Operating System - Linux
1747984 Members
4928 Online
108756 Solutions
New Discussion юеВ

Re: Nagios NRPE + sudo + hpacucli not working

 
GoranTornqvist
Occasional Advisor

Nagios NRPE + sudo + hpacucli not working

I┬┤m downloaded the nagios pluginet check_hparray that can get hp raid status from hpacucli:
http://www.nagiosexchange.org/cgi-bin/p ... 8.html;d=1

Also configured /etc/sudoers:
nagios ALL = NOPASSWD: /usr/sbin/hpacucli

If I "su" to user nagios and run the command check_hparray it is working fine.
However, when I try the same thing from nrpe daemon I notice that hpacucli is returning an error status (not 0) but without any error messages/output.

Note: OS is Red Hat Enterprise Linux 5.2.
I am calling multipath command in the same way using nrpe + sudo and this is working.
SELinux is NOT activated.

Any ideas?
Thanks...
12 REPLIES 12
Ivan Ferreira
Honored Contributor

Re: Nagios NRPE + sudo + hpacucli not working

Edit the check_hparray script and add an echo statement in the -s) section:

-s)
check=`sudo -u root $HPACUCLI controller slot=$2 ld all show`
# Add this line
echo $check > /tmp/check_array.out 2>&1
check_raid
;;


Consult the /tmp/check_array.out file
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
GoranTornqvist
Occasional Advisor

Re: Nagios NRPE + sudo + hpacucli not working

I only get "check_hparray Error" output from the script and /tmp/check_array.out is empty.
GoranTornqvist
Occasional Advisor

Re: Nagios NRPE + sudo + hpacucli not working

*bump*

no suggestions...? Thanks ...
Ivan Ferreira
Honored Contributor

Re: Nagios NRPE + sudo + hpacucli not working

You get:

echo "$PROGNAME Error. $checkm"

Because the $check variable is empty. There is something wrong because the tmp file has no output, that means that sudo and hpacucli is not being executed.

What do you get if you run:

sudo -u root /usr/sbin/hpacucli controller slot=$2 ld all show

From the command line? Replace $2 for the correct value as in your nrpe.cfg

Post your nrpe.cfg configuration file also for this section.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
GoranTornqvist
Occasional Advisor

Re: Nagios NRPE + sudo + hpacucli not working

Thanks for your reply...

If I "su" to user nagios it works:

-sh-3.2$ sudo -u root /usr/sbin/hpacucli controller slot=0 ld all show

Smart Array E200i in Slot 0

array A

logicaldrive 1 (136.7 GB, RAID 1+0, OK)



nrpe.cfg:
command[check_hparray]=/usr/lib/nagios/plugins/check_hparray -s $ARG1$

To me it appears like a problem calling sudo thru nrpe...I├В┬┤m lost...
Ivan Ferreira
Honored Contributor

Re: Nagios NRPE + sudo + hpacucli not working

What if you hard code the slot number in the npre.cfg file instead of having $ARG1$?
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
GoranTornqvist
Occasional Advisor

Re: Nagios NRPE + sudo + hpacucli not working

Same problem when hard coding parameter I├В┬┤m afraid ...
Ivan Ferreira
Honored Contributor

Re: Nagios NRPE + sudo + hpacucli not working

You could try this:

- Set SUID to hpacucli
chmod u+s /usr/sbin/hpacucli

- set root:root as owner
chown root:root /usr/sbin/hpacucli

- Remove others read and execution permissions
chmod o-rw /usr/sbin/hpacucli

- Add nagios to root group
gpasswd -a nagios root

- Try again


Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
GoranTornqvist
Occasional Advisor

Re: Nagios NRPE + sudo + hpacucli not working

Solved it, if I added the whole command line in /etc/sudoers it worked:
nagios ALL = NOPASSWD: /usr/sbin/hpacucli controller slot=0 ld all show

This didn├В┬┤t work:
nagios ALL = NOPASSWD: /usr/sbin/hpacucli
(according to the plugin docs it should be enough but wasn├В┬┤t for some reason)