Solved

I setup a Centreon poller,but i can't reload or restart

  • 1 December 2021
  • 16 replies
  • 2938 views

Badge +2

 

 

all is ok

all cfg file has changed 

but centengine NOT Reload or Restart

 

but poller NOT restart yet

 

/var/log/centreon-gorgone/gorgoned.log:


2021-12-01 09:39:12 - INFO - [action] Copy processing - Received chunk for '/etc/centreon-engine//'
2021-12-01 09:39:12 - INFO - [action] Copy processing - Copy to '/etc/centreon-engine//' finished successfully
2021-12-01 09:39:12 - INFO - [action] Copy processing - Received chunk for '/etc/centreon-broker/'
2021-12-01 09:39:12 - INFO - [action] Copy processing - Copy to '/etc/centreon-broker/' finished successfully

icon

Best answer by itoussies 1 December 2021, 11:27

View original

16 replies

Userlevel 3
Badge +9

Hello @hqm199,

In your Poller, what is the content of the file /etc/sudoers.d/centreon ?

Badge +2

Hello @hqm199,

In your Poller, what is the content of the file /etc/sudoers.d/centreon ?

[root@poller ~]# cat /etc/sudoers.d/centreon
## BEGIN: CENTREON SUDO

User_Alias      CENTREON=%centreon
Defaults:CENTREON !requiretty

# centreontrapd
CENTREON   ALL = NOPASSWD: /sbin/service centreontrapd start
CENTREON   ALL = NOPASSWD: /sbin/service centreontrapd stop
CENTREON   ALL = NOPASSWD: /sbin/service centreontrapd restart
CENTREON   ALL = NOPASSWD: /sbin/service centreontrapd reload
CENTREON   ALL = NOPASSWD: /usr/sbin/service centreontrapd start
CENTREON   ALL = NOPASSWD: /usr/sbin/service centreontrapd stop
CENTREON   ALL = NOPASSWD: /usr/sbin/service centreontrapd restart
CENTREON   ALL = NOPASSWD: /usr/sbin/service centreontrapd reload

# Centreon Engine
CENTREON   ALL = NOPASSWD: /sbin/service centengine start
CENTREON   ALL = NOPASSWD: /sbin/service centengine stop
CENTREON   ALL = NOPASSWD: /sbin/service centengine restart
CENTREON   ALL = NOPASSWD: /sbin/service centengine reload
CENTREON   ALL = NOPASSWD: /usr/sbin/service centengine start
CENTREON   ALL = NOPASSWD: /usr/sbin/service centengine stop
CENTREON   ALL = NOPASSWD: /usr/sbin/service centengine restart
CENTREON   ALL = NOPASSWD: /usr/sbin/service centengine reload
CENTREON   ALL = NOPASSWD: /bin/systemctl start centengine
CENTREON   ALL = NOPASSWD: /bin/systemctl stop centengine
CENTREON   ALL = NOPASSWD: /bin/systemctl restart centengine
CENTREON   ALL = NOPASSWD: /bin/systemctl reload centengine
CENTREON   ALL = NOPASSWD: /usr/bin/systemctl start centengine
CENTREON   ALL = NOPASSWD: /usr/bin/systemctl stop centengine
CENTREON   ALL = NOPASSWD: /usr/bin/systemctl restart centengine
CENTREON   ALL = NOPASSWD: /usr/bin/systemctl reload centengine

# Centreon Broker
CENTREON   ALL = NOPASSWD: /sbin/service cbd start
CENTREON   ALL = NOPASSWD: /sbin/service cbd stop
CENTREON   ALL = NOPASSWD: /sbin/service cbd restart
CENTREON   ALL = NOPASSWD: /sbin/service cbd reload
CENTREON   ALL = NOPASSWD: /usr/sbin/service cbd start
CENTREON   ALL = NOPASSWD: /usr/sbin/service cbd stop
CENTREON   ALL = NOPASSWD: /usr/sbin/service cbd restart
CENTREON   ALL = NOPASSWD: /usr/sbin/service cbd reload
CENTREON   ALL = NOPASSWD: /bin/systemctl start cbd
CENTREON   ALL = NOPASSWD: /bin/systemctl stop cbd
CENTREON   ALL = NOPASSWD: /bin/systemctl restart cbd
CENTREON   ALL = NOPASSWD: /bin/systemctl reload cbd
CENTREON   ALL = NOPASSWD: /usr/bin/systemctl start cbd
CENTREON   ALL = NOPASSWD: /usr/bin/systemctl stop cbd
CENTREON   ALL = NOPASSWD: /usr/bin/systemctl restart cbd
CENTREON   ALL = NOPASSWD: /usr/bin/systemctl reload cbd

## END: CENTREON SUDO

Userlevel 3
Badge +9

Hello,

What are the Gorgone logs on the central server when you export the configuration ?

Also you can try to manually restart the centengine Poller and then try to see if reloading/restarting work with the Web UI.

Badge +2

Hello,

What are the Gorgone logs on the central server when you export the configuration ?

Also you can try to manually restart the centengine Poller and then try to see if reloading/restarting work with the Web UI.

 

the Gorgone logs on the central serve:

2021-12-02 13:23:52 - ERROR - [autodiscovery] -class- host discovery - cannot get platform versions - Login error [code: '500'] [message: 'Internal Server Error']
2021-12-02 13:24:02 - INFO - [legacycmd] Handling command 'SENDCFGFILE', Target: '3'
2021-12-02 13:24:02 - INFO - [legacycmd] Handling command 'SENDCBCFG', Target: '3'
2021-12-02 13:24:02 - INFO - [legacycmd] Handling command 'RESTART', Target: '1'
2021-12-02 13:24:02 - INFO - [legacycmd] Handling command 'RESTART', Target: '3'
2021-12-02 13:24:07 - INFO - [proxy] Received setlogs for '3'
2021-12-02 13:24:27 - INFO - [proxy] Pong received from '3'
 

manually restart the centengine Poller in the Web UI can find it works , Uptime changed to new

 

 

 

 

Userlevel 3
Badge +9

Yes the uptime changed because you manually restarted centengine. But now, does it work when you export the configuration and restart via the Web UI ? 

Userlevel 1
Badge +2

Hello!

I had the same issue in 21.04, I found that restarting centreon service on the pollers resolve everything.

Maybe you start one too soon.

Hope It will help.

Badge +2

Yes the uptime changed because you manually restarted centengine. But now, does it work when you export the configuration and restart via the Web UI ? 

manually restarted centengine it works but restart via web UI still can't restart or reload 

Badge +2

Hello!

I had the same issue in 21.04, I found that restarting centreon service on the pollers resolve everything.

Maybe you start one too soon.

Hope It will help.

Thank you  but I try it like this restart centreon  then in web UI find uptime change to new . but when I try to restart via web UI I found  cfg files has changed but centreon engin not restart or reload.

Userlevel 1
Badge +2

Did you allow centreon group to access to your poller in access.conf ?

Userlevel 6
Badge +18

Hi, can you check in /var/log/messages on your poller if you don”t have security errors?

Can you also check centreon, centreon-gorgone and centreon-engine groups:

# cat /etc/group | grep centreon
centreon:x:995:centreon-gorgone,centreon-engine,centreon-broker
nagios:x:994:centreon-engine,centreon-broker
centreon-broker:x:993:centreon,nagios,centreon-engine,centreon-gorgone
centreon-engine:x:992:centreon-broker,nagios,centreon,centreon-gorgone
centreon-gorgone:x:990:centreon,centreon-engine,centreon-broker

centreon-gorgone user must be part of centreon group to allow to use sudoers definitions

Can you try to restart gorgoned on your poller?

Badge +2

Hi, can you check in /var/log/messages on your poller if you don”t have security errors?

Can you also check centreon, centreon-gorgone and centreon-engine groups:

# cat /etc/group | grep centreon
centreon:x:995:centreon-gorgone,centreon-engine,centreon-broker
nagios:x:994:centreon-engine,centreon-broker
centreon-broker:x:993:centreon,nagios,centreon-engine,centreon-gorgone
centreon-engine:x:992:centreon-broker,nagios,centreon,centreon-gorgone
centreon-gorgone:x:990:centreon,centreon-engine,centreon-broker

centreon-gorgone user must be part of centreon group to allow to use sudoers definitions

Can you try to restart gorgoned on your poller?

 

on my poller:

[root@poller ~]# cat /etc/group | grep centreon
centreon:x:997:centreon-gorgone,centreon-engine,centreon-broker
nagios:x:996:centreon-engine,centreon-broker
centreon-engine:x:995:nagios,centreon-broker,centreon,centreon-gorgone
centreon-broker:x:994:centreon,centreon-engine,nagios,centreon-gorgone
centreon-gorgone:x:993:centreon,centreon-engine,centreon-broke

on centreon server

[root@centreon2110 centreon-gorgone]# cat /etc/group | grep centreon
centreon:x:997:centreon-gorgone,centreon-engine,centreon-broker,apache
nagios:x:996:centreon-engine,centreon-broker,apache
centreon-engine:x:995:nagios,centreon-broker,centreon,centreon-gorgone,apache
centreon-broker:x:994:centreon,centreon-engine,nagios,centreon-gorgone,apache
apache:x:48:nagios,centreon,centreon-gorgone
centreon-gorgone:x:991:centreon,centreon-engine,centreon-broker,apache

 

i restart gorgoned on my poller,it works   this only can’t restart/reload via webUI

Userlevel 6
Badge +18

What is the result of the following command:

# su - centreon-gorgone -s /bin/bash -c 'sudo systemctl restart centengine'

And this one:

# cat /var/log/secure | grep "centreon-gorgone"

 

Badge +2

Thanks for all .

I got that why 

only because i have not install sudo on poller  

sorry for all ,  I found file /etc/sudoers.d/centreon

so iI thought I had installed sudo .

 It was a mistake

so   yum  install -y sodu can solve this problem

Userlevel 6
Badge +18

Thank you @hqm199 for your feedback

Badge +2

Hi all,

I’m having a similar issue where reloads/restarts, but also other commands from the Centreon interface such as acknowledge, schedule downtime, don’t work. We’ve migrated our Centreon install from Alma to Debian. After which the issue occurred.

Below are the commands as configured in the poller:

I’m able to execute these commands as both centreon, centreon-gorgone and www-data:

su - centreon -s /bin/bash -c 'sudo systemctl restart centengine'
su - centreon-gorgone -s /bin/bash -c 'sudo systemctl restart centengine'
su - www-data -s /bin/bash -c 'sudo systemctl restart centengine'

I know it works as I can see the poller uptime reset in the webinterface. However when restarting the engine through the webinterface nothing happens (configuration files are exported/updated, but services aren’t restarted or reloaded).

I don’t think this is a sudoers permission issue as I’m able to execute the commands fine from the required users. What could be going wrong here?

Badge +2

Upon further investigation I found the following:

root@monitor2:~# tail -f /var/log/auth.log
Aug 30 14:57:46 monitor2 sudo: pam_unix(sudo:auth): conversation failed
Aug 30 14:57:46 monitor2 sudo: pam_unix(sudo:auth): auth could not identify password for [www-data]
Aug 30 14:57:46 monitor2 sudo: www-data : command not allowed ; PWD=/usr/share/centreon/www ; USER=root ; COMMAND=/usr/bin/sudo /bin/systemctl reload cbd
root@monitor2:~# su - www-data -s /bin/bash -c '/usr/bin/sudo /bin/systemctl restart centengine'
root@monitor2:~#

But if I execute the command manually as www-data it works fine.

Reply