Re: [Nagios-devel] Solaris 10: Running nrpe in a non-global
Posted: Wed Jul 08, 2009 10:58 pm
This is a multi-part message in MIME format.
------_=_NextPart_001_01CA0026.3F7BBC5A
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Thanks for replies, guys!
=20
I can run nrpe in global zones under SMF. I can even get nrpe in the
non-global zones to run with the command:
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i
root@vz3haadp01# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12
=20
*BUT*, when I run it under SMF in the non-global zones I get the SSL
handshake error. In the global zone this works just fine. It's just the
non-global that is causing me a headache.
=20
I've verified that the results from:
inetadm -l svc:/network/nrpe/tcp:default
the evil /etc/nsswitch.conf
/etc/services
crle
ldd
/var/svc/manifest/network/nrpe-tcp.xml
=20
Are the same between the global and the non-global.
=20
See, my ldd shows no errors:
=20
bash-3.00# ldd /usr/local/nagios/bin/nrpe
libssl.so.0.9.7 =3D> /usr/sfw/lib/libssl.so.0.9.7
libcrypto.so.0.9.7 =3D> /usr/sfw/lib/libcrypto.so.0.9.7
libnsl.so.1 =3D> /lib/libnsl.so.1
libsocket.so.1 =3D> /lib/libsocket.so.1
libc.so.1 =3D> /lib/libc.so.1
libmp.so.2 =3D> /lib/libmp.so.2
libmd.so.1 =3D> /lib/libmd.so.1
libscf.so.1 =3D> /lib/libscf.so.1
libdoor.so.1 =3D> /lib/libdoor.so.1
libuutil.so.1 =3D> /lib/libuutil.so.1
libgen.so.1 =3D> /lib/libgen.so.1
libssl_extra.so.0.9.7 =3D>
/usr/sfw/lib/libssl_extra.so.0.9.7
libcrypto_extra.so.0.9.7 =3D>
/usr/sfw/lib/libcrypto_extra.so.0.9.7
libm.so.2 =3D> /lib/libm.so.2
=20
I've kept adding and adding to the crle file:
=20
bash-3.00# crle
=20
Configuration file [version 4]: /var/ld/ld.config
Default Library Path (ELF):
/lib:/usr/lib:/usr/sfw/lib:/usr/local/lib
Trusted Directories (ELF): /lib/secure:/usr/lib/secure (system
default)
=20
Command line:
crle -c /var/ld/ld.config -l /lib:/usr/lib:/usr/sfw/lib:/usr/local/lib
=20
BUT, since nrpe works in the non-global when not running under SMF, this
seems to be strictly an SMF issue.
=20
Here's my manifest values for both the good and bad zones:
=20
bash-3.00# inetadm -l svc:/network/nrpe/tcp:default
SCOPE NAME=3DVALUE
name=3D"nrpe"
endpoint_type=3D"stream"
proto=3D"tcp"
isrpc=3DFALSE
wait=3DFALSE
exec=3D"/usr/sfw/sbin/tcpd -c /usr/local/nagios/etc/nrpe.cfg =
-i"
arg0=3D"/usr/local/nagios/bin/nrpe"
user=3D"nagios"
default bind_addr=3D""
default bind_fail_max=3D-1
default bind_fail_interval=3D-1
default max_con_rate=3D-1
default max_copies=3D-1
default con_rate_offline=3D-1
default failrate_cnt=3D40
default failrate_interval=3D60
default inherit_env=3DTRUE
default tcp_trace=3DFALSE
tcp_wrappers=3DTRUE
default connection_backlog=3D10
=20
Also, in my /etc/nsswitch.conf all of the LDAP references have been
removed. Every attribute is 'files'.
=20
I'm out of ideas here! Does anyone see anything that I may be missing in
the setup?
=20
=20
Thanks!
=20
Justin Amburn
=20
________________________________
From: Grant Byers [mailto:[email protected]]=20
Sent: Monday, July 06, 2009 8:05 PM
To: Nagios Developers List
Subject: Re: [Nagios-devel] Solaris 10: Running nrpe in a non-global
zone
=20
I'm running NRPE in non-global Solaris 10 zones. Either configure &
build with LDFLAGS=3D"-R/usr/sfw/lib", or add /usr/sfw/lib to the =
runtime
linker search path. See crle(1).
=20
Regards,
Grant
=20
2009/7/7 Justin Amburn
Hi all,
Does anyone know what custom tweaks need to happen to get nrpe running
in non-global zones on a Solaris 10 box? It's working good in the global
zone, but I get the darned SSL handshake error inside the non-globals.
I'm guessing this is an environment var or LD link issue. Any ideas?
Thanks,
Justin Amburn
------------------------------------------------------------------------
------
_______________________________________________
Nagios-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/lis ... gios-devel
=20
-
...[email truncated]...
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: rant Byers [mailto:[email protected]]=2
------_=_NextPart_001_01CA0026.3F7BBC5A
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Thanks for replies, guys!
=20
I can run nrpe in global zones under SMF. I can even get nrpe in the
non-global zones to run with the command:
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i
root@vz3haadp01# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12
=20
*BUT*, when I run it under SMF in the non-global zones I get the SSL
handshake error. In the global zone this works just fine. It's just the
non-global that is causing me a headache.
=20
I've verified that the results from:
inetadm -l svc:/network/nrpe/tcp:default
the evil /etc/nsswitch.conf
/etc/services
crle
ldd
/var/svc/manifest/network/nrpe-tcp.xml
=20
Are the same between the global and the non-global.
=20
See, my ldd shows no errors:
=20
bash-3.00# ldd /usr/local/nagios/bin/nrpe
libssl.so.0.9.7 =3D> /usr/sfw/lib/libssl.so.0.9.7
libcrypto.so.0.9.7 =3D> /usr/sfw/lib/libcrypto.so.0.9.7
libnsl.so.1 =3D> /lib/libnsl.so.1
libsocket.so.1 =3D> /lib/libsocket.so.1
libc.so.1 =3D> /lib/libc.so.1
libmp.so.2 =3D> /lib/libmp.so.2
libmd.so.1 =3D> /lib/libmd.so.1
libscf.so.1 =3D> /lib/libscf.so.1
libdoor.so.1 =3D> /lib/libdoor.so.1
libuutil.so.1 =3D> /lib/libuutil.so.1
libgen.so.1 =3D> /lib/libgen.so.1
libssl_extra.so.0.9.7 =3D>
/usr/sfw/lib/libssl_extra.so.0.9.7
libcrypto_extra.so.0.9.7 =3D>
/usr/sfw/lib/libcrypto_extra.so.0.9.7
libm.so.2 =3D> /lib/libm.so.2
=20
I've kept adding and adding to the crle file:
=20
bash-3.00# crle
=20
Configuration file [version 4]: /var/ld/ld.config
Default Library Path (ELF):
/lib:/usr/lib:/usr/sfw/lib:/usr/local/lib
Trusted Directories (ELF): /lib/secure:/usr/lib/secure (system
default)
=20
Command line:
crle -c /var/ld/ld.config -l /lib:/usr/lib:/usr/sfw/lib:/usr/local/lib
=20
BUT, since nrpe works in the non-global when not running under SMF, this
seems to be strictly an SMF issue.
=20
Here's my manifest values for both the good and bad zones:
=20
bash-3.00# inetadm -l svc:/network/nrpe/tcp:default
SCOPE NAME=3DVALUE
name=3D"nrpe"
endpoint_type=3D"stream"
proto=3D"tcp"
isrpc=3DFALSE
wait=3DFALSE
exec=3D"/usr/sfw/sbin/tcpd -c /usr/local/nagios/etc/nrpe.cfg =
-i"
arg0=3D"/usr/local/nagios/bin/nrpe"
user=3D"nagios"
default bind_addr=3D""
default bind_fail_max=3D-1
default bind_fail_interval=3D-1
default max_con_rate=3D-1
default max_copies=3D-1
default con_rate_offline=3D-1
default failrate_cnt=3D40
default failrate_interval=3D60
default inherit_env=3DTRUE
default tcp_trace=3DFALSE
tcp_wrappers=3DTRUE
default connection_backlog=3D10
=20
Also, in my /etc/nsswitch.conf all of the LDAP references have been
removed. Every attribute is 'files'.
=20
I'm out of ideas here! Does anyone see anything that I may be missing in
the setup?
=20
=20
Thanks!
=20
Justin Amburn
=20
________________________________
From: Grant Byers [mailto:[email protected]]=20
Sent: Monday, July 06, 2009 8:05 PM
To: Nagios Developers List
Subject: Re: [Nagios-devel] Solaris 10: Running nrpe in a non-global
zone
=20
I'm running NRPE in non-global Solaris 10 zones. Either configure &
build with LDFLAGS=3D"-R/usr/sfw/lib", or add /usr/sfw/lib to the =
runtime
linker search path. See crle(1).
=20
Regards,
Grant
=20
2009/7/7 Justin Amburn
Hi all,
Does anyone know what custom tweaks need to happen to get nrpe running
in non-global zones on a Solaris 10 box? It's working good in the global
zone, but I get the darned SSL handshake error inside the non-globals.
I'm guessing this is an environment var or LD link issue. Any ideas?
Thanks,
Justin Amburn
------------------------------------------------------------------------
------
_______________________________________________
Nagios-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/lis ... gios-devel
=20
-
...[email truncated]...
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: rant Byers [mailto:[email protected]]=2