Page 1 of 2
Persistent error message displayed
Posted: Mon Aug 05, 2019 11:05 am
by smblair
Persistent error message displayed in the web GUI shows a red condition for monitoring engine and database backend. The system appears to function normally but seemingly cannot be upgraded. Our Nagios XI installation in AWS does not display this and has no upgrade problems. We are stuck on v. 5.6.1-1. A profile is attached. Any suggestions?
Re: Persistent error message displayed
Posted: Mon Aug 05, 2019 11:33 am
by scottwilkerson
The profile you submitted appears to be from version 5.4.13
Have you tried a manual upgrade from the CLI as root?
https://assets.nagios.com/downloads/nag ... ctions.pdf
If so, can you post the error you received
Re: Persistent error message displayed
Posted: Mon Aug 05, 2019 11:40 am
by smblair
Our premise installation is in a dark environment and this is not an option. We can only update by RPM. We sync your yum repo via a Foreman/Katello instance and all packages show 5.6.1-1 except nagiosxi-nagiosql 5.4.13 and nagiosxi-ajaxterm 5.4.13.
Re: Persistent error message displayed
Posted: Mon Aug 05, 2019 11:44 am
by scottwilkerson
Can you sync them to the 5.6.5 RPM's here and attempt the upgrade?
https://repo.nagios.com/?repo=offline
If the upgrade doesn't complete, please share the created
/tmp/xi-upgrade.log
Re: Persistent error message displayed
Posted: Mon Aug 05, 2019 11:59 am
by smblair
Yes, but the last time we tried an upgrade (5.6.3), we were forced to revert. I'll enable the subscription, update and send the upgrade log.
Re: Persistent error message displayed
Posted: Mon Aug 05, 2019 12:19 pm
by scottwilkerson
smblair wrote:Yes, but the last time we tried an upgrade (5.6.3), we were forced to revert. I'll enable the subscription, update and send the upgrade log.
thanks
Re: Persistent error message displayed
Posted: Mon Aug 05, 2019 1:54 pm
by smblair
The upgrade seems to have worked, no blizzard of error messages. We still have the monitoring engine and database backend error indication.
The xi-upgrade.log consists of one line:
/var/tmp/rpm-tmp.5hYC32: line 30: ./rpmupgrade: Permission denied
This is probably caused by our CIS configuration not allowing execution on /tmp or /var/tmp. Any workaround suggestion?
*** UPDATE ***
5.4.13 is the originally installed version. I suspect that the rpmupgrade script has not run since then. We cannot enable /tmp execution, so any solution must account for that.
Re: Persistent error message displayed
Posted: Mon Aug 05, 2019 2:07 pm
by scottwilkerson
smblair wrote:/var/tmp/rpm-tmp.5hYC32: line 30: ./rpmupgrade: Permission denied
This is probably caused by our CIS configuration not allowing execution on /tmp or /var/tmp. Any workaround suggestion?
This is definitely going to be a problem, you are going to want to perform the upgrade again but from a different directory.
I'm still not 100% it will even work as there may be some hard coded /tmp paths in the RPM
Re: Persistent error message displayed
Posted: Mon Aug 05, 2019 2:11 pm
by smblair
Do you have no other customers with CIS or PCI-DSS compliant systems? This is a common configuration in secure environments.
Re: Persistent error message displayed
Posted: Mon Aug 05, 2019 2:26 pm
by scottwilkerson
smblair wrote:Do you have no other customers with CIS or PCI-DSS compliant systems? This is a common configuration in secure environments.
We do, but I am going to be honest, while I can understand your concern this has never come up. With our RPM install it is actually also required to allow execution in /tmp on the install as well, the following is taken from the RPM spec file:
Code: Select all
# Perform install
if [ "$1" = "1" ]; then
(
cd /tmp/nagiosxi
%{__chmod} +x ./rpminstall
touch install.log
./rpminstall
rm -rf /tmp/xi*_backup
)
# Perform upgrade
elif [ "$1" = "2" ]; then
(
cd /tmp/nagiosxi
%{__chmod} +x ./rpmupgrade
touch install.log
./rpmupgrade > /tmp/xi-upgrade.log 2>&1
)
fi