Page 1 of 2
Raspbian NRPE - Received 0 bytes from daemon
Posted: Tue Apr 12, 2016 7:26 am
by WillemDH
Trying to monitor a Raspberry, but stuck on
Code: Select all
/usr/local/nagios/libexec/check_nrpe -H f1reberry.outsideit.net -t 30 -p 5666 -c check_users -a '-w 2 -c 5'
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.
dont_blame_nrpe is set to 1 in the nrpe.cfg config file:
Code: Select all
cat /etc/nagios/nrpe.cfg | grep blame
dont_blame_nrpe=1
NRPE is listening:
Code: Select all
/usr/local/nagios/libexec/check_nrpe -H f1reberry.outsideit.net -p 5666
NRPE v2.15
Without args I get a proper help message:
Code: Select all
/usr/local/nagios/libexec/check_nrpe -H f1reberry.outsideit.net -t 30 -p 5666 -c check_users
check_users: Warning threshold must be a positive integer
Usage:
check_users -w <users> -c <users>
So why could this not be working when using args and dont_blame_nrpe set to 1? I saw some threads about compiling nrpe at installation by configuring the binary with –enable-command-args. But there must be a way to enable this post installation?
I installed nrpe with
Code: Select all
apt-get install nagios-nrpe-server,nagios-plugins
This is my complete nrpe.cfg:
Code: Select all
log_facility=daemon
pid_file=/var/run/nagios/nrpe.pid
server_port=5666
#server_address=127.0.0.1
nrpe_user=nagios
nrpe_group=nagios
allowed_hosts=127.0.0.1,212.71.234.84
dont_blame_nrpe=1
allow_bash_command_substitution=0
# command_prefix=/usr/bin/sudo
debug=0
command_timeout=60
connection_timeout=300
#allow_weak_random_seed=1
#include=<somefile.cfg>
#include_dir=<somedirectory>
#include_dir=<someotherdirectory>
#command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
#command[check_load]=/usr/lib/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
#command[check_hda1]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1
#command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
#command[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 150 -c 200
command[check_users]=/usr/lib/nagios/plugins/check_users -w $ARG1$ -c $ARG2$
command[check_load]=/usr/lib/nagios/plugins/check_load -w $ARG1$ -c $ARG2$
command[check_disk]=/usr/lib/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
command[check_procs]=/usr/lib/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
include=/etc/nagios/nrpe_local.cfg
include_dir=/etc/nagios/nrpe.d/
NRPE has been restarted:
Code: Select all
/etc/init.d/nagios-nrpe-server restart
[ ok ] Restarting nagios-nrpe-server (via systemctl): nagios-nrpe-server.service.
Any help is welcome.
Re: Raspbian NRPE - Received 0 bytes from daemon
Posted: Tue Apr 12, 2016 9:13 am
by hsmith
I haven't used the NRPE package from apt on my Pi, but I do know if you don't compile with enable command args, it's generally not going to allow arguments. AFAIK the answer has always been recompile. Even if you enable dont_blame_nrpe=1, it's still going to need that flag set at the time of being compiled.
Re: Raspbian NRPE - Received 0 bytes from daemon
Posted: Tue Apr 12, 2016 12:17 pm
by WillemDH
I'm guessing you followed this procedure?
https://www.raspberrypi.org/forums/view ... 6&t=105002
I basically followed this one:
https://viewsby.wordpress.com/2013/02/1 ... ntudebian/
So why on earth would the nrpe package from apt not install with –enable-command-args? Would there be some way to specify that while installing? It seems very weird to me that there would be no way to do. I'm automating the whole install procedure with an unattended net installer by the way.
https://github.com/willemdh/raspbian-ua-netinst
Here is my post-install.txt and naf_raspbian_config.sh which runs at first login.
https://github.com/willemdh/naf_linux_raspbian_config
If I can just install the apt packages, it's easier by just specifying the required packages in installer-onfig.txt:
Code: Select all
packages=apt-utils,vim,aptitude,apt-file,git,mlocate,bc,sysstat,dos2unix,iptables,xrdp,sudo,gcc,libssl-dev,build-essential,nagios-nrpe-server,nagios-plugins
Else I have to:
Code: Select all
-WriteLog Verbose Info "- Downloading NRPE"
-wget https://github.com/NagiosEnterprises/nrpe/archive/nrpe-2-15.tar.gz -O /tmp/nrpe-2-15.tar.gz > /dev/null 2>&1
-WriteLog Verbose Info "- Unpacking NRPE"
-tar -zxvf /tmp/nrpe-2-15.tar.gz -C /usr/local/nagios > /dev/null 2>&1
-mv /usr/local/nagios/nrpe-nrpe-2-15/ /usr/local/nagios/nrpe-2-15/
-WriteLog Verbose Info "- Creating symbolic link so NRPE can find the ARM SSL library"
-sudo ln -s /usr/lib/arm-linux-gnueabihf/libssl.so /usr/lib/libssl.so
-WriteLog Verbose Info "- Build NRPE - Configure"
-/usr/local/nagios/nrpe-2-15/configure --with-ssl=/usr/bin/openssl --with-ssl-lib=/usr/lib/arm-linux-gnueabihf
-WriteLog Verbose Info "- Build NRPE - Adding nagios user"
-useradd nagios
-WriteLog Verbose Info "- Build NRPE - make all"
-make all
-WriteLog Verbose Info "- Build NRPE - make install"
-make install
-WriteLog Verbose Info "- Build NRPE - make install-plugin"
-make install-plugin
-WriteLog Verbose Info "- Build NRPE - make install-daemon"
-make install-daemon
So in what step would I have to set –enable-command-args?
Grtz
Re: Raspbian NRPE - Received 0 bytes from daemon
Posted: Tue Apr 12, 2016 1:41 pm
by hsmith
WillemDH wrote:I'm guessing you followed this procedure?
I don't actually have NRPE running on my Pi. I'll go ahead and give it a go and let you know though.
WillemDH wrote:So why on earth would the nrpe package from apt not install with –enable-command-args? Would there be some way to specify that while installing? It seems very weird to me that there would be no way to do. I'm automating the whole install procedure with an unattended net installer by the way.
https://github.com/willemdh/raspbian-ua-netinst
That command is considered insecure by many, as you can pass some nasty stuff to NRPE if you're not careful with your settings. Hardcoding what commands can be passed is safer than trying to limit what can't. Whitelist vs blacklist.
Let me test the NRPE available on Raspbian and get back to you. I may not have time today to test this, and I'm going out of town for the rest of the week, so it may be Sunday when you hear back. I won't forget about you though
Re: Raspbian NRPE - Received 0 bytes from daemon
Posted: Wed Apr 20, 2016 2:10 pm
by WillemDH
Holden, did you have the chance to test the package? Grtz
Re: Raspbian NRPE - Received 0 bytes from daemon
Posted: Wed Apr 20, 2016 3:43 pm
by hsmith
Hey Willem, I got it installed, but when I went to work on it today(sorry, it's been a hectic week again), I realize I don't have port forwarding for 5666 on my home network, nor do I have access to my router interface to fix that from outside my home network. I'll fix it up tonight.
Re: Raspbian NRPE - Received 0 bytes from daemon
Posted: Thu Apr 21, 2016 3:56 am
by WillemDH
Np, take your time. Attached my pot forwarding router config.
Re: Raspbian NRPE - Received 0 bytes from daemon
Posted: Thu Apr 21, 2016 12:07 pm
by hsmith
Got my port forwarding set up. I've been unsuccessful in all attempts to enable command arguments so far using the package nagios-nrpe-server package from apt. I'll look around apt and see if there is another package, plus see if I can find out who is the maintainer of that package(I may be unsuccessful in both of these attempts, doesn't hurt to try though.) I have a feeling if you want to use apt to install nrpe, you might be stuck without command arguments. It might be worthwhile to use some automation to push out a new nrpe.cfg file with the commands you want instead of compiling on each machine.
Re: Raspbian NRPE - Received 0 bytes from daemon
Posted: Thu Apr 21, 2016 1:09 pm
by WillemDH
Holden,
It would seem perfectly logically to have some way to allow arguments after installation imho? I can't see a reason why this would not be technically possible..
Grtz
Re: Raspbian NRPE - Received 0 bytes from daemon
Posted: Thu Apr 21, 2016 1:13 pm
by hsmith
I agree with you. I'll talk to
@jfrickson. The thing is though, if we're not the maintainers of that package on apt, we can't do a thing about it. The version on there is already 2 versions behind. I've reached out to our developers to try to find out who the maintainer of the package is, I'm still waiting for a response.