远程主机solaris 10 x86(spark) 安装nagios plugins和nrpe

1. 建立nagios用户和组:
#groupadd nagios
#useradd -c "nagios system user" -d /usr/local/nagios -m nagios
#chown nagios:nagios /usr/local/nagios/

2. 把下载的nagios-plugins和nrpe放在/usr/local/src目录中

3. 解压缩
#gunzip nagios-plugins-1.4.13.tar.gz
#tar -xvf nagios-plugins-1.4.13.tar
#gunzip nrpe-2.12.tar.gz
#tar -xvf nrpe-2.12.tar

4. 安装nagios-plugins-1.4.13
#cd /usr/local/src/nagios-plugins-1.4.13
#PATH=$PATH:/usr/sbin:/usr/sfw/bin:/usr/ccs/bin
#./configure --without-mysql
#gmake clean
#gmake
#gmake install
#chown -R nagios:nagios /usr/local/nagios/libexec

5. 检查nagios-plugins运行是否正常
#/usr/local/nagios/libexec/check_disk -w 10 -c 5 -p /
DISK OK - free space: / 115686 MB (96% inode=98%);| /=4765MB;121658;121663;0;121668

6. 安装nrpe-2.12
#cd /usr/local/src/nrpe-2.12

修改./src/nrpe.c文件616-619行，原来内容为：
else if(!strcmp(varvalue,”authpriv”))
log_facility=LOG_AUTHPRIV;
else if(!strcmp(varvalue,”ftp”))
log_facility=LOG_FTP;
修改后为：
else if(!strcmp(varvalue,”authpriv”))
log_facility=LOG_AUTH;
else if(!strcmp(varvalue,”ftp”))
log_facility=LOG_DAEMON;

修改./src/nrpe.c文件222行，原来内容为：
SSL_CTX_set_cipher_list(ctx,"ADH");
修改后为：
SSL_CTX_set_cipher_list(ctx,"ADH:-ADH-AES256-SHA");

#./configure -with-ssl=/usr/sfw/ -with-ssl-lib=/usr/sfw/lib/
#gmake clean
#gmake all
#gmake install
#gmake install-daemon-config

7. 修改nrpe.cfg文件，根据个人需要修改

8. 把nrpe加入SMF管理
(1) 在/etc/services中加入以下内容
    nrpe 5666/tcp # NRPE

(2) 在/etc/inet/inetd.conf中加和以下内容
    nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i

(3) 使用inetconv将nrpe导入到SMF中
    # inetconv
      nrpe -> /var/svc/manifest/network/nrpe-tcp.xml
      Importing nrpe-tcp.xml …Done
    # inetconv -e
      svc:/network/nrpe/tcp:default enabled

(4) 检查nrpe是否为online
# svcs svc:/network/nrpe/tcp:default
STATE STIME FMRI
online 15:53:39 svc:/network/nrpe/tcp:default
# netstat -a | grep nrpe
*.nrpe *.* 0 0 49152 0 LISTEN

(5) 检查缺省参数
# inetadm -l svc:/network/nrpe/tcp:default
SCOPE NAME=VALUE
name="nrpe"
endpoint_type="stream"
proto="tcp"
isrpc=FALSE
wait=FALSE
exec="/usr/sfw/sbin/tcpd -c /usr/local/nagios/etc/nrpe.cfg -i"
arg0="/usr/local/nagios/bin/nrpe"
user="nagios"
default bind_addr=""
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=FALSE
default tcp_wrappers=FALSE
default connection_backlog=10

 (6) 如果tcp_wrappers=FALSE，则更改为tcp_wrappers=TRUE
# inetadm -m svc:/network/nrpe/tcp:default tcp_wrappers=TRUE

9. 修改NRPE端口的访问权限(仅允许本地和nagios 访问)
(1) 在/etc/hosts.allow加入
    nrpe: LOCAL, 10.0.0.45(nagios server IP地址)

(2) 在/etc/hosts.deny加入
    nrpe: ALL

10. 检查安装是否正确(返回版本值表示正常)
/usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12