I'm having a few problems with configuring Nagios notifications.
The Nagios application itself is working perfectly, I've tested it extensively and I can see no issues whatsoever. My problem is with notifications and executing a external PHP script to generate a SMS message to notify the circuit owner. I feel the problem lies with the permissions rather than anything else. Can anyone help me with what permissions should be set for an external script called from within Nagios?
root@Nagios-2:/usr/local/nagios/libexec# ls -all notify-service-by-sms
-rwxrwxrwx 1 nagios nagios 1179 2008-06-18 18:37 notify-service-by-sms
The script is currently owned by the Nagios account "nagios" and a member of the "nagios" group. I know the PHP script has far more permission than is necessary but I'm at my wit's end and trying anything at this point. :?
Here are the contents of the PHP script:
$dbhost = "localhost";
$dbuser = "username";
$dbpass = "password";
$dbname = "nagios";
$cct = $argv;
$time = date(DATE_RFC822);
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die('Error connecting to mysql');
$query = "SELECT tetra FROM circuits WHERE cct ='".$cct."'";
$result = mysql_query($query);
while($row = mysql_fetch_row($result))
$target = "http://somedomain.com/nagios/sms.asp?c=$cct:".$row."";
echo passthru('sudo wget --append-output=notify-by-sms.log --spider "'.$target.'"');
As you can see, it's a very straight-forward script which does nothing more than retrieve some additional information based on what is returned by Nagios and then calls a script on another server. Due to the security restrictions on the Nagios box, this is the only option.
root@Nagios-2:/usr/local/nagios/libexec# ./notify-service-by-sms CIRCUITNAME
The output (from notify-by-sms.log):
Resolving some.proxy.net... 212.x.x.x
Connecting to some.proxy.net|212.x.x.x|:3128... connected.
Proxy request sent, awaiting response... 200 OK
Length: 0 [text/html]
The script works perfectly when executed from the shell prompt (as "root" and "nagios") as you can see above from the wget output. I have even tried adding the accounts "nagios" and "www-data" (apache2) to the sudoers file but to no avail.
The configuration scripts belonging to Nagios are also working fine as there is evidence in the logs that it is doing what expected but there is an invisible wall somewhere between Nagios and my script which is preventing it from doing it's job.
In case it helps, this is what version is installed on the box.
root@Nagios-2:/usr/local/nagios/libexec# cat /proc/version
Linux version 2.6.18-6-amd64 (Debian 2.6.18.dfsg.1-18etch1) (email@example.com) (gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)) #1 SMP Sun Feb 10 17:50:19 UTC 2008
Can anyone save my sanity? I am doing something blatantly stupid? If anyone needs any more information about how everything is set-up, just ask.
...and sorry for such a huge first post from a new user...