Configuring Nagios Plugins & NRPE on Solaris 10
Here’s a step by step installation of the Nagios plugin NRPE for Solaris 10 x86 (as the remote host):
useradd -c “nagios system user” -d /usr/local/nagios -m nagios
chown nagios:nagios /usr/local/nagios/
cd /usr/local/src # or wherever you like to put source code
wget http://internap.dl.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz
wget http://internap.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.11.tar.gz
gunzip nagios-plugins-1.4.11.tar.gz
tar -xvf nagios-plugins-1.4.11.tar
gunzip nrpe-2.12.tar.gz
tar -xvf nrpe-2.12.tar
First we’ll compile the nagios plugins:
cd nagios-plugins-1.4.11
./configure
make
make install
chown -R nagios:nagios /usr/local/nagios/libexec
cd ..
Run a quick check to make sure the plugins are working:
/usr/local/nagios/libexec/check_disk -w 10 -c 5 -p /
Next, we’ll compile NRPE. Normally at this point we would just run `cd nrpe-2.12; ./configure`. Unfortunately, the configure script can not find the SSH headers and libraries on Solaris 10. You get errors like this:
checking for SSL headers… configure: error: Cannot find ssl headers
checking for SSL libraries… configure: error: Cannot find ssl libraries
The answer to this is, of course, to tell configure where to find them:
cd nrpe-2.12
./configure –with-ssl=/usr/sfw/ –with-ssl-lib=/usr/sfw/lib/
Currently there is a bug in 2.12 that it assumes that all systems have 2 syslog facilities that Solaris doesn’t have, so if you try and compile it generates the following errors:
nrpe.c: In function `get_log_facility’:
nrpe.c:617: error: `LOG_AUTHPRIV’ undeclared (first use in this function)
nrpe.c:617: error: (Each undeclared identifier is reported only once
nrpe.c:617: error: for each function it appears in.)
nrpe.c:619: error: `LOG_FTP’ undeclared (first use in this function)
*** Error code 1
make: Fatal error: Command failed for target `nrpe’
Current working directory /usr/local/src/nrpe-2.12/src
*** Error code 1
make: Fatal error: Command failed for target `all’
Unfortunately, the fix at this time is to comment out the code that calls these two facilities, lines 616-619, in src/nrpe.c:
/*else if(!strcmp(varvalue,”authpriv”))
log_facility=LOG_AUTHPRIV;
else if(!strcmp(varvalue,”ftp”))
log_facility=LOG_FTP;*/
UPDATE: You no longer need to comment out these lines, just replace them with the following:
else if(!strcmp(varvalue,”authpriv”))
log_facility=LOG_AUTH;
else if(!strcmp(varvalue,”ftp”))
log_facility=LOG_DAEMON;
Now it will compile:
# make all
cd ./src/; make ; cd ..
gcc -g -O2 -I/usr/sfw//include/openssl -I/usr/sfw//include -DHAVE_CONFIG_H -o nrpe nrpe.c utils.c -L/usr/sfw/lib/ -lssl -lcrypto -lnsl -lsocket ./snprintf.o
gcc -g -O2 -I/usr/sfw//include/openssl -I/usr/sfw//include -DHAVE_CONFIG_H -o check_nrpe check_nrpe.c utils.c -L/usr/sfw/lib/ -lssl -lcrypto -lnsl -lsocket*** Compile finished ***
Next install the new binaries:
# make install
cd ./src/ && make install
make install-plugin
.././install-sh -c -m 775 -o nagios -g nagios -d /usr/local/nagios/libexec
.././install-sh -c -m 775 -o nagios -g nagios check_nrpe /usr/local/nagios/libexec
make install-daemon
.././install-sh -c -m 775 -o nagios -g nagios -d /usr/local/nagios/bin
.././install-sh -c -m 775 -o nagios -g nagios nrpe /usr/local/nagios/bin
Optionally, if you want to use the sample config file run (Recommended if you don’t already have a standard config):
# make install-daemon-config
./install-sh -c -m 775 -o nagios -g nagios -d /usr/local/nagios/etc
./install-sh -c -m 644 -o nagios -g nagios sample-config/nrpe.cfg /usr/local/nagios/etc
Modify the nrpe.cfg file with your settings:
vi /usr/local/nagios/etc/nrpe.cfg
With Solaris 10, we don’t use either inetd or xinetd, but SMF. Thankfully, we can convert inetd entires into the SMF repository with the inetconv command. So first, add the following entry to /etc/services:
nrpe 5666/tcp # NRPE
Then add the following line to the end of /etc/inet/inetd.conf:
nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i
Next, we need to convert it to SMF:
# inetconv
nrpe -> /var/svc/manifest/network/nrpe-tcp.xml
Importing nrpe-tcp.xml …Done
# inetconv -e
svc:/network/nrpe/tcp:default enabled
Check to make sure it went online:
# svcs svc:/network/nrpe/tcp:default
STATE STIME FMRI
online 15:53:39 svc:/network/nrpe/tcp:default
# netstat -a | grep nrpe
*.nrpe *.* 0 0 49152 0 LISTEN
Check the default installed parameters:
# inetadm -l svc:/network/nrpe/tcp:default
SCOPE NAME=VALUE
name=”nrpe”
endpoint_type=”stream”
proto=”tcp”
isrpc=FALSE
wait=FALSE
exec=”/usr/sfw/sbin/tcpd -c /usr/local/nagios/etc/nrpe.cfg -i”
arg0=”/usr/local/nagios/bin/nrpe”
user=”nagios”
default bind_addr=”"
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=FALSE
default tcp_wrappers=FALSE
default connection_backlog=10
Change it so that it uses tcp_wrappers:
# inetadm -m svc:/network/nrpe/tcp:default tcp_wrappers=TRUE
And check to make sure it took effect:
# inetadm -l svc:/network/nrpe/tcp:default
SCOPE NAME=VALUE
name=”nrpe”
endpoint_type=”stream”
proto=”tcp”
isrpc=FALSE
wait=FALSE
exec=”/usr/sfw/sbin/tcpd -c /usr/local/nagios/etc/nrpe.cfg -i”
arg0=”/usr/local/nagios/bin/nrpe”
user=”nagios”
default bind_addr=”"
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=FALSE
tcp_wrappers=TRUE
default connection_backlog=10
Modify your hosts.allow and hosts.deny to only allow your nagios server access to the NRPE port. Note that tcpd always looks at hosts.allow first, so even though we specify that everyone is rejected in the hosts.deny file, the ip addresses specified in hots.allow are allowed.
/etc/hosts.allow:
nrpe: LOCAL, 10.0.0.45
/etc/hosts.deny:
nrpe: ALL
Finally, check to make sure you have everything installed correctly (should return version information):
/usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12
Optionally, modify any firewalls between your nagios server and the remote host to allow port 5666.
Don’t forget to configure your nagios server to check your new service.
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
I had to use this additional code change described here: http://www.nagios.org/faqs/viewfaq.php?faq_id=372 to get rid of SSL Handshake errors. Thanks for the resource!
Why did you use the /usr/sfw/bin/tcpd instead of using the built-in Solaris 10 wrappers built into inetd?
Posted March 30, 2008, 12:29 pmGood points, you’ll notice that I used –with-ssl=/usr/sfw/ –with-ssl-lib=/usr/sfw/lib/ pointing to the SUNWcry and SUNWcryr packages that I had installed as also referenced in the FAQ above. As far as the tcpd I used, I don’t have any other on the system. Please post any alternatives you have. Thanks!
Posted March 30, 2008, 10:20 pmWhen I run the final check for the nrpe plugin I run into the following error:
# /usr/local/nagios/libexec/check_nrpe -H localhost
ld.so.1: check_nrpe: fatal: libssl.so.0.9.7: open failed: No such file or directory
I’ve installed openssl-0.9.8 but it doesn’t install into the /usr/lib directory.
Any idea how this can be fixed?
Posted April 17, 2008, 10:28 pmYou have two options. One, install the SUNWcry and SUNWcryr packages and then use the parameters I specified on the NRPE compile. The second option, would to be to compile openssl, specifying a specific location for the install and then changing the ssl compile options when compiling NRPE. If I remember right, there was an compile option if you used openssl specifically. I don’t have access to check right now, but to see what compile options are available, run `./configure –help | less`. Please post your solution when you get it figured out.
Posted April 17, 2008, 11:14 pmmake in nagios-plugins-1.4.11 fails…on solaris 10 on sparc
eck_mysql-check_mysql.o `test -f ‘check_mysql.c’ || echo ‘./’`check_mysql.c; \
Posted April 25, 2008, 1:52 pmthen mv -f “.deps/check_mysql-check_mysql.Tpo” “.deps/check_mysql-check_mysql.Po”; else rm -f “.deps/check_mysql-check_mysql.Tpo”; exit 1; fi
gcc: language strconst not recognized
gcc: check_mysql.c: linker input file unused because linking not done
mv: cannot access .deps/check_mysql-check_mysql.Tpo
*** Error code 2
make: Fatal error: Command failed for target `check_mysql-check_mysql.o’
Current working directory /var/tmp/nrpe/nagios-plugins-1.4.11/plugins
*** Error code 1
The following command caused the error:
failcom=’exit 1′; \
for f in x $MAKEFLAGS; do \
case $f in \
*=* | –[!k]*);; \
*k*) failcom=’fail=yes’;; \
esac; \
done; \
dot_seen=no; \
target=`echo all-recursive | sed s/-recursive//`; \
list=’gl lib plugins plugins-scripts plugins-root po’; for subdir in $list; do \
echo “Making $target in $subdir”; \
if test “$subdir” = “.”; then \
dot_seen=yes; \
local_target=”$target-am”; \
else \
local_target=”$target”; \
fi; \
(cd $subdir && make $local_target) \
|| eval $failcom; \
done; \
if test “$dot_seen” = “no”; then \
make “$target-am” || exit 1; \
fi; test -z “$fail”
make: Fatal error: Command failed for target `all-recursive’
Current working directory /var/tmp/nrpe/nagios-plugins-1.4.11
*** Error code 1
make: Fatal error: Command failed for target `all’
I’m now getting a handshake error, despite editing the nrpe.c file as specified in that earlier post, although that line didn’t appear on 222, it was on 242 or 243 I believe.
I couldn’t find anything related to openssl in the ./configure -help file, only how to specify where libs were installed. I configured with the following “./configure -with-ssl=/usr/local/ssl/ -with-ssl-inc=/usr/local/ssl/include/openssl/ -with-ssl-lib=/usr/local/ssl/lib/” ….but it doesn’t appear to be working.
Posted April 28, 2008, 5:20 pmAerosmith:
When troubleshooting compile problems, no one will be able to tell you what is wrong from the output on the screen. The real problem with the compile will be found in the file config.log. Take a look in that file and see what was the last thing before the compile died and that’s what you should be looking into.
Dave:
What’s the handshake error you’re getting? The same error as referenced in the FAQ above or a different one?
Posted April 29, 2008, 10:19 pmThanks @kevin
Posted May 2, 2008, 1:12 pmI followed every single step above to install nrpe on SUN Sparc 5.10 system, had the exactly the same problem Dave Try encountered. I verified that both SUNWcry and SUNWcryr and openssl 0.9.8 has been installed. but it still failed when I did the final check.
If using SUNWcry.
# /usr/local/nagios/libexec/check_nrpe -H localhost
ld.so.1: check_nrpe: fatal: libssl.so.0.9.7: open failed: No such file or directory
If using Openssl
# /usr/local/nagios/libexec/check_nrpe -H localhost
ld.so.1: check_nrpe: fatal: libssl.so.0.9.8: open failed: No such file or directory
Do I need to reinstall SUNWcry and SUNWcryr as Kevin suggested as option one?
Any suggestions and help will be appreciated.
Posted June 13, 2008, 12:28 pmGary, where is libssl.so.0.9.7 on your system, what is the path to it? Did you specify that same path in your configure options?
./configure –with-ssl=/path/to/main/ssl/dir –with-ssl-lib=/same/path/plus/lib/
Kevin
Posted June 13, 2008, 9:37 pmHi Kevin,
I followed the exact steps as above
cd nrpe-2.12
./configure –with-ssl=/usr/sfw/ –with-ssl-lib=/usr/sfw/lib/
and I have verified that the file libssl.so.0.9.7 is in the directory /usr/sfw/lib
don’t know why it still complains.
the only difference is that we don’t have files hosts.allow and hosts.deny on our system, but it makes no difference after adding those two files.
Any suggestion about what I should look into next?
Thanks a lot!
Gary
Posted June 16, 2008, 6:05 pmAerosmith:
The method for getting the make of the plug-ins to work can be found here:
kernel-dump.blogspot.com/2008/01/how-to-compile-nagios-plugins-for.html
Read it carefully several times to make sure you understand the switches of users and use of Bash.
Posted June 19, 2008, 7:27 pmHello,
I think I’m having the same issue as Dave. I installed the SUNWcry and SUNWcryr packages, pointed the configure script to the appropriate ssl directories, modified both nrpe.c and check_nrpe.c to use the appropriate encryption, trying the lines:
SSL_CTX_set_cipher_list(ctx,”ADH:-ADH-AES256-SHA”);
or
SSL_CTX_set_cipher_list(ctx,”ADH”); +
SSL_CTX_set_cipher_list(ctx,”ADH:-ADH-AES256-SHA”);
as suggested in different forums, and still, when I restart the nrpe service and test it with
/usr/local/nagios/libexec/check_nrpe -H localhost
I get the ssl handshake error:
CHECK_NRPE: Error - Could not complete SSL handshake.
Any other thoughts?
Posted June 26, 2008, 9:20 amSo it sounds like you were able to get everything to compile correctly and have no library errors, you just can not complete the handshake with the remote server. Most often I have seen this error when running different versions of NRPE on the host and client.
This FAQ may help you troubleshoot this error:
http://www.nagios.org/faqs/viewfaq.php?faq_id=191
Kevin
Posted June 26, 2008, 9:58 amIn src/nrpe.c replace the lines 616 - 619 like that (don’t comment them):
else if(!strcmp(varvalue,”authpriv”))
Posted July 18, 2008, 8:16 amlog_facility=LOG_AUTH;
else if(!strcmp(varvalue,”ftp”))
log_facility=LOG_DAEMON;
I agree, that is a better solution. Have you recommended any solutions to the developers for a permanent fix for the next version of NRPE?
Posted July 18, 2008, 9:29 amKevin,
how do you start nagios automagically at boot under Solaris 10?
Axel
Posted July 31, 2008, 8:43 amAxel,
Solaris 10 uses SMF or the Service Management Facility to control what services start on bootup. If you followed the steps above, successfully converted it from inetd to SMF and the service went online, it will also come online every time you reboot.
Kevin
Posted July 31, 2008, 8:48 amYes, the NRPE - I’m looking for starting Nagios itself on Solaris. As my Ultra 10 is idling away and twiddlikng its virtual thumbs anyway I have nagios installed on it, but would like to start it automagically at boot time (not the NRPE service, though).
Converting init.d files to SMF seems to be a tad bit trickier, though?
Posted July 31, 2008, 8:55 amAhh, sorry, I misread your question. Unfortunately, my nagios server runs on Solaris 9 still so I haven’t gone through that process yet. Thinking about it though, SMF has backwards compatibility specifically for this case - applications that only have init scripts built. SMF still executes scripts in /etc/rc<n>.d/ folders that have not been converted. So you should be able to use the script generated by the make install-init command, by placing it in /etc/rc3.d/, etc. You should also be able to start it manually by executing /etc/init.d/nagios start - if the script has all the right paths for your installation in it.
Posted July 31, 2008, 9:23 amAfter googling for several days (granted, I must have hit the wrong keywords), I came up with a template manifest. Hope this helps others, too.
Nagios Monitoring
Posted July 31, 2008, 9:49 amdarn, that got swallowed :-)
Posted July 31, 2008, 9:49 amDude,
Thanks for the lessons, But I have one problem more which is when i attempt to ./check_nrpe -H localhost i get the (apparently common) error
“CHECK_NRPE: Error - Could not complete SSL handshake.”
Now I do not have root on the machine which could be a problem, I cannot possibly in the near future get root on the machine, so installing extra packages is out of the question for now.
I’ve attempted modifying line 222 or src/nrpe.c but to no avail. For now anyway. So if anyone can help me out, that would be cool.
thx :D
Posted August 19, 2008, 3:08 amHi Guys,
can anyone help me?
Scenario
Nagios Server (core) 3.0.3 under Linux (Ubuntu 8.04) - NRPE 2.12 (latest)
Monitored Host: Solaris 10 (SunOS S10DBSERVER 5.10 Generic sun4u sparc SUNW,Sun-Blade-2500)
I tried to install NRPE 2.12 on S10:
Download package, extract in folder.
I HAVE NOT SUNWcry installed. I can’t find where download package for my S10 Sparc. Free download only for Solaris 8 :(
1) Apply the patch:
As mentioned here (The second solution is to change line 222 of src/nrpe.c like this: - SSL_CTX_set_cipher_list(ctx,”ADH”); + SSL_CTX_set_cipher_list(ctx,”ADH:-ADH-AES256-SHA”); and recompile. )
DONE.
Comment these line in nrpe.c
/* else if(!strcmp(varvalue,”authpriv”))
log_facility=LOG_AUTHPRIV;
else if(!strcmp(varvalue,”ftp”))
log_facility=LOG_FTP; */
DONE.
2) Compile with:
./configure –with-ssl-lib=/usr/sfw/lib \
–with-ssl-inc=/usr/sfw/include –with-ssl=/usr/sfw \
–prefix=/opt/nagios
OK, done.
3) Edit the /opt/nagios/etc/nrpe.cfg file.
Only 1 change to do: change paths to nagios plugins
4) Edit the /etc/inetd.conf file, setting up like this:
nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /opt/nagios/bin/nrpe -c /opt/nagios/etc/nrpe.cfg –inetd
5) Edit /etc/services adding
nrpe 5666/tcp # NRPE
6) Converting inetd to SMF
inetconv
inetconv -e
svcs svc:/network/nrpe/tcp:default
netstat -a | grep nrpe
inetadm -l svc:/network/nrpe/tcp:default
inetadm -m svc:/network/nrpe/tcp:default tcp_wrappers=TRUE
inetadm -l svc:/network/nrpe/tcp:default
vi /etc/hosts.allow (nrpe: LOCAL, NagiosServerIPaddress)
vi /etc/hosts.deny (nrpe: ALL)
Testing:
On S10:
bash-3.00# /opt/nagios/libexec/check_nrpe -H localhost
NRPE v2.12
bash-3.00# /opt/nagios/libexec/check_nrpe -H localhost -c check_load
OK - load average: 0.21, 0.27, 0.27|load1=0.211;15.000;30.000;0; load5=0.270;10.000;25.000;0; load15=0.270;5.000;20.000;0;
WOW…it seems working…
Now, testing on Nagios Core server:
root@nagios-srv:~# /usr/local/nagios/libexec/check_nrpe -H 192.168.10.241
CHECK_NRPE: Error - Could not complete SSL handshake.
LOG on S10 tell: Aug 26 10:29:28 S10DBSERVER nrpe[32]: [ID 813741 daemon.error] Error: Could not complete SSL handshake. 1
Without SSL
root@nagios-srv:~# /usr/local/nagios/libexec/check_nrpe -H 192.168.10.241 -n
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.
LOG on S10 tell: Aug 26 10:29:58 S10DBSERVER nrpe[33]: [ID 813741 daemon.error] Error: Could not complete SSL handshake. 1
Same error -.-
—-
I installed also openssl0.9.8h:
./config –prefix=/opt/openssl
make
make test
make install
No errors
Recompile NRPE with:
./configure –with-ssl-lib=/opt/openssl/lib \
–with-ssl-inc=/opt/openssl/include –with-ssl=/opt/openssl \
–prefix=/opt/nagios
Error:
checking for SSL headers… SSL headers found in /opt/openssl/include/..
checking for SSL libraries… configure: error: Cannot find ssl libraries
bash-3.00# find . / -name “libssl.so.0.9.7″
/usr/sfw/lib/sparcv9/libssl.so.0.9.7
/usr/sfw/lib/libssl.so.0.9.7
So, no libssl.so.0.9.7 present in /opt/openssl/lib
—–
PLEASE help
Simone
Posted August 26, 2008, 2:36 amFrom the README of openssl:
NOTE: The header files used to reside directly in the include
directory, but have now been moved to include/openssl so that
OpenSSL can co-exist with other libraries which use some of the
same filenames.
So try this instead:
–with-ssl-inc=/opt/openssl/include/openssl
Or try searching for ssl.h, which is the name of the SSL header file that is should be looking for.
Posted August 26, 2008, 8:01 amHi Kevin,
thank for reply.
But, my problem is that compiler can’t find SSL libraries, not headers.
However, I try this:
./configure –with-ssl-lib=/opt/openssl/lib –with-ssl-inc=/opt/openssl/include/openssl –with-ssl=/opt/openssl –prefix=/opt/nagios
checking for SSL headers… SSL headers found in /opt/openssl/include/openssl/..
checking for SSL libraries… configure: error: Cannot find ssl libraries
If I look for “ssl.h”, I get this result:
/opt/openssl/include/openssl/ssl.h (83972 bytes)
/usr/sfw/include/openssl/ssl.h (74911 bytes)
Mmh… I’m confused :/
What’s wrong? Headers or libraries?
Tnx,
Posted August 27, 2008, 3:50 amSimone
Sorry, I misread your earlier post. You are having problems with the libraries. Did you find that it was looking for libssl.so.0.9.7 in config.log? I believe the libraries that you have installed are libcrypto.a and libssl.a and are the static libraries. If you need the libssl.so, then you need the shared libraries installed as well and should add the option “shared” to your configure when compiling openssl.
Posted August 27, 2008, 10:22 amTnx Kevin,
I tried to compile OpenSSL with:
./config shared –prefix=/opt/openssl
And recompiled NRPE with:
./configure –with-ssl-lib=/opt/openssl/lib –with-ssl-inc=/opt/openssl –with-ssl=/opt/openssl –prefix=/opt/nagios
Works, but there’s always same error:
nrpe[25471]: [ID 813741 daemon.error] Error: Could not complete SSL handshake. 1
Executing nrpe as a daemon without SSL, everything works fine!
Last chance is to find sunwcry and sunwcryr for my Solaris10
Thank you!
Posted August 28, 2008, 5:44 amFor the handshake errors have you tried going through these steps yet?
http://www.nagios.org/faqs/viewfaq.php?faq_id=191
Posted August 28, 2008, 8:52 amI’m banging my head against the wall with this issue. Don’t know if this is RBAC or what is causing the problem. After compiling NRPE according to the instructions and getting SSL working, some scripts work: CPU, Load work great. The scripts that don’t work (and by “don’t work” I mean are not able to store sys command results into variables when being called by NRPE under SMF) are the ones that contain backticks or (). The check_oracle script is one of them. A simple example is below:
if I call a script alias from nagios to the solaris host, and the script contains:
#!/bin/ksh
test = `ps`
echo $test
the results passed back will be empty. I did some experimentation and found that the command IS executed, but it cannot be stored into a variable, so nagios displays the ‘no output returned’ message, unless I also echo some text. This is some wierd stuff.
My kernel is: SunOS 5.10 Generic_127127-11 sun4v sparc SUNW,SPARC-Enterprise-T5220. Anyone know what I should do?
Posted August 29, 2008, 2:58 pmI saw that you had posted this on the nagiosplug-help mailing list. There are some great people on that list, I’d give them a couple more days to respond….
Posted August 29, 2008, 11:11 pmHi,
I am receiving the same error as well:
CHECK_NRPE: Error - Could not complete SSL handshake.
I am using Sol 8. Have few Q’s after reading the FAQ at: http://www.nagios.org/faqs/viewfaq.php?faq_id=191
1. Since I am using Sol 8, and not Sol10, would installing sunwcry and sunwcryr pkgs help me?
2. I have installed NRPE 2.12 and nagios-plugins-1.4.11… if these versions are not compatible, can you suggest what combination of NRPE and nagios-plugins versions should I go for?
Thanks,
Posted September 2, 2008, 6:16 amHanu
Hi,
Thank you this wonderfull article and it really helped me configure NRPE on Solaris 10. I am sure it would have helped a lot of newbies like me.
However, I would like to install NRPE on SOLARIS 8 and 9 as well. Do you have any suggestions on installing NRPE on Solaris 8 & 9 under inetd or Xinetd?
Thanks a lot in advance for your help..
Posted September 15, 2008, 12:09 amI cannot get check_swap to compile on solaris 10 x86. I keep getting :
Cannot use swapctl in the large files compilation environment
durign the configure stage and it does not add check_swap to Makefile.
Any ideas ?
Posted September 15, 2008, 1:37 amHanu - As long as you were able to compile NRPE with some SSL libraries, you should be fine. It is more likely that it is the version mis-match between servers. Make sure that the NRPE version is the same on both the server and client.
Amrit - You’re welcome! I don’t have a how to document written for those versions, however, they should be easier since you do not need to convert the inetd line to SMF.
Henti - This seems to be a long standing problem with 32-bit Solaris, hopefully you can get some developers on your side to get the code updated. Good luck!
Posted September 15, 2008, 10:15 pmPlease note that a new version on nagios-plugins (1.4.13) has been released. See the release notes for more information:
https://sourceforge.net/forum/forum.php?forum_id=870554
“This release contains enhancements for check_procs and pst3 on Solaris systems (so it works correctly in Solaris 10 zones and also runs much faster). There were other minor updates and fixes from Thomas Guyot-Sionnest, Holger Weiss and Matthias Eble.”
Posted September 25, 2008, 9:01 amProblem with ssl is because nrpe cant find ssl library in available lib’s paths.
Posted October 16, 2008, 5:47 am1st install openssl package ( available on sunfreeware.com )
2nd crle -l /lib:/usr/lib:/usr/local/lib:/usr/local/ssl/lib/
3rd /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i
4th Check from nagios server check_nrpe -H solaris_ip
Hello,
I was having the same issues. I found these commands resolved the problem:
#crle -l /lib:/usr/lib:/usr/local/lib:/usr/local/ssl/lib/
#/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i
Now confirm that nrpe is functioning properly:
#/usr/local/nagios/libexec/check_nrpe -H localhost
Hope this helps,
Anthony
Posted November 7, 2008, 8:36 pmRun ‘yum install openssl-devel’ and the ./configure script will run correctly afterward. This applies to linux systems. You may have to run ‘apt-get install openssl-devel’ depending on the linux variant.
-Donald
Posted December 24, 2008, 10:14 pmI was having this error also: “CHECK_NRPE: Error - Could not complete SSL handshake.”
When I telnet’ed to the port I noticed this message:
“ld.so.1: tcpd: fatal: libc.so.1: open failed: No such file or directory”
So I updated my library locations using the crle command:
“crle -l /usr/sfw/lib:/usr/local/ssl/lib:/usr/local/lib:/usr/lib:/lib:/usr/local/ssl/lib”
I was then able to perform the check_nrpe test successfully.
I did not require the SSL ADH cypher change for it to work either.
Posted December 26, 2008, 4:06 pm