omercier
commented
6 years ago Hi, I have managed to reproduce your bug and have finally understood what was happening. It is neither related to nrpe daemon's setuid nor to /tmp's sticky bit, but simply to the service's systemd parameter PrivateTmp that was set to true. This parameter makes the process run with a /tmp mountpoint pointing to a temporary directory /tmp/systemd-private-*, thus making it impossible for it to see what's actually in the system's /tmp mountpoint.
I hope my explanation is understandable, if it can be useful to anyone...
Hello,
I try to use some command from centreoen_plugins, and the centreon_plugins use "/usr/bin/du" command to check local file in /tmp
I've create check_du just to see what appends : command[check_du]=/usr/bin/du /tmp/test.txt
-bash-4.2$ /usr/lib/centreon/plugins/check_centreon_nrpe3 -H 172.16.0.11 -p 5666 -t 30 -n -u -c check_du NRPE: Unable to read output
from the logs : [1533282822] Host 172.16.0.129 is asking for command 'check_du' to be run... [1533282822] Running command: /usr/bin/du /tmp/test.txt [1533282822] Command completed with return code 1 and output: [1533282822] Return Code: 3, Output: NRPE: Unable to read output
I know that the 3.2.0 have some issue with the sticky bit on /tmp and the setuid(), But I have the same error with the 3.2.1 version of NRPE.
[root@Linux nrpe-3.2.1]# /root/nrpe-3.2.1/src/nrpe -V NRPE - Nagios Remote Plugin Executor Version: 3.2.1
I don't have the issue with the NRPE 2.5.0.