Page 1 of 2
NRPE install failing on firewall [CentOS 7]
Posted: Thu Dec 03, 2015 2:59 pm
by eloyd
Customer is trying to put the NRPE client onto CentOS 7 boxes and getting this:
Code: Select all
Running './4-firewall'...
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
FirewallD is not running
RESULT=252
===================
INSTALLATION ERROR!
===================
Installation step failed - exiting.
Check for error messages in the install log (install.log).
If you require assistance in resolving the issue, please include install.log
in your communications with Nagios XI technical support.
The script that failed was: './4-firewall'
Install steps were:
Code: Select all
yum -y install wget openssl-devel
cd /tmp
wget http://assets.nagios.com/downloads/nagiosxi/agents/linux-nrpe-agent.tar.gz
tar xzf linux-nrpe-agent.tar.gz
cd linux-nrpe-agent
./fullinstall
There is no firewall running on this server.
Re: NRPE install failing on firewall [CentOS 7]
Posted: Thu Dec 03, 2015 4:09 pm
by rkennedy
If no firewall is on the server, then that could be the reasoning. Try modifying the fullinstall script and removing this line -
Re-run it, and let us know the results.
Re: NRPE install failing on firewall [CentOS 7]
Posted: Thu Dec 03, 2015 4:51 pm
by eloyd
I can confirm that it is due to no iptables installed. Iptables is deprecated on CentOS 7 so the install script should be updated to detect the absence of iptables rather than failing.
Re: NRPE install failing on firewall [CentOS 7]
Posted: Thu Dec 03, 2015 5:22 pm
by hsmith
If you turn on firewalld, does it complete? I think this may have happened when I was installing on one of my VPS.
Re: NRPE install failing on firewall [CentOS 7]
Posted: Fri Dec 04, 2015 8:44 am
by eloyd
It works if one installs iptables. I consider this a failure of the install script that it fails to detect a system that does not have firewall software installed and then aborts the install. In this particular case, our customer is running embedded Linux on hardware controllers for things like commercial freezers and conveyor belt systems. VERY limited memory space and firewalls are simply not required. I would rather see the install script probe for firewalld and/or iptables and just continue if they're not installed. That would make more sense.
Re: NRPE install failing on firewall [CentOS 7]
Posted: Fri Dec 04, 2015 11:04 am
by hsmith
I'll do some testing versus this, and then get a bug report over to John if I can reproduce it. You're saying the script doesn't behave if there is no iptables, even if firewalld is present?
Re: NRPE install failing on firewall [CentOS 7]
Posted: Fri Dec 04, 2015 11:12 am
by eloyd
My testing indicated that iptables needed to be installed, but I am out of the office today. I can check on Monday.
Re: NRPE install failing on firewall [CentOS 7]
Posted: Fri Dec 04, 2015 11:14 am
by hsmith
I just did yum remove iptables on my new machine. I believe that removes firewalld as well, since it's just a frontend for iptables. I just want to make sure I get all the relevant information before I submit anything.
Re: NRPE install failing on firewall [CentOS 7]
Posted: Fri Dec 04, 2015 11:31 am
by hsmith
Reproduced, internal bug report submitted. The workaround is just
touch installed.firewall, but there should be no need for a workaround
Re: NRPE install failing on firewall [CentOS 7]
Posted: Mon Dec 07, 2015 1:38 pm
by eloyd
Thanks. As soon as our test box finishes getting upgraded VMware management, I'll double check that that's do-able for our customer.