Posts tagged ubuntu

Nagios 3.0.x auf Ubuntu Server 10.04 LTSNagios 3.0.x on Ubuntu Server 10.04 LTS

Zuerst Nagios 3 Packages auf Ubuntu installieren:

$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo apt-get install nagios3 nagios3-doc

Die Konfigurationsdateien befinden sich in /etc/nagios3 und /etc/nagios3/conf.d. Die Contacts und Hosts sind auf die eigenen Bedürfnisse anzupassen.

Was mich sehr viel Zeit gekostet hat war das Aktivieren der “external commands”. Diese werden gebraucht wenn man über das Webinterface Alarme auslösen will oder sonstige Aspekte von Nagios konfigurieren will.

/etc/nagios3/nagios.cfg editieren:

# EXTERNAL COMMAND OPTION
# Values: 0 = disable commands, 1 = enable commands

check_external_commands=1

# EXTERNAL COMMAND CHECK INTERVAL
# NOTE: Setting this value to -1 causes Nagios to check the external
# command file as often as possible.

command_check_interval=15s
#command_check_interval=-1

Um den Error: Could not stat() command file ‘/var/lib/nagios3/rw/nagios.cmd’ loszuwerden, musste ich folgendes tun:

$ sudo /etc/init.d/nagios3 stop
$ sudo dpkg-statoverride --update --add nagios www-data 2710 /var/lib/nagios3/rw
$ sudo dpkg-statoverride --update --add nagios nagios 751 /var/lib/nagios3
$ sudo /etc/init.d/nagios3 start

Um Benachrichtigungen mittels SMTP Server mit Authentifikation zu versenden:

http://exchange.nagios.org/directory/Addons/Notifications/Notifications-using-ISP-SMTP-server-with-Authentication/details

$ sudo apt-get install sendemail

/etc/nagios3/resource.cfg:

$USER5$=your_isp_email_username
$USER6$=your_isp_email_password
$USER7$=your_isp_outgoing_mail_server

/etc/nagios3/commands.cfg

Ändere “notify-host-by-email” command line zu:

command_line /usr/bin/sendemail -o tls=yes -s $USER7$ -xu $USER5$ -xp $USER6$ -t $CONTACTEMAIL$ -f $CONTACTEMAIL$ -l /var/log/sendEmail -u "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" -m "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n"

Ändere die “notify-service-by-email” command line zu:

command_line /usr/bin/sendemail -o tls=yes -s $USER7$ -xu $USER5$ -xp $USER6$ -t $CONTACTEMAIL$ -f $CONTACTEMAIL$ -l /var/log/sendEmail -u "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" -m "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$"

Nun noch folgendes:

$ sudo touch /var/log/sendEmail
$ sudo chown nagios:nagios /var/log/sendEmail
$ sudo /etc/init.d/nagios3 restart

install nagios3 packages:

$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo apt-get install nagios3 nagios3-doc

config files are located in /etc/nagios3 and /etc/nagios3/conf.d configure your contacts and hosts accordingly.

what got me crazy was enabling external commands (needed to perform actions in the webinterface like sending alerts or enabling/disabling things).

edit /etc/nagios3/nagios.cfg:

# EXTERNAL COMMAND OPTION
# Values: 0 = disable commands, 1 = enable commands

check_external_commands=1

# EXTERNAL COMMAND CHECK INTERVAL
# NOTE: Setting this value to -1 causes Nagios to check the external
# command file as often as possible.

command_check_interval=15s
#command_check_interval=-1

to get rid of Error: Could not stat() command file ‘/var/lib/nagios3/rw/nagios.cmd’, i had to do this:

$ sudo /etc/init.d/nagios3 stop
$ sudo dpkg-statoverride --update --add nagios www-data 2710 /var/lib/nagios3/rw
$ sudo dpkg-statoverride --update --add nagios nagios 751 /var/lib/nagios3
$ sudo /etc/init.d/nagios3 start

to send notification mails using the corporate smtp host i had to do this:

http://exchange.nagios.org/directory/Addons/Notifications/Notifications-using-ISP-SMTP-server-with-Authentication/details

$ sudo apt-get install sendemail

Edit /etc/nagios3/resource.cfg:

$USER5$=your_isp_email_username
$USER6$=your_isp_email_password
$USER7$=your_isp_outgoing_mail_server

Edit /etc/nagios3/commands.cfg

Change command_line for command_name notify-host-by-email:

command_line /usr/bin/sendemail -o tls=yes -s $USER7$ -xu $USER5$ -xp $USER6$ -t $CONTACTEMAIL$ -f $CONTACTEMAIL$ -l /var/log/sendEmail -u "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" -m "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n"

and the notify-service-by-email command line to

command_line /usr/bin/sendemail -o tls=yes -s $USER7$ -xu $USER5$ -xp $USER6$ -t $CONTACTEMAIL$ -f $CONTACTEMAIL$ -l /var/log/sendEmail -u "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" -m "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$"
$ sudo touch /var/log/sendEmail
$ sudo chown nagios:nagios /var/log/sendEmail
$ sudo /etc/init.d/nagios3 restart

SNMPD auf Ubuntu funktionsfähig bekommenGetting SNMPD to work on Ubuntu

Snmpd auf Ubuntu zu installieren scheint einfach zu sein, ist es auch, aber hat bei mir nie wirklich 100% funktioniert. Der snmpd funktionierte immer nur lokal, aber nicht für entfernte Zugriffe meines cacti Servers. Das Problem ist jenes, dass Ubuntu standartmässig den snmpd auf dem Loopback Interface startet, was Zugriffe von aussen verhindert.

Meine /etc/default/snmpd sieht nun so aus:

# This file controls the activity of snmpd and snmptrapd

# MIB directories.  /usr/share/snmp/mibs is the default, but
# including it here avoids some strange problems.
export MIBDIRS=/usr/share/snmp/mibs

# snmpd control (yes means start daemon).
SNMPDRUN=yes

# snmpd options (use syslog, close stdin/out/err).
#SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'

# snmptrapd control (yes means start daemon).  As of net-snmp version
# 5.0, master agentx support must be enabled in snmpd before snmptrapd
# can be run.  See snmpd.conf(5) for how to do this.
TRAPDRUN=no

# snmptrapd options (use syslog).
TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid'

# create symlink on Debian legacy location to official RFC path
SNMPDCOMPAT=yes

Das war’s. Nun nur noch mit $ sudo /etc/init.d/snmpd restart den snmp Server neu starten und alles funktioniert so wie’s soll.

Setting up snmpd on ubuntu seems easy, but i never got it full working. It was working locally, but not for a cacti setup from another server. The problem was that the default install of snmpd on Ubuntu starts the demon on the loopback interface only, refusing connections from other computers.

Edit /etc/default/snmpd to fix that:

# This file controls the activity of snmpd and snmptrapd

# MIB directories.  /usr/share/snmp/mibs is the default, but
# including it here avoids some strange problems.
export MIBDIRS=/usr/share/snmp/mibs

# snmpd control (yes means start daemon).
SNMPDRUN=yes

# snmpd options (use syslog, close stdin/out/err).
#SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'

# snmptrapd control (yes means start daemon).  As of net-snmp version
# 5.0, master agentx support must be enabled in snmpd before snmptrapd
# can be run.  See snmpd.conf(5) for how to do this.
TRAPDRUN=no

# snmptrapd options (use syslog).
TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid'

# create symlink on Debian legacy location to official RFC path
SNMPDCOMPAT=yes

that’s it. To restart the snmp server enter $ sudo /etc/init.d/snmpd restart

Ubuntu: networking tip

I upgraded one server to new hardware by changing the complete HP machine, but using my harddrive from the “old” server. As these two machines are almost identically, except for the processor (dual core now) this should have worked like a charm – and it did! (almost)

I rebooted on the new hardware, all services and serves came up, no problems so far. But when i tried to ping some other machine, this didn’t work 🙁

I checked /var/log/messages and the onboard Broadcom Interface showed up as eth1, but i was not able to start it. When i ran $ sudo /etc/init.d/networking restart i got some error messages like:

SIOCSIFADDR: No such device eth1
eth1: ERROR while getting interface flags: No such device

No clue what went wrong, i googled a lot and finally i stumbled upon this forum entry: http://ubuntuforums.org/showthread.php?t=221768

Then i ran: $ ifconfig -a
and got a list with my network interfaces and more importantly with it’s MAC address.

Then i edited /etc/iftab and changed the MAC address of the old hardware to the new onboard interface’s MAC address.

restart the networking with $ sudo /etc/init.d/networking restart

YESS, it works!

Ubuntu Server insecurity?

i just found out that my Ubuntu Server 6.10 has login shells for almost all users set in the /etc/passwd file!

That’s a very bad idea because this maybe enabled someone to install “Data Cha0s Back Backdoor” on my machine 🙁

I checked this with 2 other fresh Ubuntu Server 6.10 installations and both had the login shells for users like daemon, mail, www-data and so on. Especially www-data should not have a chance to create a shell in my opinion!

So i changed /bin/sh to /usr/sbin/nologin and hope this makes it a bit more secure.

Sprache ändern

Categories

Archives