Skip to main content

Monitoring DHCP server with check_dhcp

Setting Nagios to monitor my DHCP server using the plugin check_dhcp was a little tricky to setup.

First, the check_dhcp documentation indicates setting setuid on the check_dhcp binary in order to successfully query the dhcp server and receive a valid dhcp offer.

[email protected] libexec]# su - nagios -c '/usr/local/nagios/libexec/check_dhcp -s'
Warning: This plugin must be either run as root or setuid root.
To run as root, you can use a tool like sudo.
To set the setuid permissions, use the command:
chmod u+s yourpluginfile
Error: Could not bind socket to interface eth0. Check your privileges...


chown root.root check_dhcp
chmod u+s check_dhcp

Secondly, since I always have all of my machines block all incoming traffic, I had to open up the UDP port 68 in order for the Nagios machine to accept the dhcp offer.

iptables -A INPUT -p udp --dport 68 -j ACCEPT


Awesome Applications: 

Custom WordPress auto update via FTP

When I originally migrated my blog off GoDaddy, one of the things that stopped functioning was the WordPress auto update feature. Luckily, I was able to easily overcome this using my own custom FTP settings. For its simplicity, I used vsftpd.


yum install vsftpd
chkconfig vsftpd on

Configure vsftpd to jail FTP users to their home directory in /etc/vsftpd/vsftpd.conf :


Restart vftpd:

/etc/init.d/vsftpd restart

Now, I'll create the user that will be used to download and install the WordPress auto updates. :

useradd -d /PATH/TO/WORDPRESS/SITE -G apache -s /sbin/nologin apache_ftp_user
passwd apache_ftp_user

Before applying an update, update your permissions:

chown -R apache_ftp_user:apache /PATH/TO/WORDPRESS/SITE

Now use apache_ftp_user username and password on the WordPress FTP connection wizard page:

WordPress FTP Connection Information

Awesome Applications: 

Certificate validation issue during Spacewalk install

For some really annoying reason Spacewalk failed to populate the database during the initial setup.
Fix: Make sure your user's database password does not have special characters!

[[email protected] ~]# spacewalk-setup --disconnected --external-db
** Database: Setting up database connection for PostgreSQL backend.
Hostname (leave empty for local)?
Database? dbnamehere
Username? usernamehere
** Database: Populating database.
The Database has schema. Would you like to clear the database [Y]? Y
** Database: Clearing database.
** Database: Shutting down spacewalk services that may be using DB.
** Database: Services stopped. Clearing DB.
** Database: Re-populating database.
*** Progress: ##################################
* Setting up users and groups.
** GPG: Initializing GPG and importing key.
* Performing initial configuration.
* Activating Spacewalk.
** Loading Spacewalk Certificate.
** Verifying certificate locally.
** Activating Spacewalk.
There was a problem validating the satellite certificate: 1



Awesome Applications: 

OpenBSD: PF firewall for the paranoid

Block all traffic except for ssh.


tcp_services = "{ 22 }"
block all
pass out on em0 proto tcp to any port $tcp_services keep state
pass in on em0 proto tcp to any port $tcp_services keep state

Enabling rules:

# pfctl -e ; pfctl -f /etc/pf.conf
pfctl: pf already enabled

Awesome Applications: 


Writing custom Nagios plugins: check_public-ip

Now that I think Nagios is the greatest thing since slice bread, I'm slowly but surely re-writing all my custom monitoring scripts to Nagios plugins.

The following is a Nagios plugin ready script that I used to replace my old public IP monitoring (See ).



ip=`curl -connect-timeout 30 -s`

if [ "$current_ip" != "$ip" ] || [ -z "$ip" ]
        if [[ "$ip" =~ "Service Unavailable" ]] || [[ "$ip" =~ "html" ]]
                echo "IP service monitoring is unavailable."
                exit $STATE_WARNING
        elif [[ "$ip"  =~ [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} ]]
                echo "ALERT: Public IP has changed. NEW IP: $ip"
                exit $STATE_CRITICAL
                echo "Unknown state detected."
                exit $STATE_UNKNOWN

        echo "Public OK: $ip"
        exit $STATE_OK


Awesome Applications: 

Cron monitoring plugin for Nagios


CRON_CHECK=`ps aux | grep cron|grep -v grep|awk '{print $NF}'|grep -E -e '^(/usr/sbin/cron|crond)$'|wc -l`

case "${CRON_CHECK}" in
        0)  echo "Crond is not running."; exit ${STATE_CRITICAL}
        1)  echo "Crond is running."; exit ${STATE_OK}
        *)  echo "More than one crond process detected / crond is in an unknown state."; exit ${STATE_WARNING}


Awesome Applications: 

Installing Nagios Remote Plugin Executor in FreeBSD 9.1

This also installs the Nagios plugins in addition of nrpe. Follow the text-based menu install options. The installer will create and configure the nagios user account, and will install the naios and nrpe plugins in /usr/local/libexec/nagios .

cd /usr/ports/net-mgmt/nrpe2
make install clean

Update permissions.

chown -R nagios:nagios /usr/local/libexec/nagios

Create nrpe config file.

cd /usr/local/etc
cp nrpe.cfg-sample nrpe.cfg

Add the following entry to /etc/rc.conf .


Edit nrpe.cfg (Example: is my nagios server)


Start the nrpe daemon.

/usr/local/etc/rc.d/nrpe2 start

Awesome Applications: 


Installing Nagios Remote Plugin Executor in Solaris 11

Install gcc

pkg install pkg://sfe/runtime/gcc pkg://sfe/sfe/developer/gcc

Install system headers (not really sure if all listed were necessary):

pkg install SUNWhea SUNWbinutils SUNWarc SUNWgcc SUNWgccruntime SUNWlibsigsegv SUNWgm4 SUNWgnu-automake-110 SUNWaconf

Update your PATH:

export PATH

Manually create nagios user account, home directory, group, and assigned him a password.

mkdir -p /usr/local/nagios
useradd -d /usr/local/nagios -m nagios
groupadd nagios
usermod -G nagios nagios
passwd nagios

Download, extract, compile and install nrpe.

tar -xvf
cd /opt/nrpe-2.13
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make install
make install-daemon-config
cp src/check_nrpe /usr/local/nagios/libexec

Update permissions.

chown -R nagios:nagios /usr/local/nagios/

Add the following entry to /etc/services

nrpe 5666/tcp # NRPE

Add the following entry to /etc/inetd.conf

nrpe stream tcp nowait nagios /usr/sbin/tcpd /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i

Convert and add the new legacy inetd entry to SMF.

inetconv -e

Awesome Applications: 


Creating large files in Solaris for testing purposes

In the Linux world, I use the dd utility to create files that need to be a certain size. Even though it works perfectly fine, its kind of annoying figuring out the output file's size of the file. This is because the size is based on the "bs" (block size) value and the total number of block size "count" together.

For example, the following dd command creates a 300 mb file called 300mb-test-fil. Each block size will be 1000 bytes, and I want of a total of 300,000 blocks.
Formula: ( (1000 x 300000) / 1000000 )

[[email protected] ~]$ dd if=/dev/zero of=300mb-test-file bs=1000 count=300000
300000+0 records in
300000+0 records out
300000000 bytes (300 MB) copied, 2.0363 s, 147 MB/s

Luckily in the Solaris world this can be easily accomplished using the mkfile utility, without doing any conversion.
I used the mkfile utility to easily create test disk files to experiment with ZFS.

[email protected]:~# mkfile 300m testdisk1
[email protected]:~# mkfile 300m testdisk2
[email protected]:~# ln -s /root/testdisk1 /dev/dsk/testdisk1
[email protected]:~# ln -s /root/testdisk2 /dev/dsk/testdisk2
[email protected]:~# zpool create tonytestpool mirror testdisk1 testdisk2
[email protected]:~# zpool status tonytestpool
pool: tonytestpool
state: ONLINE
scan: none requested

tonytestpool ONLINE 0 0 0
mirror-0 ONLINE 0 0 0
testdisk1 ONLINE 0 0 0
testdisk2 ONLINE 0 0 0

errors: No known data errors


Awesome Applications: 


FreeBSD diskless PXE booting

After a couple of trial and error tests and lots of caffeine ingested, I finally managed to install FreeBSD 9.1 over my network completely diskless using ISC's DHCP, PXE, tftpd-hpa, and NFS.

Download iso image and copy over all files.

mount -o loop FreeBSD-9.0-RELEASE-amd64-disc1.iso /mnt
mkdir -p /srv/tftp/freebsd/amd64
cp -a /mnt/* /srv/tftp/freebsd/amd64
cp -a /mnt/.cshrc /srv/tftp/freebsd/amd64
cp -a /mnt/.profile /srv/tftp/freebsd/amd64
cp -a /mnt/.rr_moved /srv/tftp/freebsd/amd64

Create the following directories:

mkdir /srv/tftp/freebsd/amd64/jails
mkdir -p /srv/tftp/freebsd/amd64/conf/base/jails
mkdir /srv/tftp/freebsd/amd64/conf/default
chmod -R 777 /srv/tftp/freebsd/amd64/conf
chmod -R 777 /srv/tftp/freebsd/amd64/jails

Edit /srv/tftp/freebsd/amd64/etc/fstab, comment out the entry in the file:

#/dev/iso9660/FREEBSD_INSTALL / cd9660 ro 0 0

Add the following entry to /srv/tftp/freebsd/amd64/etc/rc.conf:


NFS configuration:


dhcpd configuration (of course, IP may differ depending on your environment): will be the IP that wil be assigned to the new FreeBSD system. is the IP of the NFS server where the installation files are stored in.
The filename path is relative to what path you configured with tftpd-hpa.

host freebsdboot {
  hardware ethernet 08:00:27:2b:f9:f8;
  filename "freebsd/amd64/boot/pxeboot";
  option root-path "";

FreeBSD Diskless PXE


Awesome Applications: 



Premium Drupal Themes by Adaptivethemes