More Ideas? Eventhandlers and SUDO
twebster at daksoft.com
twebster at daksoft.com
Tue Sep 24 00:48:23 CEST 2002
The below perl script works great in my restart-sendmail event handler, I
just call the sendmail-wrapper from the eventhandler and it works great.
I will investigate a bit more, but I believe I either rewrite the event
handler in Perl or change the below script to accept a couple variables for
my other services and I should be in business.
Thanks for the help and all the suggestions.
Tony
|---------+---------------------------->
| | "Jeremy Tinley" |
| | <jtinley at unirez.c|
| | om> |
| | |
| | 09/23/2002 03:58 |
| | PM |
| | |
|---------+---------------------------->
>------------------------------------------------------------------------------------------------------------------------------|
| |
| To: <twebster at daksoft.com> |
| cc: |
| Subject: RE: [Nagios-users] More Ideas? Eventhandlers and SUDO |
>------------------------------------------------------------------------------------------------------------------------------|
You'd probably want to start by just getting it to work.
#!/usr/bin/perl
my $command = '/etc/rc.d/init.d/sendmail';
my $return = `sudo $command $ARGV[0]`;
print "\$return = $return\n";
exit;
First, run the script from command line:
script.pl [option]
Ex.: ./script.pl start
-or-
./script.pl stop
When you get the output you desire from $return, you can start logging
it to a file by adding something like this to the end.
open(LOG, ">>sendmail-wrapper.log");
print LOG "$command\n";
print LOG "$return\n";
print LOG "\n";
close(LOG);
That should get something nice enough for readability sake.
-J
-----Original Message-----
From: twebster at daksoft.com [mailto:twebster at daksoft.com]
Sent: Monday, September 23, 2002 4:54 PM
To: Jeremy Tinley
Subject: RE: [Nagios-users] More Ideas? Eventhandlers and SUDO
A wrapper would be an exellent option, but my skills with perl are a
bit,
may I say, weak.
But my curiosity makes me ask, if I was to attempt to write a wrapper
how
would I go about it?
Would I simple perform more checks prior to executing each sendmail
command, say start and stop, perform some logging?
Tony
|---------+---------------------------->
| | "Jeremy Tinley" |
| | <jtinley at unirez.c|
| | om> |
| | |
| | 09/23/2002 03:29 |
| | PM |
| | |
|---------+---------------------------->
>-----------------------------------------------------------------------
-------------------------------------------------------|
|
|
| To: <twebster at daksoft.com>
|
| cc:
|
| Subject: RE: [Nagios-users] More Ideas? Eventhandlers and
SUDO |
>-----------------------------------------------------------------------
-------------------------------------------------------|
I don't know how good your Perl is, but you could write a quick wrapper
for that command and trap the output and return code from a system()
call. Then write it to a log and get a little closer to tracing down
the problem.
-J
-----Original Message-----
From: nagios-users-admin at lists.sourceforge.net
[mailto:nagios-users-admin at lists.sourceforge.net] On Behalf Of
twebster at daksoft.com
Sent: Monday, September 23, 2002 4:01 PM
To: nagios-users at lists.sourceforge.net
Subject: [Nagios-users] More Ideas? Eventhandlers and SUDO
Does anybody else have any ideas as to what may be causing SUDO to fail
in
my event-handler scripts?
Basically, they work fine from the command as the Nagios user but when
the
event handerl execute 'sudo /etc/rc.d/init.d/sendmail restart' it fails
on
the stop command. The start command will work but the stop command
fails.
Is there something internal in Nagios that will cause the script to exit
if
a script that I am executing sends back a "FAILURE in execution"? For
instance, if sendmail is already stopped and the event handler issues a
restart, the stop command fails because there are not processes to stop,
but it should continue on and complete the restart command by issueing a
start, after the stop fails.
Any more ideas?
Tony
|---------+-------------------------------->
| | "Jolet, John" |
| | <John.Jolet at misysheal|
| | thcare.com> |
| | |
| | 09/20/2002 11:08 AM |
| | |
|---------+-------------------------------->
>-----------------------------------------------------------------------
-------------------------------------------------------|
|
|
| To: "'twebster at daksoft.com'" <twebster at daksoft.com>
|
| cc:
|
| Subject: RE: [Nagios-users] Eventhandlers and SUDO
|
>-----------------------------------------------------------------------
-------------------------------------------------------|
what happens if you go to root, then su - nagios, then sudo -u root
/etc/rc.d/init.d/sendmail?
-----Original Message-----
From: twebster at daksoft.com [mailto:twebster at daksoft.com]
Sent: Friday, September 20, 2002 12:04 PM
To: Jolet, John; nagios-users at lists.sourceforge.net
Subject: RE: [Nagios-users] Eventhandlers and SUDO
I just tested "nagios ALL=(root) /etc/rc.d/init.d/sendmail" and still
the
same thing.
My process of testing,
1. Start Nagios
2. Stop Sendmail
3. Force service check of sendmail server
4. Watch log
Below are the log messages I receive.
*comment* below you can see from my restart-sendmail the various
commands I
have tried
echo -n "Restarting Sendmail service (3rd soft
critical state)..."
# Call the init script to restart the sendmail
server
sudo /etc/rc.d/init.d/sendmail restart
# sudo /etc/rc.d/init.d/sendmail stop
# sleep 5
# sudo /etc/rc.d/init.d/sendmail start
;;
esac
/var/log/messages
Sep 20 08:49:49 localhost nagios: SERVICE ALERT:
ACTIVE;SMTP;CRITICAL;SOFT;1;Connection refused by host
Sep 20 08:49:49 localhost nagios: SERVICE EVENT HANDLER:
ACTIVE;SMTP;CRITICAL;SOFT;1;restart-sendmail
Sep 20 08:49:49 localhost sendmail: sendmail shutdown failed
*comment* note nagios ran the restart-sendmail, but stopped running it
after the sendmail stop command failed.
/var/log/secure
Sep 20 08:49:49 localhost sudo: nagios : TTY=unknown ; PWD=/ ;
USER=root
; COMMAND=/etc/rc.d/init.d/sendmail restart
/var/log/nagios/nagios.log
[1032533378] EXTERNAL COMMAND:
SCHEDULE_FORCED_SVC_CHECK;ACTIVE;SMTP;1032533377
[1032533389] SERVICE ALERT: ACTIVE;SMTP;CRITICAL;SOFT;1;Connection
refused
by host
[1032533389] SERVICE EVENT HANDLER:
ACTIVE;SMTP;CRITICAL;SOFT;1;restart-sendmail
*comment* Example of running command outside of nagios eventhandler
[root at tux1 log]# su nagios
[nagios at tux1 log]$ sudo /etc/rc.d/init.d/sendmail restart
Shutting down sendmail: [FAILED]
Starting sendmail: [ OK ]
[nagios at tux1 log]$
/etc/sudoers
nagios ALL = (root) NOPASSWD: /etc/rc.d/init.d/sendmail
Tony
|---------+-------------------------------->
| | "Jolet, John" |
| | <John.Jolet at misysheal|
| | thcare.com> |
| | |
| | 09/20/2002 09:59 AM |
| | |
|---------+-------------------------------->
>
------------------------------------------------------------------------
---
---------------------------------------------------|
|
|
| To: "'twebster at daksoft.com'" <twebster at daksoft.com>
|
| cc:
|
| Subject: RE: [Nagios-users] Eventhandlers and SUDO
|
>
------------------------------------------------------------------------
---
---------------------------------------------------|
well, have you tried "nagios ALL=(root) /etc/rc.d/init.d/sendmail" ?
-----Original Message-----
From: twebster at daksoft.com [mailto:twebster at daksoft.com]
Sent: Friday, September 20, 2002 10:46 AM
To: nagios-users at lists.sourceforge.net
Subject: [Nagios-users] Eventhandlers and SUDO
I am setting up a clustering system using the Heartbeat project. I have
configured the distributed monitoring on each system, and the Master
(active) server sends results back to our Central Nagios server via the
send_nsca script, works great.
My problem, when Nagios detects either a problem with httpd, sendmail,
named or ftp, I calling an EventHandler called resetart-httpd,
restart-sendmail, restart-named, restart-xinetd, respectively.
I have use the standard restart-httpd available in the Nagios
installation
for my "template" eventhandler script.
In addition, I for each of the restart command I appended a sudo to the
beginning of the line so my restart command looks like
sudo /etc/rc.d/init.d/httpd restart
I have tried multiple /etc/sudoers configs but the service is never able
to
restart, I have included several variations that I have tried.
nagios localhost = NOPASSWD: /etc/rc.d/init.d/sendmail
nagios localhost = (ALL) NOPASSWD: ALL
nagios ALL = NOPASSWD: ALL
One thing I notice, the sendmail will complet the STOP correctly but
will
not perform the Start of the service. When I execute restart-sendmail
CRITICAL SOFT 3 from the command line as the Nagios user, Sendmail,
stops,
fails and then starts up fine. But when Nagios runs the
restart-sendmail
it fails at the STOP everytime, note I have manually caused sendmail to
stop and am trying to run restart.
Has anyone used SUDO for this purpose?
Tony
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
More information about the Users
mailing list