[Nagios-users] execute command as root user
Hello, I know this is more OS related and not so much nagios related, but I thought maybe somebody has stumbled across this: I need, on a critical failure that is trapped by nagios (this works for me), to restart an application which I usually restart as root user on this machine. To be specific: Tomcat is giving up work now and then on this machine, I can trap it, and need to restart it. Normally I do this by /etc/init.d/tomcat restart -- but I need to be root for this, so nagios cannot do this automatically for me, because it runs as nagios user. What is the best way to approach this ? Changing the owner of the tomcat-related startup files so that nagios can do it ? Writing a file on-critical-error and restarting tomcat (as a cron-job), whenever that file exists ? Something else ? Regards, Martin - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] execute command as root user
On Mon, Jul 23, 2007 at 12:37:06PM +0200, Martin Koeck wrote: > Hello, > > I know this is more OS related and not so much nagios related, but I > thought maybe somebody has stumbled across this: > > I need, on a critical failure that is trapped by nagios (this works for > me), to restart an application which I usually restart as root user on > this machine. > > To be specific: Tomcat is giving up work now and then on this machine, I > can trap it, and need to restart it. Normally I do this by > /etc/init.d/tomcat restart -- but I need to be root for this, so nagios > cannot do this automatically for me, because it runs as nagios user. > > What is the best way to approach this ? Changing the owner of the > tomcat-related startup files so that nagios can do it ? Writing a file > on-critical-error and restarting tomcat (as a cron-job), whenever that > file exists ? Something else ? Use the 'sudo' command. Alternately: write a short program in C, that is setuid root, that execs the init script. You MUST think carefully about the security implications of doing this - put appropriate checks in. -- Alain Williams Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php Chairman of UKUUG: http://www.ukuug.org/ #include - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] execute command as root user
Martin Koeck wrote: > Hello, > > I know this is more OS related and not so much nagios related, but I > thought maybe somebody has stumbled across this: > > I need, on a critical failure that is trapped by nagios (this works for > me), to restart an application which I usually restart as root user on > this machine. > > To be specific: Tomcat is giving up work now and then on this machine, I > can trap it, and need to restart it. Normally I do this by > /etc/init.d/tomcat restart -- but I need to be root for this, so nagios > cannot do this automatically for me, because it runs as nagios user. > > What is the best way to approach this ? Changing the owner of the > tomcat-related startup files so that nagios can do it ? Writing a file > on-critical-error and restarting tomcat (as a cron-job), whenever that > file exists ? Something else ? sudo and nagios eventhandler should do it. For security reasons, be as specific as possible in your sudo configuration, e.g.: [snip] nagios ALL=NOPASSWD:/etc/init.d/tomcat restart [snip] You'll have to look in nagios doco for eventhandlers, i've never used them. Another alternative, that we use here successfully, is to use monit from http://www.tildeslash.com/monit. Works like a charm and is a bit easier to setup than nagios eventhandlers (I think:). In monit you define simple criterias and subsequent actions, like restart. For example: memory out of bounds: restart, process missing: start, etc. Hope this helps /Lars - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
