Greetings!!! Errata: Nagios 3.0
I have nrpe running quite well on several clients, but I am having some problems with running root-perm'd commands on the client via nrpe. The critical one I need is check_mailq, which calls the standard UNIX "mailq" command, but there are also others (check_mem, check_log) The problem is that mailq requires root priv's to do this. Since I run nrpe in daemon mode under the nagios user, it fails with: CRITICAL: Error code 78 returned from /usr/bin/mailq Just for sanity check, I su'd into the nagios user and tried to run it, and it fails. I was able to get it working with sudo by adding the user nagios to the client's sudoers with only that command, and then adding the appropriate "sudo" in front of the check_mailq command in nrpe.cfg: command[check_mailq]=sudo /usr/local/nagios/libexec/check_mailq -w 50 -c 75 It also works on the client as the nagios user. However, as sudo is designed to do, it logs every command run under it, so I wind up getting an email for every instance the check is made. Multiply that times several servers and services, and I am now getting flooded with emails that are essentially unnecessary. I also thought of: -- running nrpe as "root" (not comfortable with that) -- SUID on check_mailq -- chown'ing check_mailq root:root I'm stumped.... Any ideas are greatly appreciated! Thanks in advance!! ....k -=-=-=- Kevin Freels Director of Information Technology Sendmail, Inc. kfre...@sendmail.com 510/594.5572 ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
