nagiosの立ち上げ〜その3〜
仕切りなおし
http://journal.mycom.co.jp/column/yetanother/076/
Options FollowSymLinks AllowOverride Options AddHandler cgi-script .cgi
また、Fedora Core等ではSELinuxが特定のディレクトリ外でのCGI実行をブロックしてしまうことがある。もしもCGI実行時に"Internal Server Error"などのエラーの遭遇した場合は、以下のコマンドを実行してみよう。
# chcon -R -h -t httpd_sys_content_t /usr/local/nagios/sbin
↓
# chcon -R -h -t httpd_sys_content_t /usr/lib/nagios/cgi-bin
この時点でのエラー画面
Whoops!
Error: Could not read object configuration data!Here are some things you should check in order to resolve this error:
Verify configuration options using the -v command-line option to check for errors.
Check the Nagios log file for messages relating to startup or status data errors.
Make sure you've compiled the main program and the CGIs to use the same object data storage options (i.e. default text file or template-based file).Make sure you read the documentation on installing, configuring and running Nagios thoroughly before continuing. If all else fails, try sending a message to one of the mailing lists. More information can be found at http://www.nagios.org.
*
[root@linux38 conf]# chcon -R -h -t httpd_sys_content_t /usr/lib/nagios/cgi-bin
chcon -R -h -t httpd_sys_script_t: /usr/lib/nagios/cgi-bin
audit(1161865518.778:73): avc: denied { read } for pid=2766 comm="status.cgi" name="objects.cache" dev=hda2 ino=7404049 scontext=user_u:system_r:httpd_sys_script_t:s0 tcontext=user_u:object_r:var_log_t:s0 tclass=file
■変更前
[root@linux38 nagios]# ls -la --context ../|grep nagi drwxr-xr-x nagios nagios system_u:object_r:var_log_t nagios
[root@linux38 nagios]# ls -la --context drwxr-xr-x nagios nagios system_u:object_r:var_log_t . drwxr-xr-x root root system_u:object_r:var_log_t .. drwxr-xr-x nagios nagios system_u:object_r:var_log_t archives
rw-rw-r-- nagios nagios user_u:object_r:var_log_t comments.dat
rw-rw-r-- nagios nagios user_u:object_r:var_log_t downtime.dat
rw-r--r-- nagios nagios user_u:object_r:var_log_t nagios.log
rw-r--r-- nagios nagios user_u:object_r:var_log_t objects.cache
rw------- nagios nagios user_u:object_r:var_log_t retention.dat [root@linux38 nagios]#
■変更後
chcon -R -h -t httpd_sys_content_t /var/log/nagios
[root@linux38 nagios]# chcon -R -h -t httpd_sys_content_t /var/log/nagios
[root@linux38 nagios]# ls -la --context ../|grep nagi drwxr-xr-x nagios nagios system_u:object_r:httpd_sys_content_t nagios
[root@linux38 nagios]# ls -la --context drwxr-xr-x nagios nagios system_u:object_r:httpd_sys_content_t . drwxr-xr-x root root system_u:object_r:var_log_t .. drwxr-xr-x nagios nagios system_u:object_r:httpd_sys_content_t archives
rw-rw-r-- nagios nagios user_u:object_r:httpd_sys_content_t comments.dat
rw-rw-r-- nagios nagios user_u:object_r:httpd_sys_content_t downtime.dat
rw-r--r-- nagios nagios user_u:object_r:httpd_sys_content_t nagios.log
rw-r--r-- nagios nagios user_u:object_r:httpd_sys_content_t objects.cache
rw------- nagios nagios user_u:object_r:httpd_sys_content_t retention.dat
Whoops! Error: Could not read host and service status information!
The most common cause of this error message (especially for new users), is the fact that Nagios is not actually running. If Nagios is indeed not running, this is a normal error message. It simply indicates that the CGIs could not obtain the current status of hosts and services that are being monitored. If you've just installed things, make sure you read the documentation on starting Nagios.
Some other things you should check in order to resolve this error include:
Check the Nagios log file for messages relating to startup or status data errors. Always verify configuration options using the -v command-line option before starting or restarting Nagios! Make sure you've compiled the main program and the CGIs to use the same status data storage options (i.e. text file or database). If the main program is storing status data in a text file and the CGIs are trying to read status data from a database, you'll have problems.
Make sure you read the documentation on installing, configuring and running Nagios thoroughly before continuing. If all else fails, try sending a message to one of the mailing lists. More information can be found at http://www.nagios.org.
デーモンが動いてないんじゃないの?
って書いてる。
はい、そうでした。
[root@linux38 nagios]# ps -ef |grep nagi root 2963 2144 0 21:37 pts/1 00:00:00 grep nagi [root@linux38 nagios]# /etc/init.d/nagios start Starting network monitor: nagios
cgiの実行画面は出たけど、まだダメだ。
出来た!
最後の戦いの内容
apacheの認証(htacess)あたりの理解が不足していた。
nagiosのWebサイトのアカウントとして「nagios-admin」というアカウントを作った。これはOSとかmysqlとかのアカウントとは関係ない。このアカウントに関連した箇所は下記の3つ。
- Basic認証時に使うnagios-adminユーザのパスワードを格納したファイル。
- nagiosにとってのユーザ(webインタフェースに限らず全般的なユーザ)登録。
- /etc/nagios/minimal.cfg
define contact{
contact_name nagios-admin
AuthName "nagios-admin"
