nothing is impossible!!!!

nothing is impossible!!!!

Tuesday, June 30, 2009

Install and Configure Nagios Plugins & NRPE on Solaris 10

I came across lots of issues to do this installation so here is a step by step installation of Nagios Plugins and NRPE on Solaris 10.

Add “nagios” user as “/usr/local/nagios” as home directory.

# useradd -c “Nagios User” -d /usr/local/nagios -m nagios

Change ownership of directory to nagios

# chown nagios:nagios /usr/local/nagios/

download nagios-plugins and nrpe from net. I have download them from sourceforge.

# mkdir /nagios; cd /nagios

wget http://sourceforge.net/project/downloading.php?group_id=29880&filename=nagios-plugins-1.4.13.tar.gz

wget http://sourceforge.net/project/downloading.php?group_id=26589&filename=nrpe-2.12.tar.gz

Now extract them

# gunzip nagios-plugins-1.4.13.tar.gz; gunzip nrpe-2.12.tar.gz

# tar xvf nagios-plugins-1.4.13.tar.gz; tar xvf nrpe-2.12.tar.gz

Before compiling I had to set PATH to find gcc binary,

# export PATH=$PATH:/usr/sfw/sbin:/usr/sfw/bin:/usr/ccs/bin

# cd nagios-plugins-1.4.13;

# ./configure –without-mysql (I did want to install with mysql support)
# make; make install
# chown -R nagios:nagios /usr/local/nagios/libexec

Install NRPE with SSL library support otherwise you will get error while compilation like this,

“checking for SSL headers… configure: error: Cannot find ssl headers”

If you run “dmesg” or if you check system messages you can see this error.

May 28 19:08:26 solaris10.remotehost.com inetd[24233]: [ID 702911 daemon.error] Failed to set credentials for the inetd_start method of instance svc:/network/nrpe/tcp:default (chdir: No such file or directory)
May 28 19:15:27 solaris10.remotehost.com inetd[24241]: [ID 702911 daemon.error] Failed to set credentials for the inetd_start method of instance svc:/network/nrpe/tcp:default (chdir: No such file or directory)

# cd nrpe-2.12; ./configure –with-ssl=/usr/sfw/ –with-ssl-lib=/usr/sfw/lib/ –with-ssl-inc=/usr/sfw/include

Still if you compilation fails please apply these faqs/solutions given in nagios faqs.

http://www.nagios.org/faqs/index.php?section_id=4&expand=false&showdesc=true

In my case I had to make changes in src/nrpe.c for encryption. Do make all, make install to create respective binaries.

# make all; make install; make install-daemon-config;

Once that is done, modify nrpe.cfg with approprite settings. Add following line at the end of /etc/services

nrpe 5666/tcp # NRPE

Also add this line to /etc/inetd.conf and convert it into SMF and enable service with -e option. Also checkout whether it went online.

nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i

# inetconv; inetconv -e

# svcs | grep nrpe

Check if 5666 port is open and in LISTEN mode.

# netstat -a | grep nrpe

Make sure that your /etc/hosts.allow and /etc/hosts.deny does not block your nagios server. Here are the entries

hosts.allow: nrpe: 127.0.0.1, 172.17.38.11

hosts.deny: nrpe: ALL

Final command, make sure that nrpe returns correct output.

# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12

2 comments:

Jonathan Murray said...

thanks, this worked for me.

GBohen said...

Thanks for the procedure.

Actually, it works locally on the node that I want to monitor (i.e. I get the NRPE agent version) but I get the ssl hand shake error when I try from the server. There is no firewall between the two machines

Any idea what could go wrong ?

Thanks

Geoffrey