Various issues on fresh install - CentOS6

[Rionoskae]

Cannot get Install Agent to work on Windows machines - Just not working for me in CentOS 6 - Fresh install. Tried various formats. Nothing else was installed - simply followed instructions on adagios.org

Also after reboot - okconfig directory permission breaks, unable to use any okconfig dependent features after initial reboot....

Also can you explain the format for network scan? It seems that it has to be ip address/25. I assumed ( incorrectly ) that it would be 172.16.1.1/255 to scan the range from 1-255. what is /25 being used for and why is needed?

Thanks!

[tomas-edwardsson]

@Rionoskae check out Deploying nsclient on windows servers

Your issue regarding reboot and directory permissions is a bit fuzzy, can you give me an example, for instance

getfacl /etc/nagios/okconfig/hosts

Nothing should be resetting the permissions.

The network scan is in CIDR notation, see http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#IPv4_CIDR_blocks

[Rionoskae]

Thanks for the reply and the documentation on network scan usage :)

When doing any function that is handled by okconfig ( add a host, install agent,etc... ) you are presented with an error screen that says the following:

I tried issuing a few chmod 777 or +w commands on the entire /etc/nagios/ directory but to no avail...

---

As for the winexe agent installs, it just always kind of times out... I've tried a few slightly different formats, but i'm just not having any luck...

[Rionoskae]

Updated with Screenshots^

[tomas-edwardsson]

@Rionoskae you need to check the permissions, something like "getfacl /etc /etc/nagios /etc/nagios/okconfig /etc/nagios/okconfig/hosts" should give you a pretty good idea on the status of permissions.

Also selinux might be the issue, check if it's enabled.

[Rionoskae]

Just installed CentOS-6.4 in virtualbox ( previously on physical system) and encountered the exact same permission issues as before.

Followed install directions exactly, so I assume SELInux is disabled.

I ran the command you noted and this is what I got...

Before Reboot: ( working )

After Reboot: ( not working )

[Rionoskae]

Tried to completely disable Selinux to rule it out as a possibility - then rebooted.

[Rionoskae]

This is a Fresh install, following the install directions exactly...Is nobody else experiencing this?

How have you had success with Adagios installs? I don't mind using a different OS if it works!

[Rionoskae]

Also tried this regarding Selinux.. http://knowledgelayer.softlayer.com/procedure/how-do-i-turn-selinux-redhat-or-centos

[pall-valmundsson]

On my system the apache user is in the nagios group, which in turn has the write privileges, that might be the issue and it's not in the docs. Check: groups apache Add to group if missing: usermod -a -G nagios apache Remember to service httpd reload afterwards. If this is the issue it would need to go into the docs.

[Rionoskae]

Ran - "groups apache" & the usermod command just in case :) and reloaded http via: " httpd service restart "

[Rionoskae]

Maybe this will help...

What I've done start to finish installing CentOS & Adagios...

Installed Centos-6.4 from LiveDVD.iso.

Once installed, opened terminal and copy-pasted the following commands....

rpm -Uvh http://download.fedoraproject.org/pub/epel/6/$HOSTTYPE/epel-release-6-8.noarch.rpm

rpm -Uhv http://opensource.is/repo/ok-release-10-1.el6.noarch.rpm

yum --enablerepo=ok-testing install -y nagios git adagios ( nagios installed as dependancy here )

yum --enablerepo=ok-testing install -y okconfig

sed -i "s/SELINUX=enforcing/SELINUX=permissive/" /etc/sysconfig/selinux setenforce 0

service httpd restart chkconfig httpd on

service nagios restart chkconfig nagios on

cd /etc/nagios/ git init git add . git commit -a -m "Initial commit" chown -R nagios /etc/nagios/* /etc/nagios/.git setfacl -R -m group:nagios:rwx /etc/nagios/ setfacl -R -m d:group:nagios:rwx /etc/nagios/

mkdir -p /etc/nagios/adagios pynag config --append cfg_dir=/etc/nagios/adagios

[Rionoskae]

Ran the following: chmod -R 777 /etc/nagios/okconfig getfacl /etc /etc/nagios /etc/nagios/okconfig /etc/nagios/okconfig/hosts service httpd reload

Still being given permission issues...grrr!

[pall-valmundsson]

Ok, your latest screenshot shows that SElinux is enabled. Can you paste your /etc/sysconfig/selinux file here. If that file is not correct it would explain why a reboot makes things break.

Edit: changes to /etc/sysconfig/selinux do not take effect until you have rebooted the OS.

[Rionoskae]

It is actually posted earlier in this thread :)

[Rionoskae]

Hmm very odd You are right - that was it.... Ran the command from the install directions again for SELinux as root and it worked... Odd that modifying the file via vim didn't change the state of selinux in /etc/sysconfig/selinux.....

That or maybe i've been looking at the linux terminal for too long and losing it....haha

Thanks guys - going to try a reboot again to make sure it sticks :D

[Rionoskae]

Reboot broke Selinux again...hmmm

[pall-valmundsson]

Ah, I missed it. If SELINUX=disabled and getenforce after a reboot still returns Enforcing something is not behaving as expected. If you triple check /etc/sysconfig/selinux and reboot and getenforce still reports Enforcing please paste the output of cat /proc/cmdline (it contains the parameters passed to the kernel at boot time).

[Rionoskae]

Ok - Checked /etc/sysconfig/selinux - It is still set to SELINUX=disabled and getenforce shows "enforcing"....

cat /proc/cmdline

Running the following command as ROOT will fix it until the next reboot. sed -i "s/SELINUX=enforcing/SELINUX=permissive/" /etc/sysconfig/selinux setenforce 0

[Rionoskae]

Hmmm I think i got this sorted out....

Using the following link: http://tweakandtune.blogspot.com/2009/03/centos-disable-selinux.html

Had to edit /etc/grub.conf as shown - to set selinux=0

[pall-valmundsson]

setenforce 0 disables SElinux for the current session, which is the reason for why it works until the next reboot. Try this one: sed -i 's/^SELINUX=.*$/SELINUX=permissive/' /etc/sysconfig/selinux Verify that it worked: grep SELINUX= /etc/sysconfig/selinux (it should say SELINUX=permissive) Reboot and check getenforce.

[Rionoskae]

Ok...Ill un-edit the grub.conf file and try your changes :)

[pall-valmundsson]

The grub.conf kernel parameter change should work if all else fails, it's the most brute force way of disabling selinux but SHOULD not be necessary. If my way doesn't work than you can go with the grub.conf one.

[Rionoskae]

Sounds like a plan - I will report back shortly and let you know if that works for me:)

Thanks for the help and your patience guys!

[pall-valmundsson]

@tomas-edwardsson, I'm pretty sure I'm on Dan Walsh's naughty list right now... :)

[Rionoskae]

didn't work :(

[Rionoskae]

Well in any case - it works, I'm happy. ( modifying grub.conf ) Still can't push agents to windows clients...but I'll keep playing around with that one