More Ideas? Eventhandlers and SUDO

twebster at daksoft.com twebster at daksoft.com
Mon Sep 23 23:00:57 CEST 2002
Previous message: Epager question
Next message: More Ideas? Eventhandlers and SUDO
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Does anybody else have any ideas as to what may be causing SUDO to fail in
my event-handler scripts?

Basically, they work fine from the command as the Nagios user but when the
event handerl execute 'sudo /etc/rc.d/init.d/sendmail restart' it fails on
the stop command.  The start command will work but the stop command fails.

Is there something internal in Nagios that will cause the script to exit if
a script that I am executing sends back a "FAILURE in execution"? For
instance, if sendmail is already stopped and the event handler issues a
restart, the stop command fails because there are not processes to stop,
but it should continue on and complete the restart command by issueing a
start, after the stop fails.

Any more ideas?

Tony


|---------+-------------------------------->
|         |           "Jolet, John"        |
|         |           <John.Jolet at misysheal|
|         |           thcare.com>          |
|         |                                |
|         |           09/20/2002 11:08 AM  |
|         |                                |
|---------+-------------------------------->
  >------------------------------------------------------------------------------------------------------------------------------|
  |                                                                                                                              |
  |       To:       "'twebster at daksoft.com'" <twebster at daksoft.com>                                                              |
  |       cc:                                                                                                                    |
  |       Subject:  RE: [Nagios-users] Eventhandlers and SUDO                                                                    |
  >------------------------------------------------------------------------------------------------------------------------------|




what happens if you go to root, then su - nagios, then sudo -u root
/etc/rc.d/init.d/sendmail?

-----Original Message-----
From: twebster at daksoft.com [mailto:twebster at daksoft.com]
Sent: Friday, September 20, 2002 12:04 PM
To: Jolet, John; nagios-users at lists.sourceforge.net
Subject: RE: [Nagios-users] Eventhandlers and SUDO



I just tested "nagios ALL=(root) /etc/rc.d/init.d/sendmail" and still the
same thing.

My process of testing,
      1. Start Nagios
      2. Stop Sendmail
      3. Force service check of sendmail server
      4. Watch log

Below are the log messages I receive.


*comment* below you can see from my restart-sendmail the various commands I
have tried

                        echo -n "Restarting Sendmail service (3rd soft
critical state)..."
                        # Call the init script to restart the sendmail
server
                        sudo /etc/rc.d/init.d/sendmail restart
#                       sudo /etc/rc.d/init.d/sendmail stop
#                       sleep 5
#                       sudo /etc/rc.d/init.d/sendmail start
                        ;;
                        esac


/var/log/messages
Sep 20 08:49:49 localhost nagios: SERVICE ALERT:
ACTIVE;SMTP;CRITICAL;SOFT;1;Connection refused by host
Sep 20 08:49:49 localhost nagios: SERVICE EVENT HANDLER:
ACTIVE;SMTP;CRITICAL;SOFT;1;restart-sendmail
Sep 20 08:49:49 localhost sendmail: sendmail shutdown failed
*comment* note nagios ran the restart-sendmail, but stopped running it
after the sendmail stop command failed.



/var/log/secure
Sep 20 08:49:49 localhost sudo:   nagios : TTY=unknown ; PWD=/ ; USER=root
; COMMAND=/etc/rc.d/init.d/sendmail restart


/var/log/nagios/nagios.log
[1032533378] EXTERNAL COMMAND:
SCHEDULE_FORCED_SVC_CHECK;ACTIVE;SMTP;1032533377
[1032533389] SERVICE ALERT: ACTIVE;SMTP;CRITICAL;SOFT;1;Connection refused
by host
[1032533389] SERVICE EVENT HANDLER:
ACTIVE;SMTP;CRITICAL;SOFT;1;restart-sendmail


*comment* Example of running command outside of nagios eventhandler
[root at tux1 log]# su nagios
[nagios at tux1 log]$ sudo /etc/rc.d/init.d/sendmail restart
Shutting down sendmail:                                    [FAILED]
Starting sendmail:                                         [  OK  ]
[nagios at tux1 log]$


/etc/sudoers
nagios  ALL = (root) NOPASSWD: /etc/rc.d/init.d/sendmail







Tony


|---------+-------------------------------->
|         |           "Jolet, John"        |
|         |           <John.Jolet at misysheal|
|         |           thcare.com>          |
|         |                                |
|         |           09/20/2002 09:59 AM  |
|         |                                |
|---------+-------------------------------->

>
---------------------------------------------------------------------------
---------------------------------------------------|
  |
|
  |       To:       "'twebster at daksoft.com'" <twebster at daksoft.com>
|
  |       cc:
|
  |       Subject:  RE: [Nagios-users] Eventhandlers and SUDO
|

>
---------------------------------------------------------------------------
---------------------------------------------------|




well, have you tried "nagios ALL=(root) /etc/rc.d/init.d/sendmail" ?

-----Original Message-----
From: twebster at daksoft.com [mailto:twebster at daksoft.com]
Sent: Friday, September 20, 2002 10:46 AM
To: nagios-users at lists.sourceforge.net
Subject: [Nagios-users] Eventhandlers and SUDO


I am setting up a clustering system using the Heartbeat project.  I have
configured the distributed monitoring on each system, and the Master
(active) server sends results back to our Central Nagios server via the
send_nsca script, works great.

My problem, when Nagios detects either a problem with httpd, sendmail,
named or ftp, I calling an EventHandler called resetart-httpd,
restart-sendmail, restart-named, restart-xinetd, respectively.

I have use the standard restart-httpd available in the Nagios installation
for my "template" eventhandler script.

In addition, I for each of the restart command I appended a sudo to the
beginning of the line so my restart command looks like
      sudo /etc/rc.d/init.d/httpd restart

I have tried multiple /etc/sudoers configs but the service is never able to
restart,  I have included several variations that I have tried.

nagios  localhost = NOPASSWD: /etc/rc.d/init.d/sendmail
nagios localhost = (ALL) NOPASSWD: ALL
nagios  ALL = NOPASSWD: ALL


One thing I notice, the sendmail will complet the STOP correctly but will
not perform the Start of the service.  When I execute restart-sendmail
CRITICAL SOFT 3 from the command line as the Nagios user, Sendmail, stops,
fails and then starts up fine.  But when Nagios runs the restart-sendmail
it fails at the STOP everytime, note I have manually caused sendmail to
stop and am trying to run restart.

Has anyone used SUDO for this purpose?


Tony




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users











-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
Previous message: Epager question
Next message: More Ideas? Eventhandlers and SUDO
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list