Koozali.org: home of the SME Server

Contribs.org Forums => General Discussion => Topic started by: ghorst352 on December 10, 2012, 05:50:34 PM

Title: Problem with "check_ide_smart" plugin in Nagios
Post by: ghorst352 on December 10, 2012, 05:50:34 PM

I currently have Nagios running on several servers with no issues, however the one plugin I would like to get working is the check_ide_smart plugin which checks the harddrive's S.M.A.R.T status and returns a pass/fail.  This plugin however requires root level access and works if you do run it from root however as user nagios it does not work.  There are several hits on this issue on google and everything from modiyfing sudoers to setting the suid and other options.  I have tried most of these and I still get a permissions error.  I retracted all previous attempts and would like to start over from scratch. 

From the server in which I have a problem running this command as nagios here is the output both from root and nagios:

[root@mail ~]# /usr/lib/nagios/plugins/check_ide_smart -d /dev/sda1
\Id=  1, Status=15 {PreFailure , OnLine }, Value=117, Threshold=  6, Passed
Id=  3, Status= 3 {PreFailure , OnLine }, Value=100, Threshold=  0, Passed
Id=  4, Status=50 {Advisory    , OnLine }, Value=100, Threshold= 20, Passed
Id=  5, Status=51 {PreFailure , OnLine }, Value=100, Threshold= 36, Passed
Id=  7, Status=15 {PreFailure , OnLine }, Value= 80, Threshold= 30, Passed
Id=  9, Status=50 {Advisory    , OnLine }, Value= 87, Threshold=  0, Passed
Id= 10, Status=19 {PreFailure , OnLine }, Value=100, Threshold= 97, Passed
Id= 12, Status=50 {Advisory    , OnLine }, Value=100, Threshold= 20, Passed
Id=183, Status=50 {Advisory    , OnLine }, Value=100, Threshold=  0, Passed
Id=184, Status=50 {Advisory    , OnLine }, Value=100, Threshold= 99, Passed
Id=187, Status=50 {Advisory    , OnLine }, Value=100, Threshold=  0, Passed
Id=188, Status=50 {Advisory    , OnLine }, Value=100, Threshold=  0, Passed
Id=189, Status=58 {Advisory    , OnLine }, Value=100, Threshold=  0, Passed
Id=190, Status=34 {Advisory    , OnLine }, Value= 63, Threshold= 45, Passed
Id=194, Status=34 {Advisory    , OnLine }, Value= 37, Threshold=  0, Passed
Id=195, Status=26 {Advisory    , OnLine }, Value= 30, Threshold=  0, Passed
Id=197, Status=18 {Advisory    , OnLine }, Value=100, Threshold=  0, Passed
Id=198, Status=16 {Advisory    , OffLine}, Value=100, Threshold=  0, Passed
Id=199, Status=62 {Advisory    , OnLine }, Value=200, Threshold=  0, Passed
Id=240, Status= 0 {Advisory    , OffLine}, Value=100, Threshold=  0, Passed
Id=241, Status= 0 {Advisory    , OffLine}, Value=100, Threshold=  0, Passed
Id=242, Status= 0 {Advisory    , OffLine}, Value=100, Threshold=  0, Passed
OffLineStatus=130 {Completed}, AutoOffLine=Yes, OffLineTimeout=10 minutes
OffLineCapability=123 {Immediate Auto SuspendOnCmd}
SmartRevision=10, CheckSum=112, SmartCapability=3 {SaveOnStandBy AutoSave}

[nagios@mail root]$ /usr/lib/nagios/plugins/check_ide_smart -d /dev/sda1
CRITICAL - SMART_ENABLE: Permission denied
CRITICAL - SMART_CMD_ENABLE


Any advice is appreciated... Thanks  8)

Title: Re: Problem with "check_ide_smart" plugin in Nagios
Post by: Stefano on December 10, 2012, 06:29:17 PM

did you read (and tried) this (http://serverfault.com/questions/5837/limiting-the-use-of-sudo-s) solution?

Title: Re: Problem with "check_ide_smart" plugin in Nagios
Post by: ghorst352 on December 10, 2012, 07:30:53 PM

Yes.  In fact after reading this, I thought this would be the fix but did not work out for me.

Additionally, when editing the /etc/sudoers file in SME I am greeted with the infamous disclaimer that the file is templated.  What is the proper method of editing /etc/sudoers in SME? just in case I have been doing it wrong...

Here is my sudoers with the posted fix that does not work for me:

#------------------------------------------------------------
#              !!DO NOT MODIFY THIS FILE!!
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at http://www.contribs.org/development/
#
# Copyright (C) 1999-2006 Mitel Networks Corporation
#------------------------------------------------------------

root    ALL=(ALL) ALL
nagios  ALL=NOPASSWD: /bin/bash -c /usr/lib/nagios/plugins/check_ide_smart *



Is there anything wrong with this?

Title: Re: Problem with "check_ide_smart" plugin in Nagios
Post by: ghorst352 on December 10, 2012, 07:37:44 PM

I find this method very dangerous to begin with since I am now saying Nagios has root privs with this command and additionally with the wild character I am allowing arguments to be appended with those privs?   

Title: Re: Problem with "check_ide_smart" plugin in Nagios
Post by: ghorst352 on December 10, 2012, 07:59:42 PM

I get the same error message with the addition to the sudoers file.


[nagios@mail root]$ /usr/lib/nagios/plugins/check_ide_smart -d /dev/sda1
CRITICAL - SMART_ENABLE: Permission denied
CRITICAL - SMART_CMD_ENABLE
[nagios@mail root]$

Title: Re: Problem with "check_ide_smart" plugin in Nagios
Post by: ghorst352 on December 10, 2012, 09:09:03 PM

I found the fix from this site -> http://famousphil.com/blog/2011/06/installing-nagios-to-centos-5/

The following commands:

1.chown root:root  /usr/lib/nagios/plugins/check_ide_smart
2.chmod u+s  /usr/lib/nagios/plugins/check_ide_smart
3.chmod o+x  /usr/lib/nagios/plugins/check_ide_smart

Whats funny is I applied 1 and 2 that was advised from other help sites but number 3 was never advised.   Now this makes more sense.   Thanks  :D