Tag Cloud

389-directoryserver 3 ansible 7 apache 15 aws 3 azure 1 bash 13 bind 6 centos 25 cert-manager 1 chef 1 cloud 4 cockpit 1 comptia 1 database 1 devops 4 docker 3 drupal 2 fedora 1 freebsd 7 ganglia 2 git 4 github 3 gitlab 1 glusterfs 1 go 2 google 5 gparted 1 gpg 1 iptables 4 jekyll 2 jenkins 5 kerberos 2 kernel 1 keycloak 1 kubernetes 11 kubestronaut 3 kustomize 1 kvm 5 ldap 2 letsencrypt 2 logstash 1 lvm 1 macos 4 memcached 1 metasploit 2 monitoring 8 mysql 6 nagios 17 networking 13 nginx 7 ntp 1 opensuse 1 perl 10 pf 3 php 16 postfix 1 prometheus 2 python 6 rancher 4 regex 2 rhce 5 rhel 6 ruby 8 security 19 sendmail 1 smtp 1 solaris 7 svn 1 systemd 1 terraform 1 testing 3 ubuntu 21 vagrant 3 varnish 9 vim 1 virtualbox 4 web-development 2 wordpress 7 zfs 6

Currently Reading

Certified Kubernetes Administrator (CKA) Study Guide

38 / 155 Pages

Latest Book Reviews

• Certified Kubernetes Application Developer (CKAD) Study Guide, 2nd Edition Posted on January 11, 2025
• Rancher Deep Dive Posted on March 31, 2023
• Leveraging Kustomize for Kubernetes Manifests Posted on March 24, 2023
• Automating Workflows with GitHub Actions Posted on October 13, 2022
• Deep-Dive Terraform on Azure Posted on August 30, 2022
All Book Reviews

Latest Posts

• Installing Nagios Remote Plugin Executor in CentOS and Ubuntu Posted on November 1, 2012
• Installing Nagios in CentOS 6 Posted on October 31, 2012
• Kerberos - Kadmin issue NTP Posted on September 23, 2012
• Kerberos - kadmin connection issue Posted on September 1, 2012
• Sendmail domain masquerade problem Posted on June 11, 2012

---

November 1, 2012

Installing Nagios Remote Plugin Executor in CentOS and Ubuntu

by Alpha01

CentOS

yum install openssl openssl-devel gcc make autoconf xinetd

Debian/Ubuntu

apt-get install openssl build-essential libssl-dev gcc make autoconf xinetd

Create nagios user and give it a password.

/usr/sbin/useradd -m nagios
passwd nagios

Download and extract the latest stable Nagios Plugins from http://www.nagios.org/download/plugins/ Configure, compile and install the Nagios plugins.

./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install

Download the latest NRPE plugin from http://exchange.nagios.org/directory/Addons/Monitoring-Agents/NRPE–2D-Nagios-Remote-Plugin-Executor/details. Extract, configure, compile and install the plugin with xinetd configuration.

./configure
make all
make install-daemon
make install-xinetd

Edit the /etc/xinetd.d/nrpe file and add the IP address of the monitoring server to the only_from directive.

only_from = 127.0.0.1 <nagios_ip_address>

Add the following entry for the NRPE daemon to the /etc/services file.

nrpe 5666/tcp # NRPE

Restart the xinetd service.

/etc/init.d/xinetd restart

Copy over sample config file.

mkdir /usr/local/nagios/etc/
cp sample-config/nrpe.cfg /usr/local/nagios/etc/nrpe.cfg

Copy over check_nrpe binary to /usr/local/nagios/libexec

cp src/check_nrpe /usr/local/nagios/libexec/

Update permissions.

chown nagios.nagios /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios/libexec

Update firewall.

iptables -A INPUT -p tcp -m tcp --dport 5666 -j ACCEPT

Testing Communication

Issue the following command to test communication on the Nagios monitoring server. Replace IP “192.168.0.1”, with the NRPE client’s IP.

/usr/local/nagios/libexec/check_nrpe -H 192.168.0.1

You should get a string back that tells you what version of NRPE is installed on the remote host, like this:

NRPE v2.13

Tags: [ nagios centos ubuntu ]

---

October 31, 2012

Installing Nagios in CentOS 6

by Alpha01

Make sure you’ve installed the following packages on your CentOS installation before continuing.

• Apache
• PHP
• GCC compiler
• GD development libraries

yum install httpd php gcc glibc glibc-common gd gd-devel make autoconf

Create nagios user and give it a password.

/usr/sbin/useradd -m nagios
passwd nagios

Create a new nagcmd group for allowing external commands to be submitted through the web interface. Add both the nagios user and the apache user to the group.

/usr/sbin/groupadd nagcmd
/usr/sbin/usermod -a -G nagcmd nagios
/usr/sbin/usermod -a -G nagcmd apache

Download and extract the latest stable Nagios Core from http://www.nagios.org/download/core/ Run the Nagios configure script, passing the name of the group you created earlier:

./configure --with-command-group=nagcmd

Compile Nagios

make all

Install Nagios

make install

Update the email address associated with the nagiosadmin contact definition in /usr/local/nagios/etc/objects/contacts.cfg. Install the Nagios web config file in the Apache conf.d directory.

make install-webconf

Install Nagios init config

make install-init

Create htaccess user to access the Nagios web interface.

htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Restart Apache to make the new settings take effect.

service httpd restart

Add Nagios to the list of system services and have it automatically start when the system boots.

chkconfig --add nagios
chkconfig nagios on

Download and extract the latest stable Nagios Plugins from http://www.nagios.org/download/plugins. Configure, compile and install the Nagios plugins.

./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install

Update permissions

chown nagios.nagios /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios/libexec

Verify the sample Nagios configuration files.

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

If there are no errors, start Nagios.

service nagios start

Post Installation

To make things easier to myself, the ncheck and nrestart aliases were created in /root/.bashrc to check the nagios configuration and restart the service respectively.

alias ncheck='/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg'
alias nrestart='service nagios restart'

Reference

• http://nagios.sourceforge.net/docs/3_0/quickstart-fedora.html

Tags: [ nagios centos ]

---

September 23, 2012

Kerberos - Kadmin issue NTP

by Alpha01

I stumbled onto yet another Kerberos problem.

Error

[root@afs2 log]# kadmin -p kerberosadmin/[email protected]
Authenticating as principal kerberosadmin/[email protected] with password.
Password for kerberosadmin/[email protected]: 
kadmin: GSS-API (or Kerberos) error while initializing kadmin interface

Fix

Make sure the time is correct on your Kerberos client/server, ideally NTP should be enabled on the hosts to avoid things like these from happening. Until I rollout ntp on my local LAN, I just manually ran ntpdate

ntpdate us.pool.ntp.org

Tags: [ kerberos ntp ]

---

September 1, 2012

Kerberos - kadmin connection issue

by Alpha01

I was getting a communication error when trying to connect from a Kerberos client to the KDC, while I was still able to successfully be granted a ticket using kinit.

Error

[root@rubyninja etc]# kadmin -p kerberosadmin/[email protected]
Authenticating as principal kerberosadmin/[email protected] with password.
Password for kerberosadmin/[email protected]: 
kadmin: Communication failure with server while initializing kadmin interface

Fix

It turns out that iptables was blocking access to kadmind on the Master KDC, of which I simply had to allow the TCP Port 749 to fix the issue.

iptables -A INPUT -p tcp -m tcp --dport 749 -j ACCEPT

Tags: [ kerberos iptables ]

---

June 11, 2012

Sendmail domain masquerade problem

by Alpha01

Recently, I wanted to change my host outgoing domain email address. Since I’ve been getting into the habit of using bare minimal installs, it turns out that sendmail by default does not include sendmail-cf package needed by the m4 utility to generate a sendmail .cf configuration file.

Error

[root@bashninja mail]# m4 < sendmail.mc > sendmail.cf 
m4:stdin:10: cannot open `/usr/share/sendmail-cf/m4/cf.m4': No such file or directory

Fix

[root@bashninja mail]# yum install sendmail-cf

Tags: [ sendmail ]

---