allow nagios to check service status on Nagios NRPE agent
Posted: Tue Jun 16, 2020 4:18 pm
When installing Nagios NRPE agent to a Linux server (e.g., Red Hat 7, or CentOS 7), the following lines are added to /etc/sudoers:
# NEEDED TO ALLOW NAGIOS TO CHECK SERVICE STATUS
Defaults:nagios !requiretty
nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_init_service
This has brought up an issue with the security scan by adding the account "nagios" to /etc/sudoers.
How does this service check work, and how important to allow nagios to check service status? Is it optional or required to run this plugin? If these lines are removed from /etc/sudoers, what would be the possible impact to the nagios agent?
# NEEDED TO ALLOW NAGIOS TO CHECK SERVICE STATUS
Defaults:nagios !requiretty
nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_init_service
This has brought up an issue with the security scan by adding the account "nagios" to /etc/sudoers.
How does this service check work, and how important to allow nagios to check service status? Is it optional or required to run this plugin? If these lines are removed from /etc/sudoers, what would be the possible impact to the nagios agent?