Eventhandlers and SUDO

twebster at daksoft.com twebster at daksoft.com
Fri Sep 20 19:03:55 CEST 2002
Previous message: Eventhandlers and SUDO
Next message: CGI Patch for Nagios 1.0b6
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I just tested "nagios ALL=(root) /etc/rc.d/init.d/sendmail" and still the
same thing.

My process of testing,
      1. Start Nagios
      2. Stop Sendmail
      3. Force service check of sendmail server
      4. Watch log

Below are the log messages I receive.


*comment* below you can see from my restart-sendmail the various commands I
have tried

                        echo -n "Restarting Sendmail service (3rd soft
critical state)..."
                        # Call the init script to restart the sendmail
server
                        sudo /etc/rc.d/init.d/sendmail restart
#                       sudo /etc/rc.d/init.d/sendmail stop
#                       sleep 5
#                       sudo /etc/rc.d/init.d/sendmail start
                        ;;
                        esac


/var/log/messages
Sep 20 08:49:49 localhost nagios: SERVICE ALERT:
ACTIVE;SMTP;CRITICAL;SOFT;1;Connection refused by host
Sep 20 08:49:49 localhost nagios: SERVICE EVENT HANDLER:
ACTIVE;SMTP;CRITICAL;SOFT;1;restart-sendmail
Sep 20 08:49:49 localhost sendmail: sendmail shutdown failed
*comment* note nagios ran the restart-sendmail, but stopped running it
after the sendmail stop command failed.



/var/log/secure
Sep 20 08:49:49 localhost sudo:   nagios : TTY=unknown ; PWD=/ ; USER=root
; COMMAND=/etc/rc.d/init.d/sendmail restart


/var/log/nagios/nagios.log
[1032533378] EXTERNAL COMMAND:
SCHEDULE_FORCED_SVC_CHECK;ACTIVE;SMTP;1032533377
[1032533389] SERVICE ALERT: ACTIVE;SMTP;CRITICAL;SOFT;1;Connection refused
by host
[1032533389] SERVICE EVENT HANDLER:
ACTIVE;SMTP;CRITICAL;SOFT;1;restart-sendmail


*comment* Example of running command outside of nagios eventhandler
[root at tux1 log]# su nagios
[nagios at tux1 log]$ sudo /etc/rc.d/init.d/sendmail restart
Shutting down sendmail:                                    [FAILED]
Starting sendmail:                                         [  OK  ]
[nagios at tux1 log]$


/etc/sudoers
nagios  ALL = (root) NOPASSWD: /etc/rc.d/init.d/sendmail







Tony


|---------+-------------------------------->
|         |           "Jolet, John"        |
|         |           <John.Jolet at misysheal|
|         |           thcare.com>          |
|         |                                |
|         |           09/20/2002 09:59 AM  |
|         |                                |
|---------+-------------------------------->
  >------------------------------------------------------------------------------------------------------------------------------|
  |                                                                                                                              |
  |       To:       "'twebster at daksoft.com'" <twebster at daksoft.com>                                                              |
  |       cc:                                                                                                                    |
  |       Subject:  RE: [Nagios-users] Eventhandlers and SUDO                                                                    |
  >------------------------------------------------------------------------------------------------------------------------------|




well, have you tried "nagios ALL=(root) /etc/rc.d/init.d/sendmail" ?

-----Original Message-----
From: twebster at daksoft.com [mailto:twebster at daksoft.com]
Sent: Friday, September 20, 2002 10:46 AM
To: nagios-users at lists.sourceforge.net
Subject: [Nagios-users] Eventhandlers and SUDO


I am setting up a clustering system using the Heartbeat project.  I have
configured the distributed monitoring on each system, and the Master
(active) server sends results back to our Central Nagios server via the
send_nsca script, works great.

My problem, when Nagios detects either a problem with httpd, sendmail,
named or ftp, I calling an EventHandler called resetart-httpd,
restart-sendmail, restart-named, restart-xinetd, respectively.

I have use the standard restart-httpd available in the Nagios installation
for my "template" eventhandler script.

In addition, I for each of the restart command I appended a sudo to the
beginning of the line so my restart command looks like
      sudo /etc/rc.d/init.d/httpd restart

I have tried multiple /etc/sudoers configs but the service is never able to
restart,  I have included several variations that I have tried.

nagios  localhost = NOPASSWD: /etc/rc.d/init.d/sendmail
nagios localhost = (ALL) NOPASSWD: ALL
nagios  ALL = NOPASSWD: ALL


One thing I notice, the sendmail will complet the STOP correctly but will
not perform the Start of the service.  When I execute restart-sendmail
CRITICAL SOFT 3 from the command line as the Nagios user, Sendmail, stops,
fails and then starts up fine.  But when Nagios runs the restart-sendmail
it fails at the STOP everytime, note I have manually caused sendmail to
stop and am trying to run restart.

Has anyone used SUDO for this purpose?


Tony




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users







-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
Previous message: Eventhandlers and SUDO
Next message: CGI Patch for Nagios 1.0b6
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list