Hi Eric, Today Eric Chatham wrote:
> Hello, > > Was anyone able to come up with a solution to this? the problem is that your webserver is probaly running smokeping.cgi as user nobody or httpd ... and this user does not have access to secrets.conf ... you may want to try chown httpd /opt/smokeping/etc/secrets.conf even better would be to use suexec on your webserver and have a separate smokeping user for running both the daemon as well as the cgi ... hth tobi > > Thank you, Eric. > > >-----Original Message----- > >From: [email protected] [mailto:smokeping-users- > >[email protected]] On Behalf Of Eric Chatham > >Sent: Wednesday, November 04, 2009 15:01 > >To: [email protected] > >Subject: Re: [smokeping-users] Slave cannot open Secrets file (Permisson > >Denied) > > > >Hi Peter, > > > >Thank you for replying. That?s the part that doesn?t make sense. This is > >the > >command I run on the slave machine to daemonize smokeping. > > > >SLAVE DAEMON: > > > >/home/smokeping/alt/smokeping/bin/smokeping --master- > >url=http://server02.broadvox.net/smokeping/smokeping.cgi --shared- > >secret=/opt/smokeping/secret.txt --cache-dir=/var/tmp/ > >WARNING: Opening secrets file /opt/smokeping/etc/secrets.conf: Permission > >denied > > > >ERROR: we did not get config from the master. Maybe we are not configured as > >a > >slave for any of the targets on the master ? > > > > > >There is no secrets.conf file on the slave machine ? only the answer file, > >called secret.txt, and the error on the slave references the location of > >secrets.conf on the master server. Our Linux Server crashed a few days ago. > >I re-installed CentOS 5.1 on the server. This was the original OS on there > >too. The only difference in the smokeping installation was in the version of > >RRDTool I used (1.3 ? 1.4). That?s it. All the configs were restored from a > >backup. > > > >On the master, I daemonize smokeping from the /opt directory. That is where > >I > >have installed smokeping; that was where it was installed beforehand as well. > >Yes, iptables on the master server allows access from the slave. As I > >mentioned, I did get it to work by giving secrets.conf on the master, 444 > >permissions; however, when I changed the permissions of that file back to 440 > >? for example, that?s when I get the permissions denied error on the slave. > > > >MASTER DAEMON: > >/opt/smokeping/bin/smokeping ?restart > > > >Thank you for any assistance with this. ? > > > >From: Peter Kristolaitis [mailto:[email protected]] > >Sent: Tuesday, November 03, 2009 23:51 > >To: Eric Chatham > >Cc: [email protected] > >Subject: Re: [smokeping-users] Slave cannot open Secrets file (Permisson > >Denied) > > > >The permissions of the config file on the master have *absolutely nothing* to > >do with the permissions of the config file on the slave. This is a file > >permission issue on the slave machine -- whatever context smokeping is > >running > >under is unable to read the secrets.conf file *on the slave machine*. > > > >To help in troubleshooting: What distribution of Linux (or *BSD, etc) are > >you > >using? Did you install Smokeping from a package or manually? How are you > >starting the slave -- and if it's manually, can you include your script, if > >any? > > > > > > > >Eric Chatham wrote: > >This still doesn?t make sense at all. This is a conundrum! > > > >When I set read to the everyone group for secrets.conf file (eg, 444) on the > >master and start the daemon on the slave, it works fine. > > > >BUT, if I go and try to restart the daemon on the master it says ?ERROR: > >/opt/smokeping/etc/config, line 137: File '/opt/smokeping/etc/secrets.conf' > >is > >world-readable or writable, refusing it.? When I reset the permissions to > >read only on the master (eg 440), I am able to re-daemonize smokeping on > >master. > > > >BUT, when I go back to the slave and try to re-daemonize, I get ?WARNING: > >Opening secrets file /opt/smokeping/etc/secrets.conf: Permission denied. > >ERROR: we did not get config from the master. Maybe we are not configured as > >a > >slave for any of the targets on the master?? > > > >This does not make sense > > > >From: Eric Chatham > >Sent: Tuesday, November 03, 2009 17:01 > >To: Eric Chatham; Peter Kristolaitis > >Cc: [email protected] > >Subject: RE: [smokeping-users] Slave cannot open Secrets file (Permisson > >Denied) > > > >I changed the master so smokeping runs under smokeping user (uid 1002). I > >still can?t daemonize smokeping on the slave. > > > >1002 17841 0.0 0.3 30248 16468 ? Ss 15:55 0:00 > >/usr/bin/perl > >-w /opt/smokeping/bin/smokeping -restart > >1002 17842 0.0 0.3 30248 16392 ? S 15:55 0:00 > >/opt/smokeping/bin/smokeping [FPing_III] > >1002 17843 0.0 0.3 30248 16308 ? S 15:55 0:00 > >/opt/smokeping/bin/smokeping [FPing_II] > >1002 17844 0.0 0.3 30248 16308 ? S 15:55 0:00 > >/opt/smokeping/bin/smokeping [FPing_IV] > >1002 17845 0.0 0.3 30248 16228 ? S 15:55 0:00 > >/opt/smokeping/bin/smokeping [FPing_default] > >1002 17846 0.0 0.3 30248 16228 ? S 15:55 0:00 > >/opt/smokeping/bin/smokeping [FPing_I] > >1002 17976 0.0 0.0 1716 540 ? S 15:56 0:00 > >/usr/local/sbin/fping -C 20 -q -B1 -r1 -i10 71.182.234.59 204.15.16 > >nagios 17984 0.0 0.0 17348 1580 ? S 15:56 0:00 > >/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg > >nagios 17985 0.0 0.0 3908 712 ? S 15:56 0:00 > >/usr/local/nagios/libexec/check_ping -H 10.128.54.222 -w 100.00,20% > >nagios 17986 0.0 0.0 1836 528 ? S 15:56 0:00 /bin/ping -n > >-U -w 10 -c 5 10.128.54.222 > >nagios 18002 0.0 0.0 17348 1580 ? S 15:56 0:00 > >/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg > >nagios 18003 0.0 0.0 3904 712 ? S 15:56 0:00 > >/usr/local/nagios/libexec/check_ping -H 10.128.95.249 -w 3000.0,80% > >nagios 18005 0.0 0.0 1840 544 ? S 15:56 0:00 /bin/ping -n > >-U -w 30 -c 5 10.128.95.249 > >nagios 18009 0.0 0.0 17348 1580 ? S 15:56 0:00 > >/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg > >nagios 18010 7.3 0.1 10620 6828 ? S 15:56 0:00 > >/usr/bin/perl > >/usr/local/nagios/libexec/check_uptime.pl -H 10.10.3. > >1002 18023 0.0 0.0 7920 1680 pts/2 R+ 15:56 0:00 ps aux > >root 18807 0.0 0.0 5296 1196 ? Ss 08:29 0:00 crond > >root 20761 0.0 0.0 4532 1192 pts/2 S 09:48 0:00 /bin/sh > >/usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var > >mysql 20811 0.0 0.5 145232 23176 pts/2 Sl 09:48 0:19 > >/usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user= > >apache 24728 0.2 0.5 30584 21796 ? S 13:42 0:17 > >/usr/bin/speedy_backend -w /opt/smokeping/htdocs/smokeping.cgi > >root 26169 0.0 0.1 21092 7392 ? Ss 13:46 0:00 > >/usr/sbin/httpd > >apache 26171 0.0 0.2 28576 11752 ? S 13:46 0:03 > >/usr/sbin/httpd > >apache 26172 0.0 0.2 27828 10860 ? S 13:46 0:01 > >/usr/sbin/httpd > >apache 26173 0.0 0.2 28740 11836 ? S 13:46 0:02 > >/usr/sbin/httpd > >apache 26174 0.0 0.2 28652 11800 ? S 13:46 0:01 > >/usr/sbin/httpd > >apache 26175 0.0 0.2 28756 11840 ? S 13:46 0:01 > >/usr/sbin/httpd > >apache 26176 0.0 0.2 28752 11936 ? S 13:46 0:03 > >/usr/sbin/httpd > >apache 26177 0.0 0.2 28748 11840 ? S 13:46 0:02 > >/usr/sbin/httpd > >apache 26178 0.0 0.2 28576 11756 ? S 13:46 0:01 > >/usr/sbin/httpd > >root 27449 0.0 0.1 27412 6448 ? Sl Nov02 0:09 > >/usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid -a > >nagios 27615 0.4 0.0 17344 2252 ? Ssl Nov02 7:03 > >/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg > >apache 30585 0.0 0.2 28588 11768 ? S 13:56 0:03 > >/usr/sbin/httpd > >apache 30617 0.0 0.4 28508 18248 ? S 13:56 0:06 > >/usr/bin/speedy_backend -w /opt/smokeping/htdocs/smokeping.cgi > >root 31883 0.0 0.0 7072 1072 ? Ss 15:13 0:00 > >/usr/sbin/sshd > >root 31936 0.0 0.0 13956 3732 ? Ss 15:13 0:00 sshd: > >echatham [priv] > >echatham 32005 0.0 0.0 13956 2260 ? S 15:13 0:00 sshd: > >echat...@notty > >echatham 32006 0.0 0.0 9708 2200 ? Ss 15:13 0:00 > >/usr/libexec/openssh/sftp-server > >[smokep...@dalimnag02 ~]$ id smokeping > >uid=1002(smokeping) gid=1003(smokeping) groups=1003(smokeping) > >context=user_u:system_r:unconfined_t > >[smokeping@ ~]$ > > > >From: [email protected] [mailto:smokeping-users- > >[email protected]] On Behalf Of Eric Chatham > >Sent: Tuesday, November 03, 2009 15:29 > >To: Peter Kristolaitis > >Cc: [email protected] > >Subject: Re: [smokeping-users] Slave cannot open Secrets file (Permisson > >Denied) > > > >Hello, > > > >How can I tell if it?s running under UID or GID? I never had a problem > >before > >with this running. I?m running this under root on both master and slave > >server. Secrets.conf is owned by root user and group. > > > >From: Peter Kristolaitis [mailto:[email protected]] > >Sent: Tuesday, November 03, 2009 15:25 > >To: Eric Chatham > >Cc: [email protected] > >Subject: Re: [smokeping-users] Slave cannot open Secrets file (Permisson > >Denied) > > > >I suspect it's a file ownership problem. > > > >Is smokeping running with UID root or GID root (the two conditions which > >would > >allow it to access that file given the ownership and permissions)? Most > >installations of smokeping run under non-privileged UID/GID for security. > > > > > > > > > > > >Eric Chatham wrote: > >Hello, > > > >I had this working at one time with giving the secrets file 640 permissions. > >Our hardware failed on our Linux server, so I had to re-install all our > >applications from a backup. One of the apps was smokeping. I re-installed > >the program and just restored the configs from the backup. > > > >Can someone tell me why I?m now having a problem on the slave server trying > >to > >open the secrets.conf file on the master server? I keep getting this error: > > > >WARNING: Opening secrets file /opt/smokeping/etc/secrets.conf: Permission > >denied > > > >ERROR: we did not get config from the master. Maybe we are not configured as > >a > >slave for any of the targets on the master ? > > > >Here is my secrets.conf stat: > > > >stat secrets.conf > > File: `secrets.conf' > > Size: 56 Blocks: 16 IO Block: 4096 regular file > >Device: fd00h/64768d Inode: 4423683 Links: 1 > >Access: (0640/-rw-r-----) Uid: ( 0/ root) Gid: ( 0/ root) > >Access: 2009-11-03 13:21:26.000000000 -0600 > >Modify: 2009-11-02 15:06:10.000000000 -0600 > >Change: 2009-11-03 13:36:58.000000000 -0600 > > > >Eric Chatham > >MIS Department > >Phone: (216) 373-4683 > >Fax: (216) 373-4669 > >[email protected] > > > > > > > >________________________________________ > >CONFIDENTIAL. This e-mail and any attached files are confidential and should > >be destroyed and/or returned if you are not the intended and proper > >recipient. > > > > > > > > > > > > > > > > > >________________________________________ > > > > > > > > > > > > > > > > > > > > > >_______________________________________________ > >smokeping-users mailing list > >[email protected] > >https://lists.oetiker.ch/cgi-bin/listinfo/smokeping-users > > > > > > > >________________________________________ > >CONFIDENTIAL. This e-mail and any attached files are confidential and should > >be destroyed and/or returned if you are not the intended and proper > >recipient. > > > >________________________________________ > >CONFIDENTIAL. This e-mail and any attached files are confidential and should > >be destroyed and/or returned if you are not the intended and proper > >recipient. > > > > > >CONFIDENTIAL. This e-mail and any attached files are confidential and should > >be destroyed and/or returned if you are not the intended and proper > >recipient. > >_______________________________________________ > >smokeping-users mailing list > >[email protected] > >https://lists.oetiker.ch/cgi-bin/listinfo/smokeping-users > > CONFIDENTIAL. This e-mail and any attached files are confidential and should > be destroyed and/or returned if you are not the intended and proper recipient. > _______________________________________________ > smokeping-users mailing list > [email protected] > https://lists.oetiker.ch/cgi-bin/listinfo/smokeping-users > -- Tobi Oetiker, OETIKER+PARTNER AG, Aarweg 15 CH-4600 Olten, Switzerland http://it.oetiker.ch [email protected] ++41 62 775 9902 / sb: -9900 _______________________________________________ smokeping-users mailing list [email protected] https://lists.oetiker.ch/cgi-bin/listinfo/smokeping-users
