Question

Service scan error on disks

G
Userlevel 1
Badge +5

I am getting an execution error when scanning linux hosts with NRPE. No issues on the Windows hosts.
 


Using 23.10

5 replies

S
Rank
Userlevel 2
Badge +2

Hi @gaetan.meister , 

I managed to reproduce the problem on a 23.10 platform for Linux hosts.
The problem I personally encountered on the platform was related to Gorgone's whitelists.

The autodiscovery command was not authorised to be executed by the Gorgone user.


First, you can enable debug logs for Centreon Gorgone in "Administration  >  Parameters  >  Debug" then check "Centreon Gorgone debug" and "Save"

After that, you could relaunch a service discovery, you should see lines like this in /var/log/centreon-gorgone/gorgoned.log

2024-05-06 10:05:34 - INFO - [action] command not allowed (whitelist): /usr/lib64/nagios/plugins/check_centreon_nrpe3 -H 127.0.0.1 -p 5666 -t 5 -u -c check_centreon_plugins  -a 'os::linux::local::plugin' 'list-storages' ' --disco-show'
2024-05-06 10:05:34 - DEBUG - [action] internal message: [PUTLOG] [svc-disco-4d33d7bc:1-8-18] [] {"data":{"message":"command not allowed (whitelist) at array index '0'"},"code":1,"token":"svc-disco-4d33d7bc:1-8-18","instant":null,"etime":1714982734}
2024-05-06 10:05:34 - DEBUG - [core] Message received internal - [PUTLOG] [svc-disco-4d33d7bc:1-8-18] [] {"data":{"message":"command not allowed (whitelist) at array index '0'"},"code":1,"token":"svc-disco-4d33d7bc:1-8-18","instant":null,"etime":1714982734}

If the error message is the same, there are two solutions: 

  • Disable the Gorgoned whitelist (not the most secure or recommended solution, but useful for debugging purposes): 

Edit the /etc/centreon-gorgone/config.d/40-gorgoned.yaml file and change the whitelist_cmds parameter to false then restart gorgoned

  • Add the discovery command to the whitelist: 

Create a custom file in the /etc/centreon-gorgone/config.d/whitelist.conf.d/ folder with the following line (for example): 

- \/usr\/lib64\/nagios\/plugins\/check_centreon_nrpe3\s+-H\s+\S+\s+-p\s+\d+\s+-t\s+\d+\s+-u\s+-c\s+\S+\s+-a\s+'.+'

then restart gorgoned

 

Hope it helps! 

G
Userlevel 1
Badge +5

Thks Samy. I’ll try this out today and will revert back ;-)

G
Userlevel 1
Badge +5

Unfortunately, that didn’t work. I’ve enabled debug and get the the same whitelist errors from the log but after amending the yaml file to disable the whitelist_cmds parameter and bouncing the gorgoned daemon, I still get the error

I’ll open a ticket
 


[root@mon centreon-gorgone]# grep whitelist_cmds /etc/centreon-gorgone/config.d/40-gorgoned.yaml
      whitelist_cmds: false

[root@mon centreon-gorgone]# systemctl restart gorgoned.service
[root@mon centreon-gorgone]#
[root@mon centreon-gorgone]# grep whitelist gorgoned.log
2024-05-07 10:59:39 - INFO - [action] command not allowed (whitelist): /usr/lib64/nagios/plugins/check_centreon_nrpe3 -H jira -p 5666 -t 5 -2 -c check_centreon_plugins  -a 'os::linux::local::plugin' 'list-storages' ' --disco-show'
2024-05-07 10:59:39 - DEBUG - [action] internal message: [PUTLOG] [svc-disco-58ac6f5d:15-32-495] [] {"code":1,"etime":1715075979,"data":{"message":"command not allowed (whitelist) at array index '0'"},"instant":null,"token":"svc-disco-58ac6f5d:15-32-495"}
2024-05-07 10:59:39 - DEBUG - [core] Message received internal - [PUTLOG] [svc-disco-58ac6f5d:15-32-495] [] {"code":1,"etime":1715075979,"data":{"message":"command not allowed (whitelist) at array index '0'"},"instant":null,"token":"svc-disco-58ac6f5d:15-32-495"}
2024-05-07 10:59:39 - DEBUG - [core] Message received internal - [SERVICEDISCOVERYLISTENER] [svc-disco-58ac6f5d:15-32-495] [] { "code": 1, "data": {"message":"command not allowed (whitelist) at array index '0'"} }
2024-05-07 10:59:39 - DEBUG - [autodiscovery] Event: [SERVICEDISCOVERYLISTENER] [svc-disco-58ac6f5d:15-32-495] [] { "code": 1, "data": {"message":"command not allowed (whitelist) at array index '0'"} }
2024-05-07 10:59:39 - DEBUG - [autodiscovery] internal message: [PUTLOG] [41c8053a5153ee740709888590db3be119ec6bb1bb914949895442c8f5ea5dbd78e64d4b27d8996ea9be0c6f8729259ef4b76f5c3594002c7102866b1a122a0e] [] {"token":"41c8053a5153ee740709888590db3be119ec6bb1bb914949895442c8f5ea5dbd78e64d4b27d8996ea9be0c6f8729259ef4b76f5c3594002c7102866b1a122a0e","instant":null,"data":{"count_discoveries":"1","journal":[],"failed_discoveries":1,"message":"discovery finished","manual":{"495":{"rules":{"32":{"message":"command not allowed (whitelist) at array index '0'","failed":1,"discovery":{}}}}}},"etime":1715075979,"code":2}
2024-05-07 10:59:39 - DEBUG - [core] Message received internal - [PUTLOG] [41c8053a5153ee740709888590db3be119ec6bb1bb914949895442c8f5ea5dbd78e64d4b27d8996ea9be0c6f8729259ef4b76f5c3594002c7102866b1a122a0e] [] {"token":"41c8053a5153ee740709888590db3be119ec6bb1bb914949895442c8f5ea5dbd78e64d4b27d8996ea9be0c6f8729259ef4b76f5c3594002c7102866b1a122a0e","instant":null,"data":{"count_discoveries":"1","journal":[],"failed_discoveries":1,"message":"discovery finished","manual":{"495":{"rules":{"32":{"message":"command not allowed (whitelist) at array index '0'","failed":1,"discovery":{}}}}}},"etime":1715075979,"code":2}
2024-05-07 11:00:24 - INFO - [action] command not allowed (whitelist): /usr/lib64/nagios/plugins/check_centreon_nrpe3 -H jira -p 5666 -t 5 -2 -c check_centreon_plugins  -a 'os::linux::local::plugin' 'list-storages' ' --disco-show'
2024-05-07 11:00:24 - DEBUG - [action] internal message: [PUTLOG] [svc-disco-fcbdda5d:1-32-495] [] {"code":1,"data":{"message":"command not allowed (whitelist) at array index '0'"},"token":"svc-disco-fcbdda5d:1-32-495","etime":1715076024,"instant":null}
2024-05-07 11:00:24 - DEBUG - [core] Message received internal - [PUTLOG] [svc-disco-fcbdda5d:1-32-495] [] {"code":1,"data":{"message":"command not allowed (whitelist) at array index '0'"},"token":"svc-disco-fcbdda5d:1-32-495","etime":1715076024,"instant":null}
2024-05-07 11:00:24 - DEBUG - [core] Message received internal - [SERVICEDISCOVERYLISTENER] [svc-disco-fcbdda5d:1-32-495] [] { "code": 1, "data": {"message":"command not allowed (whitelist) at array index '0'"} }
2024-05-07 11:00:24 - DEBUG - [autodiscovery] Event: [SERVICEDISCOVERYLISTENER] [svc-disco-fcbdda5d:1-32-495] [] { "code": 1, "data": {"message":"command not allowed (whitelist) at array index '0'"} }
2024-05-07 11:00:24 - DEBUG - [autodiscovery] internal message: [PUTLOG] [e67a00a64b2604cc06d7cedac5b29cbc4cf4b1998f16f1bc79ebf7000a76f1f5345f81c83750b6351347997b0cfb37fa6ed5eaa74f1f0825c831721812e6298c] [] {"data":{"journal":[],"count_discoveries":"1","failed_discoveries":1,"manual":{"495":{"rules":{"32":{"failed":1,"discovery":{},"message":"command not allowed (whitelist) at array index '0'"}}}},"message":"discovery finished"},"code":2,"token":"e67a00a64b2604cc06d7cedac5b29cbc4cf4b1998f16f1bc79ebf7000a76f1f5345f81c83750b6351347997b0cfb37fa6ed5eaa74f1f0825c831721812e6298c","etime":1715076024,"instant":null}
2024-05-07 11:00:24 - DEBUG - [core] Message received internal - [PUTLOG] [e67a00a64b2604cc06d7cedac5b29cbc4cf4b1998f16f1bc79ebf7000a76f1f5345f81c83750b6351347997b0cfb37fa6ed5eaa74f1f0825c831721812e6298c] [] {"data":{"journal":[],"count_discoveries":"1","failed_discoveries":1,"manual":{"495":{"rules":{"32":{"failed":1,"discovery":{},"message":"command not allowed (whitelist) at array index '0'"}}}},"message":"discovery finished"},"code":2,"token":"e67a00a64b2604cc06d7cedac5b29cbc4cf4b1998f16f1bc79ebf7000a76f1f5345f81c83750b6351347997b0cfb37fa6ed5eaa74f1f0825c831721812e6298c","etime":1715076024,"instant":null}
[root@mon centreon-gorgone]#
[root@mon centreon-gorgone]#

 

L
Userlevel 1
Badge +1

Same error... Always with 23.10 version

Laurent
Rank
Userlevel 6
Badge +19

Hi, did you disable allowed_commands in /ect/centreon-gorgoned/config.d/40-gorgoned.yaml file?

Reply


Terms & ConditionsCookie settings