Sudo
nagios nrpe 無法讀取輸出
我試圖用來
check_nrpe檢查遠端伺服器,但它不起作用,我無法弄清楚我錯過了什麼……# /usr/lib/nagios/plugins/check_nrpe -H XXX -c check_load -a 6,5,4 8,7,6 NRPE: Unable to read output #遠端的伺服器系統日誌消息:
nrpe[18058]: Connection from XX.XX.XX.XX port 16267 nrpe[18058]: Host address is in allowed_hosts nrpe[18058]: Handling the connection... nrpe[18058]: Host is asking for command 'check_load' to be run... nrpe[18058]: Running command: /usr/bin/sudo /usr/lib64/nagios/plugins/check_load -w 6,5,4 -c 8,7,6 nrpe[18058]: Command completed with return code 1 and output: nrpe[18058]: Return Code: 1, Output: NRPE: Unable to read output nrpe[18058]: Connection from XX.XX.XX.XX closed.要手動驗證它,我在遠端 shell 上發出相同的命令:
bash-4.1$ id uid=497(nrpe) gid=497(nrpe) groups=497(nrpe) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 bash-4.1$ /usr/bin/sudo /usr/lib64/nagios/plugins/check_load -w 6,5,4 -c 8,7,6 OK - load average: 0.21, 0.23, 0.19|load1=0.210;6.000;8.000;0; load5=0.230;5.000;7.000;0; load15=0.190;4.000;6.000;0; bash-4.1$
…問題是即使
nrpe_userinside of/etc/nagios/nrpe.cfg設置為nrpe,無論出於何種原因nrpe以nagios使用者身份執行,所以我不得不重新調整sudoers.d文件並且它立即開始工作…# grep nrpe_user /etc/nagios/nrpe.cfg nrpe_user=nrpe # ps auxwww | grep nrpe nagios 25388 0.0 0.0 41332 1240 ? Ss 11:32 0:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d root 26230 0.0 0.0 103252 828 pts/3 S+ 11:47 0:00 grep nrpe # cat /etc/sudoers.d/01_nagios Defaults:nagios !requiretty nagios ALL=(ALL) NOPASSWD: /usr/lib64/nagios/plugins/ #