check_nrpe fails, SSL handshake error (NOT Solved)
John Downs
john.downs at labs.gte.com
Tue Dec 23 21:30:14 CET 2003
I tried truss while running in daemon mode and got lots of output. However,
I don't
know how to interpret that output. I also got nothing returned when I do a
"netstat -a | grep -i nrpe ",and different results when I changed the
ownership on nrpe.cfg from root to nagios. How would I run truss with an
inetd process? Can I?
-john
#nrpe stream tcp nowait nagios /usr/bin/nrpe -c /etc/nrpe.cfg -i
# truss /usr/bin/nrpe -c /etc/nrpe.cfg -d
execve("/usr/bin/nrpe", 0xFFBEF3D4, 0xFFBEF3E8) argc = 4
mmap(0x00000000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_ANON, -1, 0) = 0xFF3A0000
resolvepath("/usr/lib/ld.so.1", "/usr/lib/ld.so.1", 1023) = 16
open("/var/ld/ld.config", O_RDONLY) Err#2 ENOENT
open("/usr/lib/libnsl.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEEAFC) = 0
mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF390000
mmap(0x00000000, 704512, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) =
0xFF280000
mmap(0xFF31C000, 32740, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 573440) = 0xFF31C000
mmap(0xFF324000, 30928, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) = 0xFF324000
munmap(0xFF30C000, 65536) = 0
memcntl(0xFF280000, 82252, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/lib/libsocket.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEEAFC) = 0
mmap(0xFF390000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) =
0xFF390000
mmap(0x00000000, 114688, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) =
0xFF370000
mmap(0xFF38A000, 4365, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 40960) = 0xFF38A000
munmap(0xFF37A000, 65536) = 0
memcntl(0xFF370000, 14496, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/lib/libc.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEEAFC) = 0
mmap(0xFF390000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) =
0xFF390000
mmap(0x00000000, 794624, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) =
0xFF180000
mmap(0xFF23A000, 24652, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 3, 696320) = 0xFF23A000
munmap(0xFF22A000, 65536) = 0
memcntl(0xFF180000, 113332, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/lib/libdl.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEEAFC) = 0
mmap(0xFF390000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) =
0xFF390000
close(3) = 0
open("/usr/lib/libmp.so.2", O_RDONLY) = 3
fstat(3, 0xFFBEEAFC) = 0
mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF360000
mmap(0x00000000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF340000
mmap(0xFF354000, 865, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED,
3, 16384) = 0xFF354000
munmap(0xFF344000, 65536) = 0
memcntl(0xFF340000, 3124, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
close(3) = 0
open("/usr/platform/SUNW,Ultra-1/lib/libc_psr.so.1", O_RDONLY) = 3
fstat(3, 0xFFBEE98C) = 0
mmap(0xFF360000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0) =
0xFF360000
mmap(0x00000000, 16384, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF270000
close(3) = 0
munmap(0xFF360000, 8192) = 0
brk(0x000267D0) = 0
brk(0x000287D0) = 0
fstat(-1, 0xFFBEEA78) Err#9 EBADF
open("/etc/nrpe.cfg", O_RDONLY) = 3
fstat64(3, 0xFFBEE098) = 0
brk(0x000287D0) = 0
brk(0x0002A7D0) = 0
ioctl(3, TCGETA, 0xFFBEE024) Err#25 ENOTTY
read(3, " # # # # # # # # # # # #".., 8192) = 5019
fstat(-1, 0xFFBED468) Err#9 EBADF
open("/dev/conslog", O_WRONLY) = 4
fcntl(4, F_SETFD, 0x00000001) = 0
fstat(4, 0xFFBED468) = 0
fstat(4, 0xFFBEDEC8) = 0
time() = 1072211336
open("/usr/share/lib/zoneinfo/US/Eastern", O_RDONLY) = 5
read(5, " T Z i f\0\0\0\0\0\0\0\0".., 8192) = 1250
close(5) = 0
getpid() = 1768 [1767]
putmsg(4, 0xFFBED580, 0xFFBED574, 0) = 0
open("/var/run/syslog_door", O_RDONLY) = 5
door_info(5, 0xFFBED4B8) = 0
getpid() = 1768 [1767]
door_call(5, 0xFFBED4A0) = 0
close(5) = 0
fstat(4, 0xFFBEDEC8) = 0
time() = 1072211336
getpid() = 1768 [1767]
putmsg(4, 0xFFBED580, 0xFFBED574, 0) = 0
open("/var/run/syslog_door", O_RDONLY) = 5
door_info(5, 0xFFBED4B8) = 0
getpid() = 1768 [1767]
door_call(5, 0xFFBED4A0) = 0
close(5) = 0
fstat(4, 0xFFBEDEC8) = 0
time() = 1072211336
getpid() = 1768 [1767]
putmsg(4, 0xFFBED580, 0xFFBED574, 0) = 0
open("/var/run/syslog_door", O_RDONLY) = 5
door_info(5, 0xFFBED4B8) = 0
getpid() = 1768 [1767]
door_call(5, 0xFFBED4A0) = 0
close(5) = 0
brk(0x0002A7D0) = 0
brk(0x0002C7D0) = 0
fstat(4, 0xFFBEDEC8) = 0
time() = 1072211336
getpid() = 1768 [1767]
putmsg(4, 0xFFBED580, 0xFFBED574, 0) = 0
open("/var/run/syslog_door", O_RDONLY) = 5
door_info(5, 0xFFBED4B8) = 0
getpid() = 1768 [1767]
door_call(5, 0xFFBED4A0) = 0
close(5) = 0
fstat(4, 0xFFBEDEC8) = 0
time() = 1072211336
getpid() = 1768 [1767]
putmsg(4, 0xFFBED580, 0xFFBED574, 0) = 0
open("/var/run/syslog_door", O_RDONLY) = 5
door_info(5, 0xFFBED4B8) = 0
getpid() = 1768 [1767]
door_call(5, 0xFFBED4A0) = 0
close(5) = 0
read(3, 0x0002681C, 8192) = 0
llseek(3, 0, SEEK_CUR) = 5019
close(3) = 0
fork() = 1769
llseek(0, 0, SEEK_CUR) = 70514
_exit(0)
# hostnam
hostnam: not found
# hostname
photon
#
----- Original Message -----
From: "Patrick Soltani" <PSoltani at iitcorporation.com>
To: "Michael Tucker" <mtucker at airmail.net>;
<nagios-users at lists.sourceforge.net>
Sent: Tuesday, December 23, 2003 2:26 PM
Subject: RE: [Nagios-users] check_nrpe fails, SSL handshake error (NOT
Solved)
> Hi,
>
> When there is no more info on the module, then I'll turn to "truss" on
Solaris and run the same command line but with truss to see what exactly the
module is doing and what kind of internal roll-o-coaster it traverses.
>
> That should shed more light on the issue.
>
> Regards,
> Patrick Soltani.
>
>
>
>
> > -----Original Message-----
> > From: nagios-users-admin at lists.sourceforge.net
> > [mailto:nagios-users-admin at lists.sourceforge.net]On Behalf Of Michael
> > Tucker
> > Sent: Monday, December 22, 2003 8:23 PM
> > To: nagios-users at lists.sourceforge.net
> > Subject: Re: [Nagios-users] check_nrpe fails, SSL handshake error (NOT
> > Solved)
> >
> >
> >
> > On Monday, December 22, 2003, at 05:34 PM, John Downs wrote:
> >
> > > I wish my problem was so easy to fix. I recompiled with
> > > --disable-ssl
> > > option and it works
> > > a little better.(I tried the permissions issue it didn't
> > help) I am
> > > still
> > > getting the following error
> > > in /var/adm/messages:
> > >
> > > Network server bind failure (126: cannot assign requested addres)
> > > This happens when I start start nrpe in daemon mode with:
> > > /usr/bin/nrpe -c /etc/nrpe.cfg -d
> > >
> > > nrpe is owned by root and has suid bit set. nrpe.cfg is owned by
> > > nagios and
> > > is readable by everyone.
> > >
> > > any ideas on this?
> > >
> > > Thanks!!
> > >
> > > -john
> > >
> >
> > Yeah, I get exactly the same thing. (Well *almost* exactly the same.
> > Mine says "(125: cannot assign requested address)", but
> > otherwise it's
> > the same if I try to launch nrpe as a stand-alone daemon. (In
> > my case,
> > both nrpe and nrpe.cfg are owned by nagios:nagios, no suid
> > bit set, and
> > are readable by everyone.)
> >
> > It works if I use inetd with tcp wrappers, though, as I
> > described in my
> > first message...
> >
> > > /etc/inetd.conf:
> > > nrpe stream tcp nowait nagios
> > /usr/sfw/sbin/tcpd /usr/local/nagios/
> > > bin/nrpe -c /usr/local/nagios/bin/nrpe.cfg -i
> > >
> > > /etc/services:
> > > nrpe 5666/tcp # NRPE (Nagios remote plugin executor)
> >
> > ...but ONLY if I have SSL disabled (recompiled nrpe with
> > --disable-ssl). I plan to deploy this to some sites where the SSL
> > security will be critically important. I can continue with my
> > testing
> > without it, but sooner or later I've got to fix this link in
> > the chain.
> >
> > Surely there's someone out there running Solaris who's had a similar
> > problem, and figured out how to solve it?
> >
> > *frustrated*
> >
> > Michael
> >
> >
> >
> > -------------------------------------------------------
> > This SF.net email is sponsored by: IBM Linux Tutorials.
> > Become an expert in LINUX or just sharpen your skills. Sign
> > up for IBM's
> > Free Linux Tutorials. Learn everything from the bash shell
> > to sys admin.
> > Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
> > _______________________________________________
> > Nagios-users mailing list
> > Nagios-users at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > ::: Please include Nagios version, plugin version (-v) and OS
> > when reporting any issue.
> > ::: Messages without supporting info will risk being sent to /dev/null
> >
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: IBM Linux Tutorials.
> Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
> Free Linux Tutorials. Learn everything from the bash shell to sys admin.
> Click now! http://ads.osdn.com/?ad_id�78&alloc_id371&opÌk
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id�78&alloc_id371&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list