Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Valid command_line directories

https://support.nagios.com/forum/viewtopic.php?t=8180

Page 1 of 1

Valid command_line directories

Posted: Fri Nov 09, 2012 4:50 pm
by Pastey
I have a:

Code: Select all

command_line /usr/bin/ssh ...
When I run a job using that command line I get
(Return code of 126 is out of bounds - plugin may not be executable)
I issue the command (as root):

Code: Select all

cp /usr/bin/ssh /usr/local/bin
change the command to

Code: Select all

command_line /usr/local/bin/ssh ...
and reload; no other changes. Now it works. I've tried this with many different directories and /usr/lib64/nagios/plugins, /usr/lib64/nagios/plugins/local (I created) work; what (if anything) else might work? I know this may be a Red Hat configure choice or packaging issue; if so and someone knows, please let me know.

Thanks.

Re: Valid command_line directories

Posted: Mon Nov 12, 2012 5:04 pm
by jsmurphy
While I don't actually know why this is happening, I would consider this a feature not a bug.

You should not be allowed to execute any of the default *nix bin directories with the NRPE agent considering it can be used to execute arbitrary commands (particularly when args are enabled). Even in a secure walled off environment that's still a pretty major security no-no.

If I was forced to guess... I would probably say the NRPE agent is probably coded to block access as a safety precaution.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited