Thursday, 14 December 2017

WebSphere Liberty Profile - Customising the Logging

On my current engagement, we had a requirement to trim out ( temporarily ) some information log messages which were "spamming" the console.log of a WebSphere Liberty Profile (WLP) environment.

Firstly, here's some context about WLP logging: -

There are three primary log files for a server:

• console.log - containing the redirected standard output and standard error from the JVM process. This console output is intended for direct human consumption. The console output contains major events and errors if you use the default consoleLogLevel configuration. The console output also contains any messages that are written to the System.out and System.err streams if you use the default copySystemStreams configuration. The console output always contains messages that are written directly by the JVM process, such as -verbose:gc output. This file is created only if the server start command is used, and its location can be altered only by using the LOG_DIR environment variable. For more information, see Administering Liberty from the command line.

• messages.log - containing all messages except trace messages that are written or captured by the logging component. All messages that are written to this file contain additional information such as the message time stamp and the ID of the thread that wrote the message. This file does not contain messages that are written directly by the JVM process.

• trace.log - containing all messages that are written or captured by the product. This file is created only if you enable additional trace. This file does not contain messages that are written directly by the JVM process.

and: -

The console.log file does not have the same level of management as other log files. The only property that you can change is consoleLogLevel.

and: -

consoleLogLevel

This filter controls the granularity of messages that go to the console.log file. The valid values are INFO, AUDIT, WARNING, ERROR, and OFF. By default, the level is AUDIT.
...


As an example, from my own VM ( and this is a TERRIBLE example ), let's say I wanted to suppress this message: -

[AUDIT   ] CWWKS1100A: Authentication did not succeed for user ID appcenteradmin. An invalid user ID or password was specified.

In a default, vanilla, installation of WLP, the default for consoleLogLevel is AUDIT.

If I wanted to turn off ALL logging, I could change that to OFF, but that'd be a daft idea.

Therefore, there's this: -

...
After version 8.5.5.4+ Liberty Profile; added new attribute "hideMessage" to logging element.

You can configure logging element on server.xml file;

<logging hideMessage="WELD-000900" />

The "WELD-000900" messages will redirect to trace.log file.

If you want to add multiple message, you can seperate it with a comma.

<logging hideMessage="WELD-000900, CWWKE0001I" />


so I validated this, by changing server.xml : -

vi /opt/ibm/WebSphere/Liberty/usr/servers/defaultServer/server.xml

and adding: -

        <logging consoleLogLevel="AUDIT"/>
        <logging hideMessage="CWWKS1100A"/>

before the closing </server> directive.

Now I can try/fail to login as many times as I like, and console.log will tell me nothing: -

tail -f /opt/ibm/WebSphere/Liberty/usr/servers/defaultServer/logs/console.log

[AUDIT   ] CWWKS1100A: Authentication did not succeed for user ID adsda. An invalid user ID or password was specified.
[AUDIT   ] CWWKG0016I: Starting server configuration update.
[AUDIT   ] CWWKG0017I: The server configuration was successfully updated in 0.050 seconds.


Note the CWWKG0016I and CWWKG0017I messages; they tell me that the server automatically updated its configuration once I saved the changes to server.xml.

And, of course, I'm going to change it back: -

vi /opt/ibm/WebSphere/Liberty/usr/servers/defaultServer/server.xml

        <logging consoleLogLevel="AUDIT"/>

and now I see all of the bad login messages: -

tail -f /opt/ibm/WebSphere/Liberty/usr/servers/defaultServer/logs/console.log

[AUDIT   ] CWWKS1100A: Authentication did not succeed for user ID adsdas. An invalid user ID or password was specified.
[AUDIT   ] CWWKS1100A: Authentication did not succeed for user ID asdads. An invalid user ID or password was specified.
a[AUDIT   ] CWWKS1100A: Authentication did not succeed for user ID asda. An invalid user ID or password was specified.

IBM MobileFirst 8 - Commanding the CLI

As with many of my projects, this is another one in the category of "Tinkering".

In order to better support my current client, I needed a quick-start into the world of IBM MobileFirst Platform (MFP).

I've blogged about MFP before, but mainly in the context of building out a runtime on the WebSphere Liberty Platform: -


but now I wanted to go a little bit further.

I started here: -


and quickly ended up here: -


and: -


Having downloaded and installed the MobileFirst Developer Kit for macOS, as per this: -


I was able to start up the native MobileFirst Server: -

cd /Users/davidhay/MobileFirst-8.0.0.0
./run.sh

….
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was removed in 8.0
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=512m; support was removed in 8.0
objc[10046]: Class JavaLaunchHelper is implemented in both /Library/Java/JavaVirtualMachines/jdk1.8.0_151.jdk/Contents/Home/bin/java (0x100da94c0) and /Library/Java/JavaVirtualMachines/jdk1.8.0_151.jdk/Contents/Home/jre/lib/libinstrument.dylib (0x100e674e0). One of the two will be used. Which one is undefined.
Listening for transport dt_socket at address: 10777
Launching mfp (WebSphere Application Server 8.5.5.8/wlp-1.0.11.cl50820151201-1942) on Java HotSpot(TM) 64-Bit Server VM, version 1.8.0_151-b12 (en_GB)
[AUDIT   ] CWWKE0001I: The server mfp has been launched.
[AUDIT   ] CWWKE0100I: This product is licensed for development, and limited production use. The full license terms can be viewed here: https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/wasdev/license/base_ilan/ilan/8.5.5.8/lafiles/en.html
[AUDIT   ] CWWKZ0058I: Monitoring dropins for applications. 

[AUDIT   ] CWWKT0016I: Web application available (default_host): http://192.168.153.1:9080/doc/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://192.168.153.1:9080/mfp-dev-artifacts/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://192.168.153.1:9080/IBMJMXConnectorREST/

[AUDIT   ] CWWKT0016I: Web application available (default_host): http://192.168.153.1:9080/mfpconsole/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://192.168.153.1:9080/mfpadminconfig/

[AUDIT   ] CWWKT0016I: Web application available (default_host): http://192.168.153.1:9080/analytics/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://192.168.153.1:9080/imfpush/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://192.168.153.1:9080/mfpadmin/


I then hit the MFP Console: -


and navigated to the Get CLI link: -



At this point, I hit a blocker.

When I tried to use the local version ( having downloaded it from here http://192.168.153.1:9080/mfp-dev-artifacts/mfpdev-cli.tgz ) : -

sudo npm install -g ~/Downloads/mfpdev-cli.tgz 

I saw this: -

npm WARN deprecated minimatch@3.0.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated express@2.5.11: express 2.x series is deprecated
npm WARN deprecated connect@1.9.2: connect 1.x series is deprecated
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated node-uuid@1.4.7: Use uuid module instead
npm WARN deprecated tough-cookie@2.2.2: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
npm WARN deprecated graceful-fs@1.2.3: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm ERR! code E404
npm ERR! 404 Not Found: ibm-strings@0.1.4

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/davidhay/.npm/_logs/2017-12-14T15_19_12_355Z-debug.log


When I tried the version from the net: -

sudo npm install -g mfpdev-cli

I saw this: -

npm WARN deprecated minimatch@3.0.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated express@2.5.11: express 2.x series is deprecated
npm WARN deprecated connect@1.9.2: connect 1.x series is deprecated
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated node-uuid@1.4.7: Use uuid module instead
npm WARN deprecated tough-cookie@2.2.2: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
npm WARN deprecated graceful-fs@1.2.3: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.1.3 (node_modules/mfpdev-cli/node_modules/fsevents):
npm WARN enoent SKIPPING OPTIONAL DEPENDENCY: ENOENT: no such file or directory, rename '/usr/local/lib/node_modules/.staging/fsevents-4718b8bb/node_modules/tar' -> '/usr/local/lib/node_modules/.staging/tar-0c43e4b7'

npm ERR! path /Users/mdo-windows-support/package.json
npm ERR! code ENOPACKAGEJSON
npm ERR! errno -2
npm ERR! syscall open
npm ERR! package.json ENOENT: no such file or directory, open '/Users/mdo-windows-support/package.json'
npm ERR! package.json npm can't find a package.json file in your current directory.

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/davidhay/.npm/_logs/2017-12-14T15_19_51_237Z-debug.log

Interestingly, this page: -

doesn't specify dependencies, in terms of NodeJS and NPM.

However, this: -


does say: -

IBM MobileFirst CLI is not supported in the npm version whatever you are trying with.

Try installing the same with npm version 3.10.10 and this should resolve the issue which you are facing.

I checked my versions: -

npm -v

5.5.1

node -v

v8.9.3

Ah, ha :-)

This table: -


helped me find the Node <-> NPM relationship: -

so I went here: -


Having downloaded and installed, I re-checked my versions: -

npm -v

3.10.10

node -v

v7.3.0

Whilst I still struggled with the local version: -

sudo npm install -g ~/Downloads/mfpdev-cli.tgz

npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-adapter-actions
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-android-support
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-app-config
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-app-preview
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-app-pull
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-app-push
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-app-register
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-app-webencrypt
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-app-webupdate
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-cmd-adapter
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-cmd-app
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-cmd-config
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-cmd-info
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-cmd-server
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-cordova-support
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-errors
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-exec
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-ios-support
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-mbs
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-server-support
npm ERR! addLocal Could not install /usr/local/lib/node_modules/mdo-windows-support
npm ERR! addLocal Could not install /usr/local/lib/node_modules/platform-manager
npm ERR! fetch failed https://registry.npmjs.org/mfp-config-xml/-/mfp-config-xml-0.0.3.tgz
npm WARN retry will retry, error on last attempt: Error: fetch failed with status code 404
npm ERR! fetch failed https://registry.npmjs.org/pluggington/-/pluggington-0.3.3.tgz
npm WARN retry will retry, error on last attempt: Error: fetch failed with status code 404
npm ERR! fetch failed https://registry.npmjs.org/ibm-strings/-/ibm-strings-0.1.4.tgz
npm WARN retry will retry, error on last attempt: Error: fetch failed with status code 404
npm ERR! fetch failed https://registry.npmjs.org/mfp-config-xml/-/mfp-config-xml-0.0.3.tgz
npm WARN retry will retry, error on last attempt: Error: fetch failed with status code 404
npm ERR! fetch failed https://registry.npmjs.org/pluggington/-/pluggington-0.3.3.tgz
npm WARN retry will retry, error on last attempt: Error: fetch failed with status code 404
npm ERR! fetch failed https://registry.npmjs.org/ibm-strings/-/ibm-strings-0.1.4.tgz
npm WARN retry will retry, error on last attempt: Error: fetch failed with status code 404
npm ERR! fetch failed https://registry.npmjs.org/mfp-config-xml/-/mfp-config-xml-0.0.3.tgz
npm ERR! fetch failed https://registry.npmjs.org/pluggington/-/pluggington-0.3.3.tgz
npm ERR! fetch failed https://registry.npmjs.org/ibm-strings/-/ibm-strings-0.1.4.tgz
npm ERR! Darwin 17.3.0
npm ERR! argv "/usr/local/bin/node" "/usr/local/bin/npm" "install" "-g" "/Users/davidhay/Downloads/mfpdev-cli.tgz"
npm ERR! node v7.3.0
npm ERR! npm  v3.10.10
npm ERR! path /usr/local/lib/node_modules/mdo-adapter-actions
npm ERR! code ENOENT
npm ERR! errno -2
npm ERR! syscall open

npm ERR! enoent ENOENT: no such file or directory, open '/usr/local/lib/node_modules/mdo-adapter-actions'
npm ERR! enoent ENOENT: no such file or directory, open '/usr/local/lib/node_modules/mdo-adapter-actions'
npm ERR! enoent This is most likely not a problem with npm itself
npm ERR! enoent and is related to npm not being able to find a file.
npm ERR! enoent 

npm ERR! Please include the following file with any support request:
npm ERR!     /usr/local/bin/npm-debug.log

I was able to install / use the online version: -

sudo npm install -g mfpdev-cli

which mfpdev

/usr/local/bin/mfpdev

mfpdev -v

8.0.0-2017102406

Now to learn what to do with it ...

Tuesday, 12 December 2017

Oracle Database 11gR2 - Get the dependencies right ...

Having just installed Oracle 11.2 ( 11gR2 ) onto a Red Hat Enterprise Linux 7.4 VM, I was kinda getting fed up with the sqlplus command not working …..

sqlplus 

sqlplus: error while loading shared libraries: libclntsh.so.11.1: cannot open shared object file: No such file or directory

ls -al `locate libclntsh.so`

-rwxrwx---. 1 oracle oracle 48797739 Dec 12 08:49 /home/oracle/app/oracle/product/11.2.0/dbhome_1/inventory/backup/2017-12-12_08-48-58AM/Scripts/ext/lib/libclntsh.so.11.1
-rwxrwx---. 1 oracle oracle 48797739 Dec 12 08:49 /home/oracle/app/oracle/product/11.2.0/dbhome_1/inventory/Scripts/ext/lib/libclntsh.so.11.1
-rwxr-xr-x. 1 oracle oracle        0 Dec 12 08:50 /home/oracle/app/oracle/product/11.2.0/dbhome_1/lib/libclntsh.so


echo $LD_LIBRARY_PATH

/home/oracle/app/oracle/product/11.2.0/dbhome_1/lib:

ls -al /home/oracle/app/oracle/product/11.2.0/dbhome_1/lib/libclntsh.so*

-rwxr-xr-x. 1 oracle oracle 0 Dec 12 08:50 /home/oracle/app/oracle/product/11.2.0/dbhome_1/lib/libclntsh.so

and yet ….

As is ever the case, Google came to my rescue; more importantly, Cody Burleson: -


which told me about the relink command: -

~/app/oracle/product/11.2.0/dbhome_1/bin/relink

The log for this: -

/home/oracle/app/oracle/product/11.2.0/dbhome_1/install/relink.log

showed me the error of my ways: -

INFO: gcc -o tnslsnr -m64
INFO: /bin/sh: gcc: command not found

INFO: make: *** [tnslsnr] Error 127


Ah, dependency time :-)

So I installed gcc using Yum, and reinstalled Oracle: -

rm -Rf /home/oracle/app/
/mnt/database/runInstaller -silent -responseFile ~/db_install.rsp 

and now it works: -

sqlplus

SQL*Plus: Release 11.2.0.1.0 Production on Tue Dec 12 09:46:19 2017

Copyright (c) 1982, 2009, Oracle.  All rights reserved.

Enter user-name: 

Next time (!), check the dependencies, doofus !

Thursday, 7 December 2017

DB2 on Windows - where does the db2nodes.cfg file live ?

I was briefly tinkering with the need to update the db2nodes.cfg file to help DB2 Express 11.1 cope with the hostname change of a Windows Server 2012 R2 boxen.

I'd created a new VM, via OpenStack, using a snapshot from an existing VM - which I'd NOT yet deleted.

Therefore, OpenStack, being the nice IaaS solution that it is, kindly helped me out by creating the new instance with a new hostname.

This borked DB2, as you'd expect ….

I've seen similar issues with DB2 on Linux: -

SQL10003C There are not enough system resources to process the request. The request cannot be processed.
and it's typically just a case of updating the db2nodes.cfg file, which lives under the DB2 instance's home directory: -

/home/db2inst1/sqllib/db2nodes.cfg

On Windows …. yeah, good luck with that.

Of course, I found it ….

It's HERE

C:\ProgramData\IBM\DB2\DB2COPY1\BPMINST\db2nodes.cfg

Easy when you know how.

For the record, DB2 was installed, via IBM Installation Manager, as part of an IBM BPM 8.6 installation.

But that's not important right now ….

For more info about changing DB2 hostnames ( ideally you don't want to do this but … ), please go here: -


which says, in part: -

Locate db2nodes.cfg in one of the following directories:
• UNIX/Linux:
<db2 instance home directory>/sqllib/db2nodes.cfg

• All Windows flavors running DB2 v8 and v9.1: 
Program Files\IBM\SQLLIB\DB2\db2nodes.cfg 

• Windows XP and 2003 running DB2 v9.5: 
Documents and Settings\All Users\Application Data\IBM\DB2\<DB2COPY>\DB2\db2nodes.cfg

NOTE: Application Data is a hidden folder

• Windows Vista and later operating systems: ProgramData\IBM\DB2\<DB2COPY>\DB2\db2nodes.cfg

Ah, Windows Vista, how quaint !

Windows Server 2012 - Ooops, I locked my account

One of my colleagues had a bad day with a shared Windows Server 2012 R2 environment, in that he locked out the main account that we use to access the box, via Remote Desktop Protocol (RDP).

This is NOT an Active Directory environment, so there's no domain controller in the mix; these are merely local accounts.

Thankfully, I had another account that WASN'T locked out, so I RDP'd into the box using that account and used the Advanced User Accounts Control Panel ( aka netplwiz ), which did the trick: -


and: -


The "Account is locked out" checkbox WAS checked, it's checked no longer :-)

Thanks to the internet for the assist: -



Wednesday, 6 December 2017

Nagios and NRPE - There's more ...

Following on from my earlier post: -


things are starting to become more clear.

As far as I can establish, on the NRPE client/agent side, we have several components at work here.

So we have the NRPE agent itself, as started using xinetd : -

/etc/xinetd.d/nrpe
 
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
        flags           = REUSE
        socket_type     = stream    
port = 5666    
        wait            = no
        user            = nagios
group = nagios
        server          = /usr/local/nagios/bin/nrpe
        server_args     = -c /usr/local/nagios/etc/nrpe.cfg --inetd
        log_on_failure  += USERID
        disable         = no
# only_from       = 192.168.153.130
}


and then we have the command(s) that we want to invoke from the Nagios server itself: -

ls -1 /usr/local/nagios/libexec

check_disk
check_load
check_nrpe
check_procs
check_swap
check_users
diskfree.py
hello.pl


and then we have the configuration file that acts as the lookup/aliasing agent: -

cat /usr/local/nagios/etc/nrpe.cfg

command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -r -w .15,.10,.05 -c .30,.25,.20
command[check_sda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/sda1
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200
command[sayHello]=/usr/local/nagios/libexec/hello.pl
command[diskFree]=/usr/local/nagios/libexec/diskfree.py


This means that, from the Nagios server, I can invoke any of the above commands: -

/usr/local/nagios/libexec/check_nrpe -H mfp.uk.ibm.com -c check_users

USERS OK - 2 users currently logged in |users=2;5;10;0

/usr/local/nagios/libexec/check_nrpe -H mfp.uk.ibm.com -c check_load

CRITICAL - load average: 0.39, 0.24, 0.17|load1=0.390;0.150;0.300;0; load5=0.240;0.100;0.250;0; load15=0.170;0.050;0.200;0; 

/usr/local/nagios/libexec/check_nrpe -H mfp.uk.ibm.com -c check_sda1

DISK OK - free space: /boot 274 MB (55.29% inode=100%);| /boot=222MB;396;446;0;496

/usr/local/nagios/libexec/check_nrpe -H mfp.uk.ibm.com -c check_zombie_procs

PROCS OK: 0 processes with STATE = Z | procs=0;5;10;0;

/usr/local/nagios/libexec/check_nrpe -H mfp.uk.ibm.com -c check_total_procs

PROCS WARNING: 185 processes | procs=185;150;200;0;

/usr/local/nagios/libexec/check_nrpe -H mfp.uk.ibm.com -c sayHello

Hello, World!

/usr/local/nagios/libexec/check_nrpe -H mfp.uk.ibm.com -c diskFree

FREE SPACE OK: '/' is 26.00% full

From a Nagios console perspective, I can define all/any of these

sudo vi /usr/local/nagios/etc/servers/mfp.cfg 

define command {
        command_name                    check_nrpe_with_args
        command_line                    $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}

define service {
        use                             generic-service
        host_name                       mfp.uk.ibm.com
        service_description             Check_Load
        check_command                   check_nrpe_with_args!check_load
        notifications_enabled           1
}
define service {
        use                             generic-service
        host_name                       mfp.uk.ibm.com
        service_description             Hello_World
        check_command                   check_nrpe!sayHello
        notifications_enabled           0
}
define service {
        use                             generic-service
        host_name                       mfp.uk.ibm.com
        service_description             Disk_Free
        check_command                   check_nrpe!diskFree
        notifications_enabled           0
}


sudo systemctl restart nagios.service

and then check the Nagios dashboard: -



Finally, purely for the record, whilst the shipped plugins are mainly C/C++ binaries e.g.

file /usr/lib64/nagios/plugins/check_disk 

/usr/lib64/nagios/plugins/check_disk: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=0f75d7633e74455320d40f0b75071f8eabe148de, stripped

but I also have a Perl script: -

file hello.pl 

hello.pl: Perl script, ASCII text executable

and a Python script: -

file diskfree.py 

diskfree.py: Python script, ASCII text executable

( kudos to Linux Magazine for this latter script )

Nagios Remote Plugin Executor (NRPE) and xinetd on Red Hat Enterprise Linux

As per a few previous posts, I'm tinkering ( there's that word again, I must think of another simile ) with Nagios.

This time I'm looking to have my Nagios monitoring server ( which runs on Ubuntu ) execute an agent on a remote boxen running Red Hat Enterprise Linux (RHEL).

Having installed the pre-requisites ( and I do need to document those steps more clearly ), I setup a NRPE script to be started using xinetd ( A Powerful Replacement For Inetd )

cat /etc/xinetd.d/nrpe 

# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
        flags           = REUSE
        socket_type     = stream    
port = 5666    
        wait            = no
        user            = nagios
group = nagios
        server          = /usr/local/nagios/bin/nrpe
        server_args     = -c /usr/local/nagios/etc/nrpe.cfg --inetd
        log_on_failure  += USERID
        disable         = no
# only_from       = 192.168.153.130
}


Having started the service: -

systemctl restart xinetd.service

I was expecting to see NRPE listening on port 5666: -

netstat -aon | grep LISTEN | grep 5666

but saw nothing alas.

I checked the logs: -

tail -f /var/log/messages

Dec  6 14:00:01 mfp systemd: Starting Session 222 of user root.
Dec  6 14:00:14 mfp xinetd[5771]: unexpected signal: 18 (Continued) in signal pipe
Dec  6 14:00:14 mfp systemd: Stopping Xinetd A Powerful Replacement For Inetd...
Dec  6 14:00:14 mfp xinetd[5771]: Exiting...
Dec  6 14:00:14 mfp systemd: Starting Xinetd A Powerful Replacement For Inetd...
Dec  6 14:00:14 mfp systemd: PID file /var/run/xinetd.pid not readable (yet?) after start.
Dec  6 14:00:14 mfp xinetd[6205]: service/protocol combination not in /etc/services: nrpe/tcp
Dec  6 14:00:14 mfp xinetd[6205]: xinetd Version 2.3.15 started with libwrap loadavg labeled-networking options compiled in.
Dec  6 14:00:14 mfp xinetd[6205]: Started working: 0 available services
Dec  6 14:00:14 mfp systemd: Started Xinetd A Powerful Replacement For Inetd.

which makes sense.

Following this: -


I updated the services table: -

vi /etc/services

and changed it from: -

...
cfengine        5308/tcp                        # CFengine
cfengine        5308/udp                        # CFengine
cvsup           5999/tcp        CVSup           # CVSup file transfer/John Polstra/FreeBSD
cvsup           5999/udp        CVSup           # CVSup file transfer/John Polstra/FreeBSD

...

to: -

...
cfengine        5308/tcp                        # CFengine
cfengine        5308/udp                        # CFengine

nrpe            5666/tcp                        # NRPE

cvsup           5999/tcp        CVSup           # CVSup file transfer/John Polstra/FreeBSD
cvsup           5999/udp        CVSup           # CVSup file transfer/John Polstra/FreeBSD

...

Once I again restarted xinetd : -

systemctl restart xinetd.service

the nrpe service started listening on port 5666: -

netstat -aon | grep LISTEN | grep 5666

tcp6       0      0 :::5666                 :::*                    LISTEN      off (0.00/0/0)

with no issues in the logs: -

tail -f /var/log/messages

Dec  6 14:09:54 mfp systemd: Starting Xinetd A Powerful Replacement For Inetd...
Dec  6 14:09:54 mfp systemd: PID file /var/run/xinetd.pid not readable (yet?) after start.
Dec  6 14:09:54 mfp xinetd[6803]: xinetd Version 2.3.15 started with libwrap loadavg labeled-networking options compiled in.
Dec  6 14:09:54 mfp xinetd[6803]: Started working: 1 available service
Dec  6 14:09:54 mfp systemd: Started Xinetd A Powerful Replacement For Inetd.


Thanks, Google, you again served me well ...