[html]
[/html]
2009年7月30日 星期四
2009年7月27日 星期一
Installing NRPE 2.12 from source as a SMF managed service in Solaris 10
Installing NRPE on Solaris 10 involves just a bit more than your normal './configure && make && make install' routine. However, all the dependencies are likely present on a freshly installed system, you just have to tell NRPE where to find it. There's one file you need to patch, and then it will install. From there it's easy to plug into SMF!
First, let's make sure some directories are present, and create our Nagios user:
# mkdir /usr/local
# groupadd nagios
# useradd -m -c "nagios system user" -d /usr/local/nagios -g nagios -m nagios
Next, download and extract the source code to NRPE:
$ cd /tmp/
$ /usr/sfw/bin/wget http://superb-east.dl.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz
$ gzip -dc nrpe-2.12.tar.gz | tar -xvf -
$ cd nrpe-2.12
Now, we need to tell the configure script where to find the openssl libraries, and make sure that GCC is in our path:
$ PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin ./configure --with-ssl=/usr/sfw/ --with-ssl-lib=/usr/sfw/lib/
That should run just fine. Before we build, we need to apply a quick fix to nrpe.c. If you don't do this, you'll get an error from make that says "nrpe.c:617: error: 'LOG_AUTHPRIV' undeclared (first use in this function)".
$ perl -pi -e 's/LOG_AUTHPRIV/LOG_AUTH/; s/LOG_FTP/LOG_DAEMON/' src/nrpe.c
Now, we should be okay to build it:
$ PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin make
Then, install it as root:
# PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin make install
Either copy the nrpe.cfg sample included in the source code, or drop your own into /usr/local/nagios/etc/nrpe.cfg. Now, stay logged in as root for the following, now we'll get NRPE setup to run under SMF.
First, we need to setup the service and present it to inetd:
echo "nrpe 5666/tcp # NRPE" >> /etc/services
echo "nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /usr/local/nagios/bin/nrpe \
-c /usr/local/nagios/etc/nrpe.cfg -i" >> /etc/inet/inetd.conf
Now, tell SMF to pull in the inetd config:
inetconv
At this point, the SMF service is available, but we want to use TCP wrappers so that only our Nagios server can talk to NRPE (substitute $NAGIOS_IP with the IP of your Nagios server):
inetadm -m svc:/network/nrpe/tcp:default tcp_wrappers=TRUE
echo "nrpe: LOCAL, $NAGIOS_IP" >> /etc/hosts.allow
echo "nrpe: ALL" >> /etc/hosts.deny
Finally, fire up the service:
svcadm enable nrpe/tcp
That's it! Nagios should be able to monitor your Solaris 10 box now. Someday, I'll make a package for this, but you can pretty well copy and paste the code here to get up and running.
First, let's make sure some directories are present, and create our Nagios user:
# mkdir /usr/local
# groupadd nagios
# useradd -m -c "nagios system user" -d /usr/local/nagios -g nagios -m nagios
Next, download and extract the source code to NRPE:
$ cd /tmp/
$ /usr/sfw/bin/wget http://superb-east.dl.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz
$ gzip -dc nrpe-2.12.tar.gz | tar -xvf -
$ cd nrpe-2.12
Now, we need to tell the configure script where to find the openssl libraries, and make sure that GCC is in our path:
$ PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin ./configure --with-ssl=/usr/sfw/ --with-ssl-lib=/usr/sfw/lib/
That should run just fine. Before we build, we need to apply a quick fix to nrpe.c. If you don't do this, you'll get an error from make that says "nrpe.c:617: error: 'LOG_AUTHPRIV' undeclared (first use in this function)".
$ perl -pi -e 's/LOG_AUTHPRIV/LOG_AUTH/; s/LOG_FTP/LOG_DAEMON/' src/nrpe.c
Now, we should be okay to build it:
$ PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin make
Then, install it as root:
# PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin make install
Either copy the nrpe.cfg sample included in the source code, or drop your own into /usr/local/nagios/etc/nrpe.cfg. Now, stay logged in as root for the following, now we'll get NRPE setup to run under SMF.
First, we need to setup the service and present it to inetd:
echo "nrpe 5666/tcp # NRPE" >> /etc/services
echo "nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /usr/local/nagios/bin/nrpe \
-c /usr/local/nagios/etc/nrpe.cfg -i" >> /etc/inet/inetd.conf
Now, tell SMF to pull in the inetd config:
inetconv
At this point, the SMF service is available, but we want to use TCP wrappers so that only our Nagios server can talk to NRPE (substitute $NAGIOS_IP with the IP of your Nagios server):
inetadm -m svc:/network/nrpe/tcp:default tcp_wrappers=TRUE
echo "nrpe: LOCAL, $NAGIOS_IP" >> /etc/hosts.allow
echo "nrpe: ALL" >> /etc/hosts.deny
Finally, fire up the service:
svcadm enable nrpe/tcp
That's it! Nagios should be able to monitor your Solaris 10 box now. Someday, I'll make a package for this, but you can pretty well copy and paste the code here to get up and running.
2009年7月17日 星期五
Check_mysql_query 用法
/usr/local/nagios/libexec/check_mysql_query -q "SELECT free FROM ISPD.dim_ANY_MEMSTAT where sno=2" -u dim -p dimitri -H 10.110.32.120 -P 3306 -w 3333333 -c 55555555
free:Column 名稱
ISPD:Database名稱
dim_ANY_MEMSTAT:Table 名稱
sno: 查詢條件
free:Column 名稱
ISPD:Database名稱
dim_ANY_MEMSTAT:Table 名稱
sno: 查詢條件
Solaris 10下安裝nagios
Solaris 10下nagios监控系统
[日期:2009-01-15] 来源:Linux社区 作者:loveunix
Nagios是一个系统和网络监控软件,它可以监测所指定的主机和服务,并在出现问题以及问题恢复后发出报警。Nagios最早是被设计运行于Linux环境下的,但在大多数Unix操作系统下也可以使用。同时它是一个开源软件,我们可以免费获得它的源码,和使用它。Nagios是个不错的系统监控软件,www.britepic.org应用的范围也比较广泛。
本文将介绍Nagios在Solaris10操做系统下的安装过程,其中包括,源码的编译、安装;Apache的安装、Nagios CGI的配置;Nagios监控配置等。
本文参考了Nagios的官方文档和Nagios社区的文章,以及互联网上其他人的相关帖子。
环境、资源准备
gcc-3.4.6-sol10-x86-local.gz
libiconv-1.11-sol10-x86-local.gz
libintl-3.4.0-sol10-x86-local.gz
make-3.81-sol10-x86-local.gz
openssl-0.9.8h-sol10-x86-local.gz
gd-2.0.35-sol10-x86-local.gz
httpd-2.2.4.tar.gz
nagios-3.0.3.tar.gz
nagios-plugins-1.4.11.tar.gz
nrpe-2.12.tar.gz
1.安装Nagios
# groupadd nagios
# useradd -g nagios -d /usr/local/nagios nagios
# gunzip ./nagios-3.0.6.tar.gz
# tar xvf ./nagios-3.0.6.tar.gz
# cd ./nagios-3.0.6.tar.gz
# ./configure --prefix=/usr/local/nagios --with-nagios-user=nagios \
--with-nagios-group=nagios --with-gd-lib=/usr/sfw/lib \
--with-gd-inc=/usr/sfw/include
# make all
# make fullinstall
# make install-config
2.安装openssl
# gunzip ./openssl-0.9.8j-sol10-sparc-local.gz
# pkgadd -d ./openssl-0.9.8j-sol10-sparc-local
# export LD_LIBRARY_PATH=/usr/local/ssl/lib:$LD_LIBRARY_PATH
3.安装Nagios Plugins
# gunzip ./nagios-plugins-1.4.13.tar.gz
# tar xvf ./nagios-plugins-1.4.13.tar
# cd nagios-plugins-1.4.13
# ./configure --without-mysql --prefix=/usr/local/nagios --with-openssl=/usr/local/ssl
# make
# make install
# make clean
# chown -R nagios:nagios /usr/local/nagios/libexec
4.配置Apache
在/etc/apache2/httpd.conf文件追加如下内容
#setting for nagios
ScriptAlias /nagios/cgi-bin /usr/local/nagios/sbin
AuthType Basic
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthUserFile /usr/local/nagios/etc/htpasswd
Require valid-user
Alias /nagios /usr/local/nagios/share
AuthType Basic
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "nagios Access"
AuthUserFile /usr/local/nagios/etc/htpasswd
Require valid-user
5.生成登录用户和验证口令
# /usr/apache2/bin/htpasswd -c /usr/local/nagios/etc/htpasswd
此处的user_name为登录Nagios Web应用需要输入的用户名www.britepic.org
按照提示输入要设置的口令即可
配置/usr/local/nagios/etc/cgi.cfg,添加用户edison
................. .................
# SYSTEM/PROCESS INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# have access to viewing the Nagios process information as
# provided by the Extended Information CGI (extinfo.cgi). By
# default, *no one* has access to this unless you choose to
# not use authorization. You may use an asterisk (*) to
# authorize any user who has authenticated to the web server.
authorized_for_system_information=nagiosadmin,edison
# CONFIGURATION INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# can view ALL configuration information (hosts, commands, etc).
# By default, users can only view configuration information
# for the hosts and services they are contacts for. You may use
# an asterisk (*) to authorize any user who has authenticated
# to the web server.
authorized_for_configuration_information=nagiosadmin,edison
# SYSTEM/PROCESS COMMAND ACCESS
# This option is a comma-delimited list of all usernames that
# can issue shutdown and restart commands to Nagios via the
# command CGI (cmd.cgi). Users in this list can also change
# the program mode to active or standby. By default, *no one*
# has access to this unless you choose to not use authorization.
# You may use an asterisk (*) to authorize any user who has
# authenticated to the web server.
authorized_for_system_commands=nagiosadmin,edison
# GLOBAL HOST/SERVICE VIEW ACCESS
# These two options are comma-delimited lists of all usernames that
# can view information for all hosts and services that are being
# monitored. By default, users can only view information
# for hosts or services that they are contacts for (unless you
# you choose to not use authorization). You may use an asterisk (*)
# to authorize any user who has authenticated to the web server.
authorized_for_all_services=nagiosadmin,edison
authorized_for_all_hosts=nagiosadmin,edison
# GLOBAL HOST/SERVICE COMMAND ACCESS
# These two options are comma-delimited lists of all usernames that
# can issue host or service related commands via the command
# CGI (cmd.cgi) for all hosts and services that are being monitored.
# By default, users can only issue commands for hosts or services
# that they are contacts for (unless you you choose to not use
# authorization). You may use an asterisk (*) to authorize any
# user who has authenticated to the web server.
authorized_for_all_service_commands=nagiosadmin,edison
authorized_for_all_host_commands=nagiosadmin,edison
................. .................
6.启动Nagios
Nagios的启动程序是/usr/local/nagios/bin/nagios
# ./nagios --help
Nagios 3.0.3
Copyright (c) 1999-2008 Ethan Galstad (http://www.nagios.org)
Last Modified: 06-25-2008
License: GPL
Usage: ./nagios [options]
Options:
-v, --verify-config Verify all configuration data
-s, --test-scheduling Shows projected/recommended check scheduling and other
diagnostic info based on the current configuration files.
-x, --dont-verify-paths Don't check for circular object paths - USE WITH CAUTION!
-p, --precache-objects Precache object configuration - use with -v or -s options
-u, --use-precached-objects Use precached object config file
-d, --daemon Starts Nagios in daemon mode, instead of as a foreground process
Visit the Nagios website at http://www.nagios.org/ for bug fixes, new
releases, online documentation, FAQs, information on subscribing to
the mailing lists, and commercial support options for Nagios.
首先通过-v选项验证配置文件是否正确
# cd /usr/lcoal/nagios/bin
# ./nagios -v ../etc/nagios.cfg
Nagios 3.0.3
Copyright (c) 1999-2008 Ethan Galstad (http://www.nagios.org)
Last Modified: 06-25-2008
License: GPL
Reading configuration data...
Running pre-flight check on configuration data...
Checking services...
.........................................................
.............................................
Total Warnings: 0
Total Errors: 0
Things look okay - No serious problems were detected during the pre-flight check
如果没有错误,就可以启动它了。
# cd /usr/local/nagios/bin
# ./nagios -d /usr/local/nagios/etc/nagios.cfg
nagios web界面提示
It appears as though you do not have permission to view information for any of the services you requested...
打开cgi.cfg配置文件,里面有个参数:
use_authentication=1
为了保障系统的安全性,nagios设置了这个参数,默认为1,改为0即可
查看/usr/local/nagios/var/nagios.log日志文件,观察启动是否正常。
在IE浏览器中查看监控情况。
点击左边导航栏的 Host Detail
[日期:2009-01-15] 来源:Linux社区 作者:loveunix
Nagios是一个系统和网络监控软件,它可以监测所指定的主机和服务,并在出现问题以及问题恢复后发出报警。Nagios最早是被设计运行于Linux环境下的,但在大多数Unix操作系统下也可以使用。同时它是一个开源软件,我们可以免费获得它的源码,和使用它。Nagios是个不错的系统监控软件,www.britepic.org应用的范围也比较广泛。
本文将介绍Nagios在Solaris10操做系统下的安装过程,其中包括,源码的编译、安装;Apache的安装、Nagios CGI的配置;Nagios监控配置等。
本文参考了Nagios的官方文档和Nagios社区的文章,以及互联网上其他人的相关帖子。
环境、资源准备
gcc-3.4.6-sol10-x86-local.gz
libiconv-1.11-sol10-x86-local.gz
libintl-3.4.0-sol10-x86-local.gz
make-3.81-sol10-x86-local.gz
openssl-0.9.8h-sol10-x86-local.gz
gd-2.0.35-sol10-x86-local.gz
httpd-2.2.4.tar.gz
nagios-3.0.3.tar.gz
nagios-plugins-1.4.11.tar.gz
nrpe-2.12.tar.gz
1.安装Nagios
# groupadd nagios
# useradd -g nagios -d /usr/local/nagios nagios
# gunzip ./nagios-3.0.6.tar.gz
# tar xvf ./nagios-3.0.6.tar.gz
# cd ./nagios-3.0.6.tar.gz
# ./configure --prefix=/usr/local/nagios --with-nagios-user=nagios \
--with-nagios-group=nagios --with-gd-lib=/usr/sfw/lib \
--with-gd-inc=/usr/sfw/include
# make all
# make fullinstall
# make install-config
2.安装openssl
# gunzip ./openssl-0.9.8j-sol10-sparc-local.gz
# pkgadd -d ./openssl-0.9.8j-sol10-sparc-local
# export LD_LIBRARY_PATH=/usr/local/ssl/lib:$LD_LIBRARY_PATH
3.安装Nagios Plugins
# gunzip ./nagios-plugins-1.4.13.tar.gz
# tar xvf ./nagios-plugins-1.4.13.tar
# cd nagios-plugins-1.4.13
# ./configure --without-mysql --prefix=/usr/local/nagios --with-openssl=/usr/local/ssl
# make
# make install
# make clean
# chown -R nagios:nagios /usr/local/nagios/libexec
4.配置Apache
在/etc/apache2/httpd.conf文件追加如下内容
#setting for nagios
ScriptAlias /nagios/cgi-bin /usr/local/nagios/sbin
AuthType Basic
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthUserFile /usr/local/nagios/etc/htpasswd
Require valid-user
Alias /nagios /usr/local/nagios/share
AuthType Basic
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "nagios Access"
AuthUserFile /usr/local/nagios/etc/htpasswd
Require valid-user
5.生成登录用户和验证口令
# /usr/apache2/bin/htpasswd -c /usr/local/nagios/etc/htpasswd
此处的user_name为登录Nagios Web应用需要输入的用户名www.britepic.org
按照提示输入要设置的口令即可
配置/usr/local/nagios/etc/cgi.cfg,添加用户edison
................. .................
# SYSTEM/PROCESS INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# have access to viewing the Nagios process information as
# provided by the Extended Information CGI (extinfo.cgi). By
# default, *no one* has access to this unless you choose to
# not use authorization. You may use an asterisk (*) to
# authorize any user who has authenticated to the web server.
authorized_for_system_information=nagiosadmin,edison
# CONFIGURATION INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# can view ALL configuration information (hosts, commands, etc).
# By default, users can only view configuration information
# for the hosts and services they are contacts for. You may use
# an asterisk (*) to authorize any user who has authenticated
# to the web server.
authorized_for_configuration_information=nagiosadmin,edison
# SYSTEM/PROCESS COMMAND ACCESS
# This option is a comma-delimited list of all usernames that
# can issue shutdown and restart commands to Nagios via the
# command CGI (cmd.cgi). Users in this list can also change
# the program mode to active or standby. By default, *no one*
# has access to this unless you choose to not use authorization.
# You may use an asterisk (*) to authorize any user who has
# authenticated to the web server.
authorized_for_system_commands=nagiosadmin,edison
# GLOBAL HOST/SERVICE VIEW ACCESS
# These two options are comma-delimited lists of all usernames that
# can view information for all hosts and services that are being
# monitored. By default, users can only view information
# for hosts or services that they are contacts for (unless you
# you choose to not use authorization). You may use an asterisk (*)
# to authorize any user who has authenticated to the web server.
authorized_for_all_services=nagiosadmin,edison
authorized_for_all_hosts=nagiosadmin,edison
# GLOBAL HOST/SERVICE COMMAND ACCESS
# These two options are comma-delimited lists of all usernames that
# can issue host or service related commands via the command
# CGI (cmd.cgi) for all hosts and services that are being monitored.
# By default, users can only issue commands for hosts or services
# that they are contacts for (unless you you choose to not use
# authorization). You may use an asterisk (*) to authorize any
# user who has authenticated to the web server.
authorized_for_all_service_commands=nagiosadmin,edison
authorized_for_all_host_commands=nagiosadmin,edison
................. .................
6.启动Nagios
Nagios的启动程序是/usr/local/nagios/bin/nagios
# ./nagios --help
Nagios 3.0.3
Copyright (c) 1999-2008 Ethan Galstad (http://www.nagios.org)
Last Modified: 06-25-2008
License: GPL
Usage: ./nagios [options]
Options:
-v, --verify-config Verify all configuration data
-s, --test-scheduling Shows projected/recommended check scheduling and other
diagnostic info based on the current configuration files.
-x, --dont-verify-paths Don't check for circular object paths - USE WITH CAUTION!
-p, --precache-objects Precache object configuration - use with -v or -s options
-u, --use-precached-objects Use precached object config file
-d, --daemon Starts Nagios in daemon mode, instead of as a foreground process
Visit the Nagios website at http://www.nagios.org/ for bug fixes, new
releases, online documentation, FAQs, information on subscribing to
the mailing lists, and commercial support options for Nagios.
首先通过-v选项验证配置文件是否正确
# cd /usr/lcoal/nagios/bin
# ./nagios -v ../etc/nagios.cfg
Nagios 3.0.3
Copyright (c) 1999-2008 Ethan Galstad (http://www.nagios.org)
Last Modified: 06-25-2008
License: GPL
Reading configuration data...
Running pre-flight check on configuration data...
Checking services...
.........................................................
.............................................
Total Warnings: 0
Total Errors: 0
Things look okay - No serious problems were detected during the pre-flight check
如果没有错误,就可以启动它了。
# cd /usr/local/nagios/bin
# ./nagios -d /usr/local/nagios/etc/nagios.cfg
nagios web界面提示
It appears as though you do not have permission to view information for any of the services you requested...
打开cgi.cfg配置文件,里面有个参数:
use_authentication=1
为了保障系统的安全性,nagios设置了这个参数,默认为1,改为0即可
查看/usr/local/nagios/var/nagios.log日志文件,观察启动是否正常。
在IE浏览器中查看监控情况。
点击左边导航栏的 Host Detail
2009年4月16日 星期四
2009年4月10日 星期五
Linux 禁止 [Ctrl]-[Alt]-[Delete] 重新啟動
Linux 禁止 [Ctrl]-[Alt]-[Delete] 重新啟動
要禁止 Linux 按下 [Ctrl]-[Alt]-[Delete] 重新啟動,可以修改 /etc/inittab 設定檔實現。巨體方法如下:
1. 開啟 /etc/inittab
2. 找出以下一行:
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
3. 將這一行刪除,或者在這一行最開端加上 # 號。
4. 儲存檔案後重新啟動系統便會生效,如果不想重新啟動可以執行以下指令:
# init q
要禁止 Linux 按下 [Ctrl]-[Alt]-[Delete] 重新啟動,可以修改 /etc/inittab 設定檔實現。巨體方法如下:
1. 開啟 /etc/inittab
2. 找出以下一行:
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
3. 將這一行刪除,或者在這一行最開端加上 # 號。
4. 儲存檔案後重新啟動系統便會生效,如果不想重新啟動可以執行以下指令:
# init q
2009年4月9日 星期四
設定Asterisk 於Firewall 後
方法不難,只要在sip.conf加上幾行字然後再NAT開啟相對應的PORT就可以了。首先進入sip.conf的編輯畫面,
然後在[general]輸入以下字串即可。
externhost = test.ddns.org ; 自己所使用的domani name
externip = 168.39.5.6 ; isp提供的IP位址,或者是自己的聯外IP。如果使用的是撥接式adsl,此行可以省略,但記得申請DDNS,用doman name來作為替代。
localnet = 192.168.1.0/255.255.255.0 ; 區域網路所使用的IP位址/netmask。
nat = yes
然後在NAT的設定部份需開啟如下的PORT
sip udp port 5002~5082
rtp udp port 10000~20000
設定好之後,在終端模式下輸入
amportal stop
amportal start
然後在[general]輸入以下字串即可。
externhost = test.ddns.org ; 自己所使用的domani name
externip = 168.39.5.6 ; isp提供的IP位址,或者是自己的聯外IP。如果使用的是撥接式adsl,此行可以省略,但記得申請DDNS,用doman name來作為替代。
localnet = 192.168.1.0/255.255.255.0 ; 區域網路所使用的IP位址/netmask。
nat = yes
然後在NAT的設定部份需開啟如下的PORT
sip udp port 5002~5082
rtp udp port 10000~20000
設定好之後,在終端模式下輸入
amportal stop
amportal start
訂閱:
文章 (Atom)