Sunil Sankar [14.05.2013 12:41]: > try setting the suid for this script Set a script suid? Which operating system supports that?
> > > On Tue, May 14, 2013 at 2:59 PM, Deborah Martin <deborah.mar...@kognitio.com >> wrote: > >> Ok – if I look at your output, manually, when the plugin is run as the >> “root” user it produces the correct result. **** >> >> ** ** >> >> But, you haven’t said what the nrpe user is that is running on the remote >> node and whether the same manual run of the check produces the same >> output. **** >> >> For example, I run remote plugins through nrpe as the “nagios” user so if >> I want to manually test a plugin on the remote node, I would first login as >> the nagios user to ensure I’ve got the same environment that would be used >> when running via nrpe. It might be that the variables you have set in the >> script only work as the root user. It’s never a good idea to test as the >> root user but only as the same user as that used by nagios or nrpe. **** >> >> ** ** >> >> Regards,**** >> >> Deborah **** >> >> ** ** >> >> *From:* Thilakraj.Shanmugam [mailto:thilakraj.shanmu...@canberra.edu.au] >> *Sent:* 14 May 2013 09:58 >> >> *To:* Nagios Users List >> *Subject:* Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring**** >> >> ** ** >> >> Hi Deborah, Thanks for the response.. please find the details below.**** >> >> ** ** >> >> ** ** >> >> [root@abc libexec]# pwd**** >> >> /usr/local/nagios/libexec**** >> >> [root@abc libexec]# ./check_iptables.sh >> >> <----- Executing manually script**** >> >> + IPT=/sbin/iptables**** >> >> + GREP=/bin/grep**** >> >> + AWK=/bin/awk**** >> >> + EXPR=/usr/bin/expr**** >> >> + WC=/usr/bin/wc**** >> >> + A=/usr/bin/sudo**** >> >> + E_SUCCESS=0**** >> >> + E_CRITICAL=2**** >> >> + E_UNKNOWN=3**** >> >> ++ /usr/bin/sudo /sbin/iptables -nvL**** >> >> ++ /bin/grep Chain**** >> >> ++ /bin/awk '{ print $2 }'**** >> >> ++ /bin/grep Cid**** >> >> ++ /usr/bin/wc -l**** >> >> + CHAINS=5**** >> >> + '[' 5 -ne 0 ']'**** >> >> + echo 'Firewall is running!'**** >> >> Firewall is running!**** >> >> + exit 0 >> <------ it shows firewall running ( correct output )**** >> >> [root@abc libexec]#**** >> >> ** ** >> >> ** ** >> >> *Client - NRPE config file* >> >> ** ** >> >> [root@abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i iptable*** >> * >> >> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh**** >> >> [root@abc libexec]#**** >> >> ** ** >> >> ** ** >> >> [root@abc libexec]# ./check_nrpe -H localhost -c check_iptables**** >> >> Firewall is not running >> <----- executing via check_nrpe ( wrong output )**** >> >> [root@abc libexec]#**** >> >> ** ** >> >> ** ** >> >> NRPE Logs**** >> >> -------------**** >> >> ** ** >> >> May 14 18:52:28 abc nrpe[31158]: Added >> command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% -c 5% >> -p /db**** >> >> May 14 18:52:28 abc nrpe[31158]: Added >> command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w 15% -c >> 5% -p /app**** >> >> May 14 18:52:28 abc nrpe[31158]: Added >> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh**** >> >> May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All network >> traffic will be encrypted.**** >> >> May 14 18:52:28 abc nrpe[31158]: Handling the connection...**** >> >> May 14 18:52:28 abc nrpe[31158]: Host is asking for command >> 'check_iptables' to be run...**** >> >> May 14 18:52:28 abc nrpe[31158]: Running command: >> /usr/local/nagios/libexec/check_iptables.sh**** >> >> May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 and >> output: Firewall is not running**** >> >> May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is not >> running**** >> >> ** ** >> >> ** ** >> >> Kind Regards,**** >> >> Thilak**** >> >> ** ** >> >> ** ** >> >> *From:* Deborah Martin >> [mailto:deborah.mar...@kognitio.com<deborah.mar...@kognitio.com>] >> >> *Sent:* Tuesday, 14 May 2013 6:44 PM >> *To:* Nagios Users List >> *Subject:* Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring**** >> >> ** ** >> >> Hi, **** >> >> What is the wrong output being returned ? This might give us all a clue as >> to the cause of the problem. **** >> >> When you run the check manually, are you doing this as the same user that >> check_nrpe will use ? **** >> >> ** ** >> >> Regards,**** >> >> Deborah **** >> >> ** ** >> >> ** ** >> >> ** ** >> >> *From:* Thilakraj.Shanmugam >> [mailto:thilakraj.shanmu...@canberra.edu.au<thilakraj.shanmu...@canberra.edu.au>] >> >> *Sent:* 14 May 2013 08:43 >> *To:* nagios-users@lists.sourceforge.net >> *Subject:* [Nagios-users] Nagios Plugin for IPTABLES Monitoring**** >> >> ** ** >> >> Greetings!**** >> >> ** ** >> >> Could someone send me nagios plugin which is tested and works well for >> monitoring IPTABLES in Linux.**** >> >> ** ** >> >> I have tested below script but it is not returning correct output to >> nagios server.**** >> >> ** ** >> >> If I execute script manually, it shows correct output…**** >> >> ** ** >> >> But if I execute via ./check_nrpe – H localhost –c check_iptables, it >> shows wrong output.**** >> >> ** ** >> >> ** ** >> >> ** ** >> >> Below is my plugin**** >> >> ------------------------------**** >> >> ** ** >> >> #!/bin/bash**** >> >> set -x**** >> >> ** ** >> >> IPT='/sbin/iptables'**** >> >> GREP='/bin/grep'**** >> >> AWK='/bin/awk'**** >> >> EXPR='/usr/bin/expr'**** >> >> WC='/usr/bin/wc'**** >> >> A='/usr/bin/sudo'**** >> >> ** ** >> >> E_SUCCESS="0"**** >> >> E_CRITICAL="2"**** >> >> E_UNKNOWN="3"**** >> >> ** ** >> >> CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid | >> $WC -l`**** >> >> ** ** >> >> if [ $CHAINS -ne 0 ] ; then**** >> >> echo "Firewall is running!"**** >> >> exit ${E_SUCCESS}**** >> >> ** ** >> >> elif [ $CHAINS -eq 0 ] ; then**** >> >> echo "Firewall is not running"**** >> >> exit ${E_CRITICAL}**** >> >> fi**** >> >> ** ** >> >> -- ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null