Tag Cloud
Currently Reading
Latest Book Reviews
- Certified Kubernetes Application Developer (CKAD) Study Guide, 2nd Edition Posted on January 11, 2025
- Rancher Deep Dive Posted on March 31, 2023
- Leveraging Kustomize for Kubernetes Manifests Posted on March 24, 2023
- Automating Workflows with GitHub Actions Posted on October 13, 2022
- Deep-Dive Terraform on Azure Posted on August 30, 2022 All Book Reviews
Latest Posts
- Installing Nagios Remote Plugin Executor in CentOS and Ubuntu Posted on November 1, 2012
- Installing Nagios in CentOS 6 Posted on October 31, 2012
- Kerberos - Kadmin issue NTP Posted on September 23, 2012
- Kerberos - kadmin connection issue Posted on September 1, 2012
- Sendmail domain masquerade problem Posted on June 11, 2012
November 1, 2012
Installing Nagios Remote Plugin Executor in CentOS and Ubuntu
by Alpha01
CentOS
yum install openssl openssl-devel gcc make autoconf xinetd
Debian/Ubuntu
apt-get install openssl build-essential libssl-dev gcc make autoconf xinetd
Create nagios
user and give it a password.
/usr/sbin/useradd -m nagios
passwd nagios
Download and extract the latest stable Nagios Plugins from http://www.nagios.org/download/plugins/ Configure, compile and install the Nagios plugins.
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install
Download the latest NRPE plugin from http://exchange.nagios.org/directory/Addons/Monitoring-Agents/NRPE–2D-Nagios-Remote-Plugin-Executor/details. Extract, configure, compile and install the plugin with xinetd
configuration.
./configure
make all
make install-daemon
make install-xinetd
Edit the /etc/xinetd.d/nrpe
file and add the IP address of the monitoring server to the only_from
directive.
only_from = 127.0.0.1 <nagios_ip_address>
Add the following entry for the NRPE daemon to the /etc/services
file.
nrpe 5666/tcp # NRPE
Restart the xinetd
service.
/etc/init.d/xinetd restart
Copy over sample config file.
mkdir /usr/local/nagios/etc/
cp sample-config/nrpe.cfg /usr/local/nagios/etc/nrpe.cfg
Copy over check_nrpe
binary to /usr/local/nagios/libexec
cp src/check_nrpe /usr/local/nagios/libexec/
Update permissions.
chown nagios.nagios /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios/libexec
Update firewall.
iptables -A INPUT -p tcp -m tcp --dport 5666 -j ACCEPT
Testing Communication
Issue the following command to test communication on the Nagios monitoring server. Replace IP “192.168.0.1”, with the NRPE client’s IP.
/usr/local/nagios/libexec/check_nrpe -H 192.168.0.1
You should get a string back that tells you what version of NRPE is installed on the remote host, like this:
NRPE v2.13
nagios
centos
ubuntu
]
October 31, 2012
Installing Nagios in CentOS 6
by Alpha01
Make sure you’ve installed the following packages on your CentOS installation before continuing.
- Apache
- PHP
- GCC compiler
- GD development libraries
yum install httpd php gcc glibc glibc-common gd gd-devel make autoconf
Create nagios
user and give it a password.
/usr/sbin/useradd -m nagios
passwd nagios
Create a new nagcmd
group for allowing external commands to be submitted through the web interface. Add both the nagios
user and the apache
user to the group.
/usr/sbin/groupadd nagcmd
/usr/sbin/usermod -a -G nagcmd nagios
/usr/sbin/usermod -a -G nagcmd apache
Download and extract the latest stable Nagios Core from http://www.nagios.org/download/core/ Run the Nagios configure script, passing the name of the group you created earlier:
./configure --with-command-group=nagcmd
Compile Nagios
make all
Install Nagios
make install
Update the email address associated with the nagiosadmin
contact definition in /usr/local/nagios/etc/objects/contacts.cfg
. Install the Nagios web config file in the Apache conf.d
directory.
make install-webconf
Install Nagios init config
make install-init
Create htaccess user to access the Nagios web interface.
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
Restart Apache to make the new settings take effect.
service httpd restart
Add Nagios to the list of system services and have it automatically start when the system boots.
chkconfig --add nagios
chkconfig nagios on
Download and extract the latest stable Nagios Plugins from http://www.nagios.org/download/plugins. Configure, compile and install the Nagios plugins.
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install
Update permissions
chown nagios.nagios /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios/libexec
Verify the sample Nagios configuration files.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
If there are no errors, start Nagios.
service nagios start
Post Installation
To make things easier to myself, the ncheck
and nrestart
aliases were created in /root/.bashrc
to check the nagios configuration and restart the service respectively.
alias ncheck='/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg'
alias nrestart='service nagios restart'
Reference
Tags: [nagios
centos
]
September 23, 2012
Kerberos - Kadmin issue NTP
by Alpha01
I stumbled onto yet another Kerberos problem.
Error
[root@afs2 log]# kadmin -p kerberosadmin/[email protected]
Authenticating as principal kerberosadmin/[email protected] with password.
Password for kerberosadmin/[email protected]:
kadmin: GSS-API (or Kerberos) error while initializing kadmin interface
Fix
Make sure the time is correct on your Kerberos client/server, ideally NTP should be enabled on the hosts to avoid things like these from happening. Until I rollout ntp on my local LAN, I just manually ran ntpdate
ntpdate us.pool.ntp.org
kerberos
ntp
]
September 1, 2012
Kerberos - kadmin connection issue
by Alpha01
I was getting a communication error when trying to connect from a Kerberos client to the KDC, while I was still able to successfully be granted a ticket using kinit
.
Error
[root@rubyninja etc]# kadmin -p kerberosadmin/[email protected]
Authenticating as principal kerberosadmin/[email protected] with password.
Password for kerberosadmin/[email protected]:
kadmin: Communication failure with server while initializing kadmin interface
Fix
It turns out that iptables was blocking access to kadmind
on the Master KDC, of which I simply had to allow the TCP Port 749
to fix the issue.
iptables -A INPUT -p tcp -m tcp --dport 749 -j ACCEPT
kerberos
iptables
]
June 11, 2012
Sendmail domain masquerade problem
by Alpha01
Recently, I wanted to change my host outgoing domain email address. Since I’ve been getting into the habit of using bare minimal installs, it turns out that sendmail by default does not include sendmail-cf
package needed by the m4 utility to generate a sendmail .cf
configuration file.
Error
[root@bashninja mail]# m4 < sendmail.mc > sendmail.cf
m4:stdin:10: cannot open `/usr/share/sendmail-cf/m4/cf.m4': No such file or directory
Fix
[root@bashninja mail]# yum install sendmail-cf
sendmail
]