Re: [Nagios-users] problems with a Script on nagios
Every user should have rights to read '/etc/passwd'. More likely you don't have rights to read /var/log/messages as nagios. On Thu, 2007-05-31 at 10:14 +0200, Jose luis Fernandez wrote: > Because the user on shell is "root" and you have rights to > process /etc/passwd, but the user of NAGIOS doesn´t have rights to > read /etc/passwd > > [EMAIL PROTECTED] escribió: > > > > Hi Nagiosexchange users!!! > > > > I have some problems with this bash script. The objetive is to > > monitor all the incorrect logins to the sistem so I created this > > script. > > > > > > check_acces > > --- > > #!/bin/bash > > > > di=`date '+%B %d'` > > for i in `cut -f1 -d: /etc/passwd`; > > do > > kkY=`grep \Failed\ \keyboard-interactive/pam\ \for\ \ > > $i /var/log/messages |cut -c1-15|awk "/$di/"` > > if [ "$kkY" != "" ] > > then > > sa1="$sa1 User: $i Date of Attempts:$kkY" > > fi > > done > > > > kk6=`grep \Failed\ \keyboard-interactive/pam\ \for\ \illegal\ > > \user /var/log/messages |cut -c1-15 |awk "/$di/"` > > > > sal2="EXISTING USERS:$sa1 NO EXISTING USERS: Date of Attempts:$kk6" > > > > sal3=`echo $sal2` > > echo $sal3 > > > > > > The script works fine on shell, I execute the script like this > > ./check_acces and it returns this > > > > > > EXISTING USERS: User: root Date of Attempts:May 31 08:40:03 May 31 > > 08:40:04 May 31 08:40:15 May 31 08:40:17 May 31 08:40:18 User: jon > > Date of Attempts:May 31 08:40:33 May 31 08:40:34 May 31 08:40:35 May > > 31 08:40:36 May 31 08:40:38 NO EXISTING USERS: Date of Attempts:May > > 31 08:40:54 May 31 08:40:56 May 31 08:40:57 May 31 08:40:59 May 31 > > 08:41:01 May 31 08:41:02 May 31 08:41:04 May 31 08:41:14 May 31 > > 08:41:15 May 31 08:41:16 May 31 08:41:17 May 31 08:41:19 May 31 > > 08:41:20 May 31 08:41:23 > > > > this is ok, it works fine. > > > > But when I declare a service and a command on Nagios with this > > script something extrange happends, only appears this on Nagios, > > where are the incorect logins? They doesn´t appear. > > > > > > > > > > > > > > > > > > > > > > > > Service Status Last Check > >Duration Attempt > >Status information > > > > Incorrect Access > > > > > > > > > > > > > > > > > > > > > > > > > > OK > > 05-31-2007 > > 09:30:46 > > 2d 23h 30m > > 55s > > 1/4 > > EXISTING > > USERS: NO > > EXISTING > > USERS: Date > > of > > Attempts: > > > > > > I dont know why when the script is executed by nagios it doesn´t > > return anything and it works fine on shell. The script executed by > > nagios it doesn´t return the same as when you executed on shell. > > > > Someone knows something about this? Thank you for help!!! > > > > > > Aritz. > > > > > > > > - > > This SF.net email is sponsored by DB2 Express > > Download DB2 Express C - the FREE version of DB2 express and take > > control of your XML. No limits. Just data. Click to get it now. > > http://sourceforge.net/powerbar/db2/ > > > > > > > > ___ > > Nagios-users mailing list > > Nagios-users@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/nagios-users > > ::: Please include Nagios version, plugin version (-v) and OS when > > reporting any issue. > > ::: Messages without supporting info will risk being sent to /dev/null > > -- > José Luís Fernández Sánchez > > Área de Nuevas Tecnologías > > > > C/ Marie Curie, nº 6 – bajo derecha. 29590. PTA. Málaga > > Tel. +34 951 299 524 – Fax: +34 951 299 596 > > Correo-e: [EMAIL PROTECTED] > > www.juntadeandalucia.es/fundaciondeserviciossociales > > > > > > > > Este mensaje se dirige exclusivamente a su destinatario y puede > contener información privilegiada o confidencial. Si no es Ud. el > destinatario indicado, queda notificado de que la utilización, > divulgación y/o copia sin autorización está prohibida en virtud de la > legislación vigente. Si ha recibido este mensaje por error, le rogamos > que nos lo comunique inmediatamente por esta misma vía y proceda a su > destrucción. > > This message is intended exclusively for its addressee and may contain > information that is CONFIDENTIAL and protected by professional > privilege. If you are not the intended recipient your are hereby > notified that any dissemination, copy or disclosure of this > communication is strictly prohibited by law. If this message has been > received in error, please immediately notify us via e-mail and delete > it. > > P Antes de imprimir, piense en su compromiso con el MEDIO AMBIENTE! > > > > > -
Re: [Nagios-users] problems with a Script on nagios
Title: Jose Luis Fernández Sánchez Mi español es un poco mejor, lol A mi me ha pasado algo parecido con otros scripts y mis pruebas han pasado por logarme con el usuario nagios y ejecutarlo. También se me ocurre que coloques el fichero passwd en el home del usuario nagiosdonde no es susceptiblede estar protegido por selinux. Un saludo [EMAIL PROTECTED] escribió: Hola Jose Luis, Primero gracias por responderme, te lo agradezco. La cuestion es que le he dado los permisos al usuario nagios y todo sigue igual si se te ocurre algo mas nuevamente gracias por la ayuda! Aritz. -- José Luís Fernández Sánchez Área de Nuevas Tecnologías C/ Marie Curie, nº 6 – bajo derecha. 29590. PTA. Málaga Tel. +34 951 299 524 – Fax: +34 951 299 596 Correo-e: [EMAIL PROTECTED] www.juntadeandalucia.es/fundaciondeserviciossociales Este mensaje se dirige exclusivamente a su destinatario y puede contener información privilegiada o confidencial. Si no es Ud. el destinatario indicado, queda notificado de que la utilización, divulgación y/o copia sin autorización está prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. This message is intended exclusively for its addressee and may contain information that is CONFIDENTIAL and protected by professional privilege. If you are not the intended recipient your are hereby notified that any dissemination, copy or disclosure of this communication is strictly prohibited by law. If this message has been received in error, please immediately notify us via e-mail and delete it. P Antes de imprimir, piense en su compromiso con el MEDIO AMBIENTE! - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] problems with a Script on nagios
Hola Jose Luis, Primero gracias por responderme, te lo agradezco. La cuestion es que le he dado los permisos al usuario nagios y todo sigue igual si se te ocurre algo mas nuevamente gracias por la ayuda! Aritz. - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] problems with a Script on nagios
Because the user on shell is "root" and you have rights to process /etc/passwd, but the user of NAGIOS doesn´t have rights to read /etc/passwd [EMAIL PROTECTED] escribió: Hi Nagiosexchange users!!! I have some problems with this bash script. The objetive is to monitor all the incorrect logins to the sistem so I created this script. check_acces --- #!/bin/bash di=`date '+%B %d'` for i in `cut -f1 -d: /etc/passwd`; do kkY=`grep \Failed\ \keyboard-interactive/pam\ \for\ \$i /var/log/messages |cut -c1-15|awk "/$di/"` if [ "$kkY" != "" ] then sa1="$sa1 User: $i Date of Attempts:$kkY" fi done kk6=`grep \Failed\ \keyboard-interactive/pam\ \for\ \illegal\ \user /var/log/messages |cut -c1-15 |awk "/$di/"` sal2="EXISTING USERS:$sa1 NO EXISTING USERS: Date of Attempts:$kk6" sal3=`echo $sal2` echo $sal3 The script works fine on shell, I execute the script like this ./check_acces and it returns this EXISTING USERS: User: root Date of Attempts:May 31 08:40:03 May 31 08:40:04 May 31 08:40:15 May 31 08:40:17 May 31 08:40:18 User: jon Date of Attempts:May 31 08:40:33 May 31 08:40:34 May 31 08:40:35 May 31 08:40:36 May 31 08:40:38 NO EXISTING USERS: Date of Attempts:May 31 08:40:54 May 31 08:40:56 May 31 08:40:57 May 31 08:40:59 May 31 08:41:01 May 31 08:41:02 May 31 08:41:04 May 31 08:41:14 May 31 08:41:15 May 31 08:41:16 May 31 08:41:17 May 31 08:41:19 May 31 08:41:20 May 31 08:41:23 this is ok, it works fine. But when I declare a service and a command on Nagios with this script something extrange happends, only appears this on Nagios, where are the incorect logins? They doesn´t appear. Service Status Last Check Duration Attempt Status information Incorrect Access OK 05-31-2007 09:30:46 2d 23h 30m 55s 1/4 EXISTING USERS: NO EXISTING USERS: Date of Attempts: I dont know why when the script is executed by nagios it doesn´t return anything and it works fine on shell. The script executed by nagios it doesn´t return the same as when you executed on shell. Someone knows something about this? Thank you for help!!! Aritz. - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- Jose Luis Fernández Sánchez José Luís Fernández Sánchez Área de Nuevas Tecnologías C/ Marie Curie, nº 6 – bajo derecha. 29590. PTA. Málaga Tel. +34 951 299 524 – Fax: +34 951 299 596 Correo-e: [EMAIL PROTECTED] www.juntadeandalucia.es/fundaciondeserviciossociales Este mensaje se dirige exclusivamente a su destinatario y puede contener información privilegiada o confidencial. Si no es Ud. el destinatario indicado, queda notificado de que la utilización, divulgación y/o copia sin autorización está prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. This message is intended exclusively for its addressee and may contain information that is CONFIDENTIAL and protected by professional privilege. If you are not the intended recipient your are hereby notified that any dissemination, copy or disclosure of this communication is strictly prohibited by law. If this message has been received in error, please immediately notify us via e-mail and delete it. P Antes de imprimir, piense en su compromiso c