Ubuntu
nagios2 package

Home Folder for Nagios is wiped on Reboot

Bug #267802 reported by Chad Skeeters
2
Affects Status Importance Assigned to Milestone
nagios2 (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: nagios2

When setting up plugings to connect via ssh to check things on remote systems, it's nice to be able to setup RSA authentication. This requires files in ~/.ssh for the nagios user. The nagios user's home for the ubuntu package is /var/run/nagios2. If a user does figure out how to add known_hosts and id_rsa files in that folder when the computer restarts those files are wiped and the has to restore the files before the plugins will return OK. I'm suggesting that giving nagios a home folder that is not wiped will help reduce the time it takes for users to setup and use nagios.

debian/nagios2-common.postinst: adduser --system --group --home /var/run/nagios2 --no-create-home \

Revision history for this message
Thierry Carrez (ttx) wrote :

> This requires files in ~/.ssh for the nagios user

Not exactly. You can (and should) run ssh with the -F option to specify a configfile that will point to files in other locations. Example :

ssh -F /var/lib/nagios/ssh_config ...

/etc/nagios/ssh_config:
UserKnownHostsFile /var/lib/nagios/known_hosts
IdentityFile /var/lib/nagios/id_rsa
...

nagios shouldn't have a "real" home folder.

Closing as invalid, feel free to reopen if the provided solution is not working.

Changed in nagios2:
status: New → Invalid
Revision history for this message
Thierry Carrez (ttx) wrote :

I meant "ssh -F /etc/nagios/ssh_config ..."

Revision history for this message
Chad Skeeters (goobsoft) wrote : Re: [Bug 267802] Re: Home Folder for Nagios is wiped on Reboot

I think I agree with your points. I'm also still concerned that it's
hard to figure that out and I'm wondering if there is some other
change that can be made to help make RSA Authentication more
intuitive.

Most of my remote checks are via ssh, but they are run via the
check_by_ssh plugin since that's what comes with the software. When
new people look through the available plugins, they will likely notice
it and try to make use of it. However, I don't see an option that
allows a nagios specific configuration file to be specified and the
examples on http://nagiosplugins.org/man/check_by_ssh don't show
anything about specifying the config file either. Would I have to
modify check_by_ssh and add a "-config" parameter in order to utilize
your suggestion, or is there some easier way I don't know about?

Revision history for this message
Thierry Carrez (ttx) wrote :

The examples talk about using the -i option to provide a key. That might be sufficient. If the known_hosts part still use /var, then I think it is a case where the global /etc/ssh/ssh_known_hosts should be edited. If that's not sufficient, provide a -o parameter to pass the UserKnownHostsFile or IgnoreUserKnownHosts option.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.