Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

check_ro_mounts not working

https://support.nagios.com/forum/viewtopic.php?t=38908

Page 1 of 2

check_ro_mounts not working

Posted: Thu Jun 16, 2016 9:09 am
by sify_nagios
Hi Team,

I tried to implement Read only check on unix servers using check_ro_mounts.

https://exchange.nagios.org/index.php?o ... &Itemid=74

Locally the script working like Charm ! Kudos.

BUT.. when i called it from nagios it returns NRPE: Unable to read output. Other parameters and scripts were working fine.

Here is the list what i have performed (client server).

1) SCP the file into libexec path.
2) Provided permission to execute.
3) Inserted the command in common.cfg

Executing following command from nagios server.

/usr/local/nagios/libexec/check_nrpe -H IPADDRESS -c check_ro_mounts
Output : NRPE: Unable to read output

What i am doing wrong. Even i tried to provide nagios user permission to check_ro_mounts also entered the command in sudoers. No luck.

Kindly help me out.

Thanks in advance.
Srini

Re: check_ro_mounts not working

Posted: Thu Jun 16, 2016 9:35 am
by rkennedy
When you're running it locally on the machine, are you doing so using the root user or the user NRPE is running as? (usually nagios) If it's working as root, but not nagios, usually a sudoers entry is all that's needed. Then, setup your NRPE definition with sudo in front of it.

Could you post your check_ro_mounts definition from your NRPE.cfg on the client side?

Re: check_ro_mounts not working

Posted: Mon Jun 20, 2016 12:26 am
by sify_nagios
Hi Team,

It works with both nagios user as well as root user.

I put command definition in common.cfg not in nrep.cfg. Find below entry from common.cfg.

command[check_ro_mounts]=sudo /usr/local/nagios/libexec/check_ro_mounts -x /store/

Please guide us.

Rgds
Srini.

Re: check_ro_mounts not working

Posted: Mon Jun 20, 2016 1:19 am
by Box293
We can turn on NRPE debugging to collect more information.

Edit the file:
/usr/local/nagios/etc/nrpe.cfg

Define
debug=1
(it will currently be debug=0)

Save the file and

Code: Select all

service xinetd restart
Now we need to add an option to the rsyslog server so it processes debug messages
Edit the file:
/etc/rsyslogd.conf
Find /var/log/messages
The line in the config file will look like:
*.info;mail.none;authpriv.none;cron.none /var/log/messages

We need to add the following to the line:
*.info;mail.none;authpriv.none;cron.none;daemon.debug /var/log/messages

Save the file and

Code: Select all

service rsyslog restart
Now there should be more information logged in /var/log/messages

Executing following command from nagios server.

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H IPADDRESS -c check_ro_mounts
What is being logged in /var/log/messages on the remote machine?

Re: check_ro_mounts not working

Posted: Mon Jun 20, 2016 5:53 am
by sify_nagios
Hi Team,

Please find the below entries from rsyslog of client server while executing command from nagios server.

Code: Select all


Jun 20 16:17:40 segment-119-227 xinetd[31771]: START: nrpe pid=20515 from=::ffff:192.168.***.***
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_init_service]=sudo /usr/local/nagios/libexec/check_init_service $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_services]=/usr/local/nagios/libexec/check_services -p $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_ntp]=/usr/local/nagios/libexec/check_ntp -H 192.168.98.52
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_ro_mounts]=sudo /usr/local/nagios/libexec/check_ro_mounts
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_disk_inodes]=/usr/local/nagios/libexec/check_disk_inodes $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_users]=/usr/local/nagios/libexec/check_users $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_load]=/usr/local/nagios/libexec/check_load $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_swap]=/usr/local/nagios/libexec/check_swap $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_cpu_stats]=/usr/local/nagios/libexec/check_cpu_stats.sh $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_mem]=/usr/local/nagios/libexec/custom_check_mem -n $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_yum]=/usr/local/nagios/libexec/check_yum
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_apt]=/usr/local/nagios/libexec/check_apt
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_disk]=/usr/local/nagios/libexec/check_disk $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_ide_smart]=/usr/local/nagios/libexec/check_ide_smart $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_all_procs]=/usr/local/nagios/libexec/custom_check_procs
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_procs]=/usr/local/nagios/libexec/check_procs $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_open_files]=/usr/local/nagios/libexec/check_open_files.pl $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_netstat]=/usr/local/nagios/libexec/check_netstat.pl -p $ARG1$ $ARG2$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_asterisk]=/usr/local/nagios/libexec/check_asterisk.pl $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_sip]=/usr/local/nagios/libexec/check_sip $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_asterisk_sip_peers]=sudo /usr/local/nagios/libexec/check_asterisk_sip_peers.sh $ARG1$
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_asterisk_version]=/usr/local/nagios/libexec/nagisk.pl -c version
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_asterisk_peers]=/usr/local/nagios/libexec/nagisk.pl -c peers
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_asterisk_channels]=/usr/local/nagios/libexec/nagisk.pl -c channels
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_asterisk_zaptel]=/usr/local/nagios/libexec/nagisk.pl -c zaptel
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Added command[check_asterisk_span]=/usr/local/nagios/libexec/nagisk.pl -c span -s 1
Jun 20 16:17:40 segment-119-227 nrpe[20515]: INFO: SSL/TLS initialized. All network traffic will be encrypted.
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Handling the connection...
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Host is asking for command 'check_ro_mounts' to be run...
Jun 20 16:17:40 segment-119-227 nrpe[20515]: Running command: sudo /usr/local/nagios/libexec/check_ro_mounts
Jun 20 16:17:41 segment-119-227 nrpe[20515]: Command completed with return code 1 and output:
Jun 20 16:17:41 segment-119-227 nrpe[20515]: Return Code: 1, Output: NRPE: Unable to read output
Jun 20 16:17:41 segment-119-227 xinetd[31771]: EXIT: nrpe status=0 pid=20515 duration=1(sec)
Rgds
Srini

Re: check_ro_mounts not working

Posted: Mon Jun 20, 2016 9:16 am
by lmiltchev
What i am doing wrong. Even i tried to provide nagios user permission to check_ro_mounts also entered the command in sudoers. No luck.
Can you show us the entry that you made? Have you tried adding the following line to sudoers?

Code: Select all

nagios ALL=(ALL) NOPASSWD:/usr/local/nagios/libexec/check_ro_mounts *

Re: check_ro_mounts not working

Posted: Mon Jun 20, 2016 9:22 am
by rkennedy
sify_nagios wrote:Hi Team,

It works with both nagios user as well as root user.

I put command definition in common.cfg not in nrep.cfg. Find below entry from common.cfg.

command[check_ro_mounts]=sudo /usr/local/nagios/libexec/check_ro_mounts -x /store/

Please guide us.

Rgds
Srini.
Also, can you show us the different results as the different users? When you run /usr/local/nagios/libexec/check_ro_mounts -x /store/ does it prompt for a password at all, or when you run sudo /usr/local/nagios/libexec/check_ro_mounts -x /store/? Also, you may need to pass /store/ in quotes to contain the field.

Re: check_ro_mounts not working

Posted: Mon Jun 20, 2016 9:33 am
by sify_nagios
Hi Team,

Please find the below entries for your reference.

Code: Select all

[root@segment-119-227 ~]# cat /etc/sudoers |grep check
NAGIOSXI ALL = NOPASSWD:/etc/init.d/nagios checkconfig
nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_init_service
nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_ro_mounts
#nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_asterisk_sip_peers.sh, /usr/local/nagios/libexec/nagisk.pl, /usr/sbin/asterisk
[root@segment-119-227 ~]#
Also find the below for your reference too..

Code: Select all

[root@segment-119-227 ~]# cat /usr/local/nagios/etc/nrpe/common.cfg |grep check_ro*
command[check_ro_mounts]=sudo /usr/local/nagios/libexec/check_ro_mounts
[root@segment-119-227 ~]#

Code: Select all

[root@segment-119-227 ~]# ls -lah /usr/local/nagios/libexec/check_ro_mounts
-rwxr-xr-x 1 nagios root 4.0K Jun 16 19:11 /usr/local/nagios/libexec/check_ro_mounts
[root@segment-119-227 ~]#

Code: Select all

[nagios@segment-119-227 libexec]$
[nagios@segment-119-227 libexec]$ ./check_ro_mounts
RO_MOUNTS OK: No ro mounts found
[nagios@segment-119-227 libexec]$
[nagios@segment-119-227 libexec]$
[nagios@segment-119-227 libexec]$ exit
exit
[root@segment-119-227 libexec]#
[root@segment-119-227 libexec]#
[root@segment-119-227 libexec]# ./check_ro_mounts
RO_MOUNTS OK: No ro mounts found
[root@segment-119-227 libexec]#
Rgds
Srini

Re: check_ro_mounts not working

Posted: Mon Jun 20, 2016 9:39 am
by sify_nagios
rkennedy wrote:
Also, can you show us the different results as the different users? When you run /usr/local/nagios/libexec/check_ro_mounts -x /store/ does it prompt for a password at all, or when you run sudo /usr/local/nagios/libexec/check_ro_mounts -x /store/? Also, you may need to pass /store/ in quotes to contain the field.
No its not prompting for password at any point.
Please find the earlier port with different user. Also it works fine even no attributes passed.

Rgds
Srini

Re: check_ro_mounts not working

Posted: Mon Jun 20, 2016 9:58 am
by lmiltchev
Are you passing arguments in your actual check? It seems like you are modifying the configs while we are trying to troubleshoot the issue... You have your command defined on the remote box as:

Code: Select all

command[check_ro_mounts]=sudo /usr/local/nagios/libexec/check_ro_mounts -x /store/
but now, it is defined as:

Code: Select all

command[check_ro_mounts]=sudo /usr/local/nagios/libexec/check_ro_mounts
rkennedy asked you to run the following command as two different users:

Code: Select all

/usr/local/nagios/libexec/check_ro_mounts -x /store/
but you ran:

Code: Select all

./check_ro_mounts
(no args)

Let's try the following - leave the command defined in the common.cfg as this:

Code: Select all

command[check_ro_mounts]=sudo /usr/local/nagios/libexec/check_ro_mounts
Restart xinetd (or nrpe service if NRPE is running as a standalone daemon) on the remote server:

Code: Select all

service xinetd restart
Change the following line in sudoers from this:

Code: Select all

nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_ro_mounts
to this:

Code: Select all

nagios ALL=(ALL) NOPASSWD:/usr/local/nagios/libexec/check_ro_mounts *
and test your check from the Nagios XI server:

Code: Select all

./check_nrpe -H <client ip> -c check_ro_mounts
Did you see the desired/expected output?
All times are UTC-05:00
Page 1 of 2

Powered by phpBB® Forum Software © phpBB Limited