swap=4094MB;2866;2456;0;4094
[rks@vns-iweprd-1 ~]$ echo $?
0
[rks@vns-iweprd-1 ~]$
Here is some additional data:
If I run it as root, it works fine (on my nagios manager):
Code: Select all
[root@ctvmanager ~]# who am i
root pts/0 2013-06-28 15:06 (sjc-rks-8916.cisco.com)
[root@ctvmanager ~]#
root@ctvmanager ~]# /usr/local/nagios/libexec/check_by_ssh -l rks -i /etc/nagios/.ssh/id_dsa -H vns-iweprd-1 -C /users/rks/check_load -E
OK - load average: 0.02, 0.04, 0.01|load1=0.020;75.000;90.000;0; load5=0.040;80.000;95.000;0; load15=0.010;85.000;99.000;0;
[root@ctvmanager ~]# echo $?
0
[root@ctvmanager ~]#
If I run it the same command as nagios user, I get a 255:
Code: Select all
[root@ctvmanager ~]# su - nagios -c '/usr/local/nagios/libexec/check_by_ssh -l rks -i /etc/nagios/.ssh/id_dsa -H vns-iweprd-1 -C /users/rks/check_load -E'
UNKNOWN - check_by_ssh: Remote command '/users/rks/check_load' returned status 255
[root@ctvmanager ~]# echo $?
255
[root@ctvmanager ~]#
If I leave out the -E option, I get a 'host key verification failure':
Code: Select all
[root@ctvmanager ~]# su - nagios -c '/usr/local/nagios/libexec/check_by_ssh -l rks -i /etc/nagios/.ssh/id_dsa -H vns-iweprd-1 -C /users/rks/check_load'
Remote command execution failed: Host key verification failed.
[root@ctvmanager ~]# echo $?
3
[root@ctvmanager ~]# su - nagios -c '/usr/local/nagios/libexec/check_by_ssh -v -l rks -i /etc/nagios/.ssh/id_dsa -H vns-iweprd-1 -C /users/rks/check_load -E'
Command: /usr/bin/ssh
Argument 1: -l
Argument 2: rks
Argument 3: -i
Argument 4: /etc/nagios/.ssh/id_dsa
Argument 5: vns-iweprd-1
Argument 6: /users/rks/check_load
UNKNOWN - check_by_ssh: Remote command '/users/rks/check_load' returned status 255
[root@ctvmanager ~]# echo $?
255
[root@ctvmanager ~]#
Could I, to sidestep this problem, run Nagios services as root? Would it cause any problems, outside of the security
vulnerabilities caused by running a services as root?
thanks,