Page 1 of 2
Unable to open ~nagios/var/rw/nagios.cmd
Posted: Wed Apr 09, 2014 6:00 pm
by forrie
We have a brand new nagios-4.0.4 installation that I've been testing. The first time around, I ran into this error. I'm convinced it's not a permissions problem on that directory, nor is it a group membership issue (nagios is in the apache group). I re-did the installation (kickstart VM) and performed a very vanilla install, with only "localhost" and the problem persists.
The system I have is CentOS 6.5 (up-to-date) 64-bit.
Prior to this, I compared the permissions to our working 3.x system, and they are exactly the same. This leads me to believe the error is obscured -- and I'm at a loss as to what the issue is.
Code: Select all
drwxrwsr-x 2 nagios nagios 4096 Apr 9 18:54 .
drwxrwxr-x 5 nagios nagios 4096 Apr 9 19:00 ..
prw-rw---- 1 nagios nagios 0 Apr 9 18:54 nagios.cmd
srw-rw---- 1 nagios nagios 0 Apr 9 18:54 nagios.qh
Anyone run into this with the 4.x release? Pointers would be appreciated.
Code: Select all
Error: Could not open command file '/usr/local/nagios/var/rw/nagios.cmd' for update!
The permissions on the external command file and/or directory may be incorrect. Read the FAQs on how to setup proper permissions.
An error occurred while attempting to commit your command for processing.
Return from whence you came
Re: Unable to open ~nagios/var/rw/nagios.cmd
Posted: Thu Apr 10, 2014 10:40 am
by sreinhardt
Could you post the output from the following commands please.
Code: Select all
ll -d /usr/local/nagios/var/rw
ll -d /usr/local/nagios/var
ll -d /usr/local/nagios/
grep -i 'nag' /etc/group
grep -i 'nag' /etc/passwd
Re: Unable to open ~nagios/var/rw/nagios.cmd
Posted: Thu Apr 10, 2014 11:50 am
by forrie
We are also using LDAP for UID/GID, and I wonder if this plays a part in the issue (SSSD). Here is the output (below). I did experiment by adding these to /etc/passwd and /etc/group, as our nsswitch.conf has "files" as a first lookup, but that had no affect.
Thanks!
Code: Select all
# ll -d /usr/local/nagios/var/rw
drwxrwsr-x 2 nagios nagios 4096 Apr 9 18:54 /usr/local/nagios/var/rw
# ll -d /usr/local/nagios/var
drwxrwxr-x 5 nagios nagios 4096 Apr 10 12:47 /usr/local/nagios/var
# ll -d /usr/local/nagios/
drwxr-xr-x 9 root root 4096 Apr 9 18:28 /usr/local/nagios/
# grep -i 'nag' /etc/group
# grep -i 'nag' /etc/passwd
Re: Unable to open ~nagios/var/rw/nagios.cmd
Posted: Thu Apr 10, 2014 12:57 pm
by sreinhardt
Yes that is definitely a possibility. Are you able to su to the nagios user and open\read the nagios.cmd file? Otherwise I would agree all of those permissions look just fine.
Re: Unable to open ~nagios/var/rw/nagios.cmd
Posted: Thu Apr 10, 2014 3:28 pm
by forrie
I am able to su to nagios and access the nagios.cmd file without any problems.
Again, this is on a brand new installation (from source). SELinux is not a factor, there are no ACLs on that directory structure. I am able to repeat this error each time, without changing anything.
Re: Unable to open ~nagios/var/rw/nagios.cmd
Posted: Fri Apr 11, 2014 11:26 am
by lmiltchev
If during the nagios installation you ran:
Code: Select all
./configure --with-command-group=nagcmd
you will have to change the permissions as such:
Code: Select all
chown nagios:nagcmd /usr/local/nagios/var/rw
chown nagios:nagcmd /usr/local/nagios/var/rw/nagios.cmd
Let me know if this helped.
Re: Unable to open ~nagios/var/rw/nagios.cmd
Posted: Fri Apr 11, 2014 4:13 pm
by forrie
This is what the lot was compiled with:
Code: Select all
./configure --with-nagios-user=nagios --with-nagios-group=nagios
Re: Unable to open ~nagios/var/rw/nagios.cmd
Posted: Mon Apr 14, 2014 1:10 pm
by lmiltchev
In this case your permissions should be correct. Have you tried setting up a test install without using LDAP?
Re: Unable to open ~nagios/var/rw/nagios.cmd
Posted: Mon Apr 14, 2014 4:17 pm
by forrie
Nagios itself isn't using LDAP, and other parts of Nagios appear to be working fine. I will look into reconfiguring the VM to use standard logins and see if that makes a difference.
Re: Unable to open ~nagios/var/rw/nagios.cmd
Posted: Mon Apr 14, 2014 4:27 pm
by forrie
Logging in with a regular account, with LDAP/SSSD disabled, had no effect. When I went to reschedule a check, it gave the same error.
That is, I disabled LDAP/SSSD and added a local user (me) along with a local "nagios" user and "nagios" group.