Nagios Support Forum

I am having a problem with the offline installation of Nagios 5.5.5. The installation causes an /etc/sudoers file to become corrupted each time I install. The installation indicates that the installation is complete, but the /usr/local/nagiosxi directory is not populated with anything. I was told to try using a "touch installed.sudoers" command in the directory where I run the install from without success. I either need somehow to bypass the command (shell script) that modifies the /etc/sudoers file, or to have a version of the installation with the sudoers file modification remove.

Can you post the corrupt copy of the /etc/sudoers files?
Do you mean that the upgrade changes the sudoers file to not work in your environment for security reasons?

All,

I have provided a modified sudoers file as my installation does not allow server names, userids, or IP addresses outside our installation. The commands in red were removed from the sudoers file when the offline installation of version Nagios 5.5.5 was installed.

########################################################################
# Nagios
########################################################################

User_Alias NAGIOSXI_USERS = naguser
User_Alias NAGIOS_ALL_USERS = user1,user2,user3
User_Alias NAGIOS_INS_USERS = user4,user1,uwer2,user3,user5,user6

########################################################################
## Temporary Access For Install - 10-08-2018 brw04 #####################

User_Alias NAGIOS_TST_USERS = user3
Host_Alias NAGIOS_TST_TARGETS = servea0
Cmnd_Alias NAGIOS_TST_COMMANDS = ALL

########################################################################

Host_Alias NAGIOSXI_TARGETS = serve00,servefb0,servefb1,serverb0,serverb1,servewb0,servewb1,servewb2, \
servewb3,servetb0,servesb0
Host_Alias NAGIOS_ALL_TARGETS = serve00

Host_Alias NAGIOS_INS_TARGETS = server10,server11,server12,server13,server14,servera0,serverc0,serverd0, \
servrr16,servrr51,servrra2,servrrb0,servrrb1,servrrb2,servrrb3,servrrb4, \
servrrb6,servrrb7,servrrc1,servrrd1,servef10,servef11,servefa0,servefc0, \
servefd0,servff51,servffa2,servffb0,servffb1,servffc1,serves10,serves51, \
servesa1,servesa2,servesb1,servesc0,servesc1,servesd0,servess1,servss10, \
servss11,servssb0,servssb1,servssd0,servssd6,servet10,ntmsssb0,servew11, \
servew12,servewa0,servewc0,servewd0,servww13,servww14,servww51,servwwa2, \
servwwb1,servwwb2,servwwb3,servwwb4,servwwc1,servwwd0,servwwd5,servwwd6, \
servwwd7,servrr17,servwwc0,servrr16,servrr17,servss10,servss11,servww13, \
servww14,servssc00
Cmnd_Alias NAGIOSXI_COMMANDS = /etc/init.d/nagios start, \
/etc/init.d/nagios stop, \
/etc/init.d/nagios restart, \
/etc/init.d/nagios reload, \
/etc/init.d/nagios status, \
/etc/init.d/nagios checkconfig, \
/etc/init.d/ndo2db start, \
/etc/init.d/ndo2db stop, \
/etc/init.d/ndo2db restart, \
/etc/init.d/ndo2db reload, \
/etc/init.d/ndo2db status, \
/etc/init.d/npcd start, \
/etc/init.d/npcd stop, \
/etc/init.d/npcd restart, \
/etc/init.d/npcd reload, \
/etc/init.d/npcd status, \
/usr/bin/php /usr/local/nagiosxi/html/includes/components/autodiscovery/scripts/autodiscover_new.php * , \
/usr/local/nagiosxi/html/includes/components/profile/getprofile.sh, \
/usr/local/nagiosxi/scripts/upgrade_to_latest.sh, \
/usr/local/nagiosxi/scripts/change_timezone.sh, \
/usr/local/nagiosxi/scripts/manage_services.sh * , \
/usr/local/nagiosxi/scripts/reset_config_perms.sh, \
/usr/local/nagiosxi/scripts/backup_xi.sh * , \
/usr/local/nagios/libexec/check_init_service -a 'cron' , \
/usr/local/nagios/libexec/check_init_service -a 'sshd' , \
/usr/local/nagios/libexec/check_init_service, \
/usr/bin/tail -f /var/log/messages, \
/sbin/service xinetd restart, \
/usr/bin/vi /etc/xinetd.d/nrpe

Cmnd_Alias NAGIOS_ALL_COMMANDS = ALL

Cmnd_Alias NAGIOS_INS_COMMANDS = /tc/tcsoftware/jwk/Nagios-Agent/fullinstall, \
/usr/local/nagios/bin/nrpe-uninstall, \
/usr/local/nagios/libexec/check_init_service, \
/usr/bin/tail -f /var/log/messages, \
/sbin/service xinetd restart, \
/usr/bin/vi /etc/xinetd.d/nrpe


NAGIOSXI_USERS NAGIOSXI_TARGETS = NOPASSWD: NAGIOSXI_COMMANDS
NAGIOSXI_USERS NAGIOS_INS_TARGETS = NOPASSWD: NAGIOSXI_COMMANDS

User_Alias NAGIOSXIWEB_USERS = apache
Host_Alias NAGIOSXIWEB_TARGETS = server00,servefb0,servefb1,serverb0,serverb1,servewb0,servewb1,servewb2,servewb3,servetb0,servesb0

Cmnd_Alias NAGIOSXIWEB_COMMANDS = /usr/bin/tail -100 /var/log/messages, \
/usr/bin/tail -100 /var/log/httpd/error_log, \
/usr/bin/tail -100 /var/log/mysqld.log, \
/usr/bin/php /usr/local/nagiosxi/html/includes/components/autodiscovery/scripts/autodiscover_new.php, \
/usr/local/nagiosxi/html/includes/components/profile/getprofile.sh, \
/etc/init.d/snmptt restart, \
/usr/local/nagiosxi/scripts/repair_databases.sh, \
/usr/local/nagiosxi/scripts/manage_services.sh *

NAGIOSXIWEB_USERS NAGIOSXIWEB_TARGETS = NOPASSWD: NAGIOSXIWEB_COMMANDS
NAGIOS_ALL_USERS NAGIOS_ALL_TARGETS = NOPASSWD: NAGIOS_ALL_COMMANDS
NAGIOS_INS_USERS NAGIOS_INS_TARGETS = NOPASSWD: NAGIOS_INS_COMMANDS
NAGIOS_TST_USERS NAGIOS_TST_TARGETS = NOPASSWD: NAGIOS_TST_COMMANDS

Creating a custom install that does not change the /etc/sudoers file may still fail as if the installer needs to add some new settings to the file and it doesn't, would cause an issue as well.

Before doing the install, can you but a stock version of the sudoers file on place, run the install and put back your modified copy with any updates if needed?


Which folder did you create the installed.sudoers file?
The RPM installer creates a tmp/nagiosxi subfolder off of the current folder.
Try creating that folder and create the installed.sudoers file in that folder before installing to see if that bypasses the changes to the sudoers file.

Good Morning Nagios,

There would still be a problem with the install. I'm not sure what order things occur during the install, but it seems that after the sudoers file is modified, the /usr/local/nagiosxi file is empty (probably due that I no longer have administrative privileges). I will try your recommendation of creating the /tmp/nagiosxi directory and putting the installed.sudoers file in this directory. Hope this works. I'll let you know.

Thank you,

Bruce Ontko

In answer to your question about where I put the installed.sudoers file, I placed it in /home/myuserid/nagiosxi. If reading your instructions correctly would I place the installed.sudoers file in /home/myuserid/naxiosxi/tmp/nagiosxi?

Thank you,

Bruce Ontko

Sorry, My fault. In answer to you question about the stock sudoers file, the answer is probably no. I will ask our unix admin staff if this is possible, and get back to you.

I have been granted sudo all, as I need to overcome some issues in our environment not just having the Nagios offline install set up sudo commands needed to administer the software. Would it be possible for you to provide me with something that bypasses modifying /etc/sudoers and I can put the commands into the file after the install is complete.

Thank you,

Bruce Ontko

Due to the nearly limitless number of changes that could be made to the base OS, we are unable to guarantee functionality in all cases.
For this reason, we have to stick pretty close to our "clean, minimal install" requirement for installing Nagios products.

If you cannot start out with a stock version of the sudoers file then there is not much that you may be able to do.
I found that the rpm installer script deletes the /tmp/nagiosxi folder if it exists, and that folder is where the installed.sudoers file needs to exist for it not to update the sudoers file.

All,

You can close out this support question. When I couldn't get the offline version of Nagios XI 5.5.5 to install, I went ahead and installed Nagios XI 5.4.13. I am having some minor difficulties resolving some of the problems here which I will open a separate post on.

Thank you for your assistance,

Bruce Ontko