Qmailq critical

hello friends
i use nagios plugin check_nrpe check_qmailq to check email queue on mx server & smtp server. but this plug in can’t runing weel. i get error messege from nagios server on web interface

“QMAILQ CRITICAL - weird line 1 response from /var/qmail/bin/qmail-qstat: messages in queue: -1 weird line 2 response from /var/qmail/bin/qmail-qstat: messages in queue but not yet preprocessed: -1”

but if i run on the remote server plugin check_qmailq can run without error

root@local # /usr/local/nagios/libexec/check_qmailq -w 10 -c 20
QMAILQ OK - messages in queue: 3 messages in queue but not yet preprocessed: 0

help me please

thanks

Hi erick,
Given the info you’ve provided, my guess is the “-1” is the error code, from qmail-qstat. This happens when qmail-qstat program is run by a user without proper permissions.
E.G. (from my machine, as me)

You should be able to duplicate this on your remote server, by trying the command from the user that nrpe runs as.

If you can run the command with escalated privileges, your “-1” will go away, and you’ll get the results you expect. There is documentation on the 'net on how to achieve this.

G

Hi groth,
thanks for your information about it, so what sould i do to solved this problem ? because i am not so understand with nagios
can you help me to explain step by step

thanks

regards,

Hi Erick,
It’s not so much a Nagios problem, as a permissions problem. I don’t run check_nrpe in my environment, so I can’t even test it. Nor do I run sudo, which is the alternate way.
When check_nrpe runs on your remote system (the one with qmail), it runs as a specific user. The fastest and easiest solution is to add that user to the group which owns the qmail/queue directory.
Depending on your installation, it might vary. I run a Gentoo system, so my directory is located at /var/qmail/queue. The group associated with this is called “qmail”. By adding the nrpe user to that group your command will function. You will have to decide if that is a wise security thing to do or not.

The alternate is to set up a sudoers file, and grant the nrpe user access to a script with no password (and no tty). These scripts will contain a line something to the effect of:

#!/bin/bash
/usr/bin/sudo /usr/local/nagios/libexec/check_qmailq -w 10 -c 20

(Security hat: If you EVER do any script as root, always use full paths for everything. If you are lazy, you will pay.).
Then you call that script as your check, not check_qmailq.

Hope that helps you get in the right direction.
groth