NRPE 2.12 under Solaris 10 SPARC - Help


#1

Hi Guys,
my name is Simone (alias SierraBravo), new entry in the nagios-world :slight_smile:

I worked with nagios since 1.3 version, but never with solaris servers.

Now, it’s time to starting up with Sun :smiley:

Can anyone help me,pls?

Scenario

Nagios Server (core) 3.0.3 under Linux (Ubuntu 8.04) - NRPE 2.12 (latest)

Monitored Host: Solaris 10 (SunOS S10DBSERVER 5.10 Generic sun4u sparc SUNW,Sun-Blade-2500)

I tried to install NRPE 2.12 on S10:
Download package, extract in folder.

I HAVE NOT SUNWcry installed. I can’t find where download package for my S10 Sparc. Free download only for Solaris 8 :frowning:

  1. Apply the patch:
    As mentioned here (The second solution is to change line 222 of src/nrpe.c like this: - SSL_CTX_set_cipher_list(ctx,“ADH”); + SSL_CTX_set_cipher_list(ctx,“ADH:-ADH-AES256-SHA”); and recompile. )
    DONE.

Comment these line in nrpe.c
/* else if(!strcmp(varvalue,“authpriv”))
log_facility=LOG_AUTHPRIV;
else if(!strcmp(varvalue,“ftp”))
log_facility=LOG_FTP; */

DONE.

  1. Compile with:
    ./configure --with-ssl-lib=/usr/sfw/lib
    –with-ssl-inc=/usr/sfw/include --with-ssl=/usr/sfw
    –prefix=/opt/nagios

OK, done.

  1. Edit the /opt/nagios/etc/nrpe.cfg file.
    Only 1 change to do: change paths to nagios plugins

  2. Edit the /etc/inetd.conf file, setting up like this:
    nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /opt/nagios/bin/nrpe -c /opt/nagios/etc/nrpe.cfg --inetd

  3. Edit /etc/services adding
    nrpe 5666/tcp # NRPE

  4. Converting inetd to SMF
    inetconv
    inetconv -e
    svcs svc:/network/nrpe/tcp:default
    netstat -a | grep nrpe
    inetadm -l svc:/network/nrpe/tcp:default
    inetadm -m svc:/network/nrpe/tcp:default tcp_wrappers=TRUE
    inetadm -l svc:/network/nrpe/tcp:default
    vi /etc/hosts.allow (nrpe: LOCAL, NagiosServerIPaddress)
    vi /etc/hosts.deny (nrpe: ALL)

Testing:

On S10:
bash-3.00# /opt/nagios/libexec/check_nrpe -H localhost
NRPE v2.12

bash-3.00# /opt/nagios/libexec/check_nrpe -H localhost -c check_load
OK - load average: 0.21, 0.27, 0.27|load1=0.211;15.000;30.000;0; load5=0.270;10.000;25.000;0; load15=0.270;5.000;20.000;0;

WOW…it seems working…

Now, testing on Nagios Core server:

root@nagios-srv:~# /usr/local/nagios/libexec/check_nrpe -H 192.168.10.241
CHECK_NRPE: Error - Could not complete SSL handshake.

LOG on S10 tell: Aug 26 10:29:28 S10DBSERVER nrpe[32]: [ID 813741 daemon.error] Error: Could not complete SSL handshake. 1

Without SSL

root@nagios-srv:~# /usr/local/nagios/libexec/check_nrpe -H 192.168.10.241 -n
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.

LOG on S10 tell: Aug 26 10:29:58 S10DBSERVER nrpe[33]: [ID 813741 daemon.error] Error: Could not complete SSL handshake. 1

Same error -.-


I installed also openssl0.9.8h:

./config --prefix=/opt/openssl
make
make test
make install

No errors

Recompile NRPE with:

./configure --with-ssl-lib=/opt/openssl/lib
–with-ssl-inc=/opt/openssl/include --with-ssl=/opt/openssl
–prefix=/opt/nagios

Error:
checking for SSL headers… SSL headers found in /opt/openssl/include/…
checking for SSL libraries… configure: error: Cannot find ssl libraries

bash-3.00# find . / -name “libssl.so.0.9.7”
/usr/sfw/lib/sparcv9/libssl.so.0.9.7
/usr/sfw/lib/libssl.so.0.9.7

So, no libssl.so.0.9.7 present in /opt/openssl/lib


PLEASE help

THANKS


#2

Update:

I have recompiled OpenSSL 0.9.8h with ‘shared’ option.

./config shared --prefix=/opt/openssl

And then, recompiled NRPE with the new shared libraries:

./configure --with-ssl-lib=/opt/openssl --with-ssl-inc=/opt/openssl --with-ssl=/opt/openssl --prefix=/opt/nagios

Works, but there