[Xymon] Xymon application is not working

Siddesha Dodderi Hanumantharayappa Siddesha.Hanumantharayappa at ness.com
Mon Jun 3 19:41:30 CEST 2013


I have following information with me:

Xymon service is running.
OS is Red Hat Enterprise Linux Server release 6.2 (Santiago)

Below logs in "xymond.log"
2013-06-03 13:30:44 xymond servername MACHINE='uspvldmzlx29' not listed in hosts.cfg, dropping xymond status

Below logs in "xymongen.log"
2013-05-27 11:01:35 xymond status-board not available, code 7
2013-05-27 11:01:35 Failed to load current Xymon status, aborting page-update
2013-05-27 11:02:32 Whoops ! Failed to send message (timeout)
2013-05-27 11:02:32 ->
2013-05-27 11:02:32 ->  Recipient '161.230.144.78', timeout 15
2013-05-27 11:02:32 ->  1st line: 'xymondboard fields=hostname,testname,color,flags,lastchange,logtime,validtime,acktime,disabletime,sender,cookie,line1,acklist'

Below logs in "xymonlaunch.log"
2013-05-31 10:28:53 Setting up logfiles
2013-05-31 11:59:01 xymonlaunch starting
2013-05-31 11:59:01 Loading tasklist configuration from /home/xymon/server/etc/tasks.cfg
2013-05-31 11:59:01 Cannot open directory /home/xymon/server/etc/tasks.d
2013-05-31 11:59:01 Loading hostnames
2013-05-31 11:59:01 Loading saved state
2013-05-31 11:59:01 Setting up network listener on 0.0.0.0:1984
2013-05-31 11:59:01 Setting up signal handlers
2013-05-31 11:59:01 Setting up xymond channels
2013-05-31 11:59:01 Setting up logfiles

Below logs in "xymonnetagain.log"
2013-05-28 11:48:21 Execution of '/usr/local/sbin/fping -Ae' failed with error-code 4
2013-05-28 11:48:21 /usr/local/sbin/fping: can't create raw socket (must run as root?) : Operation not permitted

Please let me know if you need any more information.


From: Root, Paul T [mailto:Paul.Root at CenturyLink.com]
Sent: Monday, June 03, 2013 10:55 PM
To: Siddesha Dodderi Hanumantharayappa; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

You'll need to provide what "not working" means.

What's running on the system.
What is the OS?
What startup scripts are running?
What's in the log files for xymon?
What's in the logfiles for httpd?
What do you know about the OS in question?

From: Siddesha Dodderi Hanumantharayappa [mailto:Siddesha.Hanumantharayappa at ness.com]
Sent: Monday, June 03, 2013 12:06 PM
To: Root, Paul T; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

Please find I set it to as below:
[root at uspvldmzlx29 xymon]# ls -l /usr/local/sbin/fping
-rwsr-xr-x 1 root root 67404 Nov 27  2012 /usr/local/sbin/fping

Still Xymon not working, Please suggest me what next I should do?

Thanks,
Siddesh

From: Siddesha Dodderi Hanumantharayappa
Sent: Monday, June 03, 2013 8:42 PM
To: 'Root, Paul T'; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

Please let me know should I run

chmod u+s /usr/local/sbin/fping

OR

chmod -s /usr/local/sbin/fping


From: Siddesha Dodderi Hanumantharayappa
Sent: Monday, June 03, 2013 8:40 PM
To: 'Root, Paul T'; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

HI Paul,

I found this command "chmod -s /usr/local/sbin/fping" is that correct, can I execute it.


From: Root, Paul T [mailto:Paul.Root at CenturyLink.com]
Sent: Monday, June 03, 2013 8:33 PM
To: Siddesha Dodderi Hanumantharayappa; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

There you go. That's a problem. As we said last week. Fping has to be setuid.

Look at the chmod man page to learn how to set that.


From: Siddesha Dodderi Hanumantharayappa [mailto:Siddesha.Hanumantharayappa at ness.com]
Sent: Monday, June 03, 2013 9:53 AM
To: Root, Paul T; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

The result is as below:

[root at uspvldmzlx29 sbin]# pwd
/usr/local/sbin
[root at uspvldmzlx29 sbin]# ls -l
total 68
-r-xr-xr-x 1 root root 67404 Nov 27  2012 fping
[root at uspvldmzlx29 sbin]#


From: Root, Paul T [mailto:Paul.Root at CenturyLink.com]
Sent: Monday, June 03, 2013 8:02 PM
To: Siddesha Dodderi Hanumantharayappa; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

Not having a .../tasks.d directory is not a big deal. It is used for putting additional files in for specific tasks you want to run. It would be things you add, not the stock tasks. Makes upgrading a bit easier. And gives you better organization. It is not used "out of the box".

The ping command is not used by xymon. Xymon uses either xymonping (still in beta and not recommended) or fping. Do your "ls -l" on fping. If it's not setuid (-rwsr-xr-x probably) then it won't work correctly for xymon.


From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Siddesha Dodderi Hanumantharayappa
Sent: Monday, June 03, 2013 9:07 AM
To: Jeremy Laidman
Cc: xymon at xymon.com<mailto:xymon at xymon.com>
Subject: Re: [Xymon] Xymon application is not working

Hi Jeremy,

The information which you provided was so good, I have done the instruction provided by  the out is as follow:

[xymon at uspvldmzlx29 shanuma]$ grep -c ^ /home/xymon/server/etc/tasks.d/*
grep: /home/xymon/server/etc/tasks.d/*: No such file or directory
[xymon at uspvldmzlx29 shanuma]$ ls -l /bin/ping
-rwsr-xr-x. 1 root root 40760 Mar 22  2011 /bin/ping

Please let me know what should I do next.

Thanks,
Siddesh

From: Jeremy Laidman [mailto:jlaidman at rebel-it.com.au]
Sent: Monday, June 03, 2013 5:52 AM
To: Siddesha Dodderi Hanumantharayappa
Cc: xymon at xymon.com<mailto:xymon at xymon.com>
Subject: Re: [Xymon] Xymon application is not working

On 1 June 2013 05:04, Siddesha Dodderi Hanumantharayappa <Siddesha.Hanumantharayappa at ness.com<mailto:Siddesha.Hanumantharayappa at ness.com>> wrote:
2013-05-31 11:59:01 Loading tasklist configuration from /home/xymon/server/etc/tasks.cfg
2013-05-31 11:59:01 Cannot open directory /home/xymon/server/etc/tasks.d

This might be important.  Make sure that the user ID under which xymond process is running has permission to access the tasks.d directory.  For example, login as or switch to the xymon user and run 'grep -c ^ /home/xymon/server/etc/tasks.d/*'.

Although I don't think it would cause the problems you're seeing.  It seems like xymond is not running, and is causing the statusboard request to time-out.  Perhaps you can check that the IP address of 161.230.144.78 is your Xymon server.

The fping error relates to the fact that accessing a socket to send a low-level packet type (ICMP=ping) requires root privileges, and the xymon user is not permitted to do so.  It's the same for regular ping and regular users.  But most UNIX systems work around this by giving the ping binary a special permission flag called "set-UID" or "set user-ID".  Sometimes "set-GID" (set-group-ID) is set instead or as well as.  This flag tells the kernel to switch to the user and/or group that owns the file being executed, and as it is owned by the root user, it switches to root's user ID for the life of the process, so that it can do low-level packet stuff.

So if you run "ls -l /bin/ping" you should find that the set-UID bit is set, indicated by an "s" in place of the "x" in the "user" permissions.  Here's mine:

-rwsr-xr-x 1 root root 38112 2011-02-18 06:48 /bin/ping*

So this "s" means it's executable AND set-UID for the "root" user.

If you do the same thing for fping, you'll find it has an "x" instead of an "s", meaning it's executable, but without any special switch-user magic capability.  You can add the setuid flag with this command (run as root or under sudo):

chmod u+s /usr/local/sbin/fping

Before you do this, you should make sure that the fping binary is not writeable by non-root users.  If it is, then a non-root user can replace the contents of the file with their own, and they get to run it as root and then take over your machine.  Perhaps you could do something like (as root/sudo): "chmod ugo-w /usr/local/sbin/fping".  This will ensure that nobody has "write" permissions on the file.  Then check with "ls -l" and then, set the setuid flag.

If you're not sure about these permissions, check with your local security-aware sysadmin.

J

The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by forwarding this email to MailAdmin at ness.com<mailto:MailAdmin at ness.com> and then delete it from your system. Ness technologies is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by forwarding this email to MailAdmin at ness.com<mailto:MailAdmin at ness.com> and then delete it from your system. Ness technologies is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by forwarding this email to MailAdmin at ness.com<mailto:MailAdmin at ness.com> and then delete it from your system. Ness technologies is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by forwarding this email to MailAdmin at ness.com and then delete it from your system. Ness technologies is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20130603/f1c8d2f5/attachment.html>


More information about the Xymon mailing list