illegal_macro_output_chars effect on custom macros.

Romain Komorn rkomorn at dofc.org
Fri Mar 12 02:10:11 CET 2010
Previous message: Monitor Remote Windows Machine with Nagios Core
Next message: check_mem shows : "NRPE: Unable to read output"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
(Already submitted as http://tracker.nagios.org/view.php?id=131 ).

I'm using Nagios 3.2 on Centos 5.4 , RPMs are virtually identical to
the ones coming from DAG ( http://dag.wieers.com/apt/ ).

I seem to be running into a bug during macro processing. The
documentation for the illegal_macro_output_chars option states that
"This DOES NOT affect macros used in service or host check commands."
Apologies in advance for the liberal use of #'s.

However, I have a custom macro defined for a host defined as:

#####################################################

define host{
...
__monitored_mounts_exclude      ^/var/lib|^/proc|^/mnt
...
}

#####################################################

Its purpose is to be passed as an argument to a perl-based snmp script
as $_HOST_MONITORED_MOUNTS_EXCLUDE$ to be used as a regexp.

With nagios.cfg containing:

#####################################################

illegal_macro_output_chars=`~$&'"<>|

#####################################################

the following happens:

#####################################################

[1268354328.961221] [2048.1] [pid=15390] **** BEGIN MACRO PROCESSING ***********
[1268354328.961274] [2048.1] [pid=15390] Processing:
'$USER1$/check_snmp_monitored_mounts.pl -f -H $HOSTADDRESS$ -a
$HOSTALIAS$ -C $USER3$ -w $_HOST_MONITORED_MOUNTS_THOLD_WARN$ -c
$_HOST_MONITORED_MOUNTS_THOLD_CRIT$ -o
$_HOST_MONITORED_MOUNTS_OBJFILE$ -x
'$_HOST_MONITORED_MOUNTS_EXCLUDE$''
[1268354328.961314] [2048.1] [pid=15390]   Done.  Final output:
'/usr/lib64/nagios/plugins/check_snmp_monitored_mounts.pl -f -H
A.B.C.D -a XXXX -C YYYY -w 0 -c 10 -o /var/nagios/objects.cache -x
'^/var/lib^/proc^/mnt''
[1268354328.961321] [2048.1] [pid=15390] **** END MACRO PROCESSING *************

#####################################################

With nagios.cfg containing:

#####################################################

illegal_macro_output_chars=`~$&'"<

#####################################################

the following happens:

#####################################################

[1268353321.193367] [2048.1] [pid=15390] **** BEGIN MACRO PROCESSING ***********
[1268353321.193392] [2048.1] [pid=15390] Processing:
'$USER1$/check_snmp_monitored_mounts.pl -f -H $HOSTADDRESS$ -a
$HOSTALIAS$ -C $USER3$ -w $_HOST_MONITORED_MOUNTS_THOLD_WARN$ -c
$_HOST_MONITORED_MOUNTS_THOLD_CRIT$ -o
$_HOST_MONITORED_MOUNTS_OBJFILE$ -x
'$_HOST_MONITORED_MOUNTS_EXCLUDE$''
[1268353321.193476] [2048.1] [pid=15390]   Done.  Final output:
'/usr/lib64/nagios/plugins/check_snmp_monitored_mounts.pl -f -H
A.B.C.D -a XXXX -C YYYY -w 0 -c 10 -o /var/nagios/objects.cache -x
'^/var/lib|^/proc|^/mnt''
[1268353321.193487] [2048.1] [pid=15390] **** END MACRO PROCESSING *************

#####################################################

The | characters appears in $_HOST_MONITORED_MOUNTS_EXCLUDE$ .

It would seem, at the very least, that the documentation for
illegal_macro_output_chars does not tell the whole story. This is a
custom variable being used during a service check. I realize that the
documentation doesn't particularly address this specific scenario.
I've looked at the comments in nagios.cfg and at
http://nagios.sourceforge.net/docs/3_0/configmain.html .
http://tracker.nagios.org/view.php?id=27 could be related, but doesn't
quite address it.

I'm not particularly inclined to remove | from the list of
illegal_macro_output_chars, that doesn't seem like the right solution.
If anything, I'm surprised that ';' isn't an illegal character. It
seems like it could lead to abuse.

I don't see what other relevant configuration or debug logs I could
provide since this seems to encompass everything. The change above
(removing | from  illegal_macro_output_chars in nagios.cfg) was the
only change made to the entire nagios configuration files between the
two debug.log pastes. I don't see anything in the spec file for the
RPM that would patch nagios in a way that causes this behavior.

I do realize that proper workarounds could include passing the
argument to the check command as $ARGN$ , hardcoding the check_command
for each service, or have check_snmp_monitored_mounts.pl make some
sort of substitution as it parses the -x argument (it actually
supports multiple -x arguments, so -x ^/var/lib -x ^/proc -x ^/mnt
would work as well).

That's not the point of this email, though.

Romain

------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: Monitor Remote Windows Machine with Nagios Core
Next message: check_mem shows : "NRPE: Unable to read output"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list