NRPE my_system() seteuid(0): Operation not permitted
Posted: Tue Oct 23, 2018 9:28 am
See below, trying to run a restart service and keep getting seteuid errors. For testing purposes have the nagios user set to run anything. Thought maybe it was running as a different user than nagios but that isn't it..
Code: Select all
nagios ALL=(ALL) NOPASSWD: ALL
Code: Select all
[root@server etc]# su nagios
bash-4.2$ /usr/bin/sudo /bin/systemctl restart squid.service
bash-4.2$
bash-4.2$
Code: Select all
[1540302908] is_an_allowed_host (AF_INET): is host >10.5.0.25< an allowed host >10.5.0.25<
[1540302908] is_an_allowed_host (AF_INET): is host >10.5.0.25< an allowed host >10.5.0.25<
[1540302908] is_an_allowed_host (AF_INET): host is in allowed host list!
[1540302908] Host address is in allowed_hosts
[1540302908] Host 10.5.0.25 is asking for command 'squid_restart' to be run...
[1540302908] Running command: /usr/bin/sudo /bin/systemctl restart squid.service
[1540302908] WARNING: my_system() seteuid(0): Operation not permitted
[1540302908] Command completed with return code 1 and output:
[1540302908] Return Code: 3, Output: NRPE: Unable to read output
[1540302908] Connection from 10.5.0.25 closed.
Code: Select all
# NRPE USER
# This determines the effective user that the NRPE daemon should run as.
# You can either supply a username or a UID.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
nrpe_user=nagios
# NRPE GROUP
# This determines the effective group that the NRPE daemon should run as.
# You can either supply a group name or a GID.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
nrpe_group=nagios
Code: Select all
nagios 1390 0.0 0.0 44836 2740 ? Ss 08:54 0:00 /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -f
Code: Select all
[Service]
Type=simple
Restart=on-abort
PIDFile=/usr/local/nagios/var/nrpe.pid
RuntimeDirectory=nrpe
RuntimeDirectoryMode=0755
ExecStart=/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -f
ExecReload=/bin/kill -HUP $MAINPID
ExecStopPost=/bin/rm -f /usr/local/nagios/var/nrpe.pid
TimeoutStopSec=60
User=nagios
Group=nagios
PrivateTmp=true
OOMScoreAdjust=-500