:::: MENU ::::

Monthly Archives / November 2016

  • Nov 24 / 2016
  • 0
Linux

NRPE – Enable command args (Jessie, …)

With recent versions of NRPE server, the possibility to enable command args has been disabled.

For example, on a Debian Jessie, you can get this kind of error on console:

CHECK_NRPE: Received 0 bytes from daemon

and in logs:

Error: Request contained command arguments! 

!WARNING! This change can lead to security issue, this is why it has been disabled by default. You have to double check your servers can’t be reached from anywhere with NRPE commands (to avoid execution of unwanted or malicious code).

Once you’re sure there’s no security breach in your infra, you can go on with the installation of source:

cd /tmp
apt-get update
apt-get install -y build-essential devscripts debhelper libssl-dev dpatch libwrap0-dev autotools-dev
ln -s /usr/lib/x86_64-linux-gnu/libssl.so /usr/lib/libssl.so
apt-get source nagios-nrpe-server

Then, you’ll have to change the rules defined in the rules file:

cd nagios-nrpe-2.15/
vi debian/rules

You must add this line –enable-command-args after –libdir=/usr/lib/nagios.
You should so get something like

override_dh_auto_configure:
  ./configure 
    --prefix=/usr 
    --enable-ssl 
    --with-ssl-lib=/usr/lib/$(DEB_HOST_MULTIARCH) 
    --sysconfdir=/etc 
    --localstatedir=/var 
    --libexecdir=/usr/lib/nagios/plugins 
    --libdir=/usr/lib/nagios 
    --enable-comand-args

Finally, you can compile your new configuration and install it:

./configure
make all
cd ..
dpkg -i nagios-nrpe-server_2.15-1.1_amd64.deb

Ensure you set the value for dont_blame_nrpe in /etc/nagios/nrpe.cfg (this is the default path, it can be different depending on your installation).

dont_blame_nrpe=1

And here you go, you can now restart your NRPE server and send any nrpe commands.

  • Nov 21 / 2016
  • 0
Linux

Apache – mod_auth compatibility for 2.2 and 2.4

Since Apache 2.4, mod_auth changed and some directive like

Order allow,deny
Allow from all

that have been replaced with

Require all granted

If you want to automatically handle same configuration for multiple servers where different versions of Apache are installed, you can use this trick:

<IfModule mod_version.c>
  <IfVersion < 2.4>
    Order allow,deny
    Allow from all
  </IfVersion>
  <IfVersion >= 2.4>
    Require all granted
  </IfVersion>
</IfModule>
<IfModule !mod_version.c>
  Order allow,deny
  Allow from all
</IfModule>

Thanks to that change, your configuration will be working whatever version of Apache you’re using.

  • Nov 07 / 2016
  • 0
Database

PostgreSQL – Check value is in array

With PostgreSQL, if you have a field containing an Array and you want to get all the results containing this value in the array, you can use the following command.

Here, we are looking for all the results in the table my_table containing my_value in the field my_array.

SELECT * FROM my_table WHERE 'my_value'=ANY(my_array) ORDER BY id;

   id  |        type        |             title             |             my_array                                                            
-------+--------------------+-------------------------------+------------------------------------
 93646 | this_is_my_type    | this_is_my_title              | {my_1,my_2,my_3,my_value,my_4,my_5}
 94184 | this_is_my_type    | this_is_my_title2             | {my_3,my_value,my_4,my_5}
 98240 | this_is_my_type    | this_is_my_title3             | {my_1,my_2,my_3,my_value}             


Question ? Contact