[Xymon] Xymon application is not working

Siddesha Dodderi Hanumantharayappa Siddesha.Hanumantharayappa at ness.com
Tue Jun 4 01:06:24 CEST 2013


Hi Paul,

Please find my in lines in Red color


1)      Xymond.log

a.       This is telling you that a client machine is sending updates to the server as machine name 'uspvldmzlx29', and that the server doesn't know about that machine. That means 1 of two things

                                                               i.      The machine is not in ~xymon/server/etc/hosts.cfg

                                                             ii.      There is a mismatch in the name provided by the client machine verses what the server has in hosts.cfg


a.       'uspvldmzlx29' my Xymon server, actually Xymon stopped working after I removed 3 unwanted host entry from hosts.cfg file

i.                    All the machine is in /home/xymon/server/etc/hosts.cfg

ii.                  I pretty sure that no mismatch in the name


2)      Xymongen.log

a.       Not sure about this. Looks like xymon possibly has not come up right, a process hasn't started that should.

b.      Provide a "ps -ef"

Please find the "ps -ef" result below:

[root at uspvldmzlx29 xymon]# ps -ef
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0 May28 ?        00:00:01 /sbin/init
root         2     0  0 May28 ?        00:00:00 [kthreadd]
root         3     2  0 May28 ?        00:00:00 [migration/0]
root         4     2  0 May28 ?        00:00:00 [ksoftirqd/0]
root         5     2  0 May28 ?        00:00:00 [migration/0]
root         6     2  0 May28 ?        00:00:00 [watchdog/0]
root         7     2  0 May28 ?        00:00:00 [events/0]
root         8     2  0 May28 ?        00:00:00 [cpuset]
root         9     2  0 May28 ?        00:00:00 [khelper]
root        10     2  0 May28 ?        00:00:00 [netns]
root        11     2  0 May28 ?        00:00:00 [async/mgr]
root        12     2  0 May28 ?        00:00:00 [pm]
root        13     2  0 May28 ?        00:00:00 [sync_supers]
root        14     2  0 May28 ?        00:00:00 [bdi-default]
root        15     2  0 May28 ?        00:00:00 [kintegrityd/0]
root        16     2  0 May28 ?        00:00:01 [kblockd/0]
root        17     2  0 May28 ?        00:00:00 [kacpid]
root        18     2  0 May28 ?        00:00:00 [kacpi_notify]
root        19     2  0 May28 ?        00:00:00 [kacpi_hotplug]
root        20     2  0 May28 ?        00:00:00 [ata/0]
root        21     2  0 May28 ?        00:00:00 [ata_aux]
root        22     2  0 May28 ?        00:00:00 [ksuspend_usbd]
root        23     2  0 May28 ?        00:00:00 [khubd]
root        24     2  0 May28 ?        00:00:00 [kseriod]
root        25     2  0 May28 ?        00:00:00 [md/0]
root        26     2  0 May28 ?        00:00:00 [md_misc/0]
root        27     2  0 May28 ?        00:00:00 [khungtaskd]
root        28     2  0 May28 ?        00:00:00 [kswapd0]
root        29     2  0 May28 ?        00:00:00 [ksmd]
root        30     2  0 May28 ?        00:00:00 [khugepaged]
root        31     2  0 May28 ?        00:00:00 [aio/0]
root        32     2  0 May28 ?        00:00:00 [crypto/0]
root        37     2  0 May28 ?        00:00:00 [kthrotld/0]
root        39     2  0 May28 ?        00:00:00 [kpsmoused]
root        40     2  0 May28 ?        00:00:00 [usbhid_resumer]
root        71     2  0 May28 ?        00:00:00 [kstriped]
root       213     2  0 May28 ?        00:00:00 [scsi_eh_0]
root       214     2  0 May28 ?        00:00:00 [scsi_eh_1]
root       220     2  0 May28 ?        00:00:00 [mpt_poll_0]
root       221     2  0 May28 ?        00:00:00 [mpt/0]
root       222     2  0 May28 ?        00:00:00 [scsi_eh_2]
root       299     2  0 May28 ?        00:00:00 [kdmflush]
root       301     2  0 May28 ?        00:00:00 [kdmflush]
root       320     2  0 May28 ?        00:00:08 [jbd2/dm-1-8]
root       321     2  0 May28 ?        00:00:00 [ext4-dio-unwrit]
root       361     2  0 May28 ?        00:00:01 [kauditd]
root       405     1  0 May28 ?        00:00:00 /sbin/udevd -d
root       686     2  0 May28 ?        00:00:00 [vmmemctl]
root       839   405  0 May28 ?        00:00:00 /sbin/udevd -d
root       840   405  0 May28 ?        00:00:00 /sbin/udevd -d
root       857     2  0 May28 ?        00:00:00 [kdmflush]
root       894     2  0 May28 ?        00:00:00 [jbd2/sda1-8]
root       895     2  0 May28 ?        00:00:00 [ext4-dio-unwrit]
root       896     2  0 May28 ?        00:00:00 [jbd2/dm-2-8]
root       897     2  0 May28 ?        00:00:00 [ext4-dio-unwrit]
root      1165     1  0 May28 ?        00:00:00 /sbin/rsyslogd -i /var/run/syslogd.pid -c 4
root      1174     2  0 May28 ?        00:00:01 [flush-253:1]
rpc       1209     1  0 May28 ?        00:00:00 rpcbind
dbus      1235     1  0 May28 ?        00:00:00 dbus-daemon --system
root      1245     1  0 May28 ?        00:00:00 NetworkManager --pid-file=/var/run/NetworkManager/NetworkManager.pid
root      1249     1  0 May28 ?        00:00:00 /usr/sbin/modem-manager
avahi     1257     1  0 May28 ?        00:00:01 avahi-daemon: running [uspvldmzlx29.local]
avahi     1258  1257  0 May28 ?        00:00:00 avahi-daemon: chroot helper
root      1282     1  0 May28 ?        00:00:00 /usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -B -u -f /var/log/wpa_supplicant.log -P /
rpcuser   1283     1  0 May28 ?        00:00:00 rpc.statd
root      1341     2  0 May28 ?        00:00:00 [rpciod/0]
root      1345     1  0 May28 ?        00:00:00 rpc.idmapd
root      1355     1  0 May28 ?        00:00:00 cupsd -C /etc/cups/cupsd.conf
root      1366     1  0 May28 ?        00:00:00 /usr/sbin/acpid
68        1375     1  0 May28 ?        00:00:03 hald
root      1376  1375  0 May28 ?        00:00:00 hald-runner
root      1419  1376  0 May28 ?        00:00:00 hald-addon-input: Listening on /dev/input/event2 /dev/input/event0
68        1422  1376  0 May28 ?        00:00:00 hald-addon-acpi: listening on acpid socket /var/run/acpid.socket
root      1441     1  0 May28 ?        00:00:01 automount --pid-file /var/run/autofs.pid
root      1462     1  0 May28 ?        00:00:00 /usr/sbin/mcelog --daemon
root      1630     1  0 May28 ?        00:07:03 /usr/sbin/vmtoolsd
root      1672     1  0 May28 ?        00:00:00 /usr/sbin/sshd
root      1752     1  0 May28 ?        00:00:07 /usr/libexec/postfix/master
postfix   1768  1752  0 May28 ?        00:00:05 qmgr -l -t fifo -u
root      1776     1  0 May28 ?        00:00:00 /usr/sbin/abrtd
root      1784     1  0 May28 ?        00:00:00 abrt-dump-oops -d /var/spool/abrt -rwx /var/log/messages
root      1798     1  0 May28 ?        00:00:20 /bin/bash /usr/sbin/ksmtuned
qpidd     1810     1  0 May28 ?        00:00:42 /usr/sbin/qpidd --data-dir /var/lib/qpidd --daemon
root      1842     1  0 May28 ?        00:00:03 crond
root      1853     1  0 May28 ?        00:00:00 /usr/sbin/atd
root      1864     1  0 May28 ?        00:00:00 rhnsd
root      1875     1  0 May28 ?        00:00:00 /usr/bin/rhsmcertd 240 1440
root      1877  1875  0 May28 ?        00:00:00 /usr/bin/rhsmcertd 240 1440
root      1899     1  0 May28 ?        00:00:00 /usr/sbin/gdm-binary -nodaemon
root      1906     1  0 May28 tty2     00:00:00 /sbin/mingetty /dev/tty2
root      1910     1  0 May28 tty3     00:00:00 /sbin/mingetty /dev/tty3
root      1914     1  0 May28 tty4     00:00:00 /sbin/mingetty /dev/tty4
root      1919     1  0 May28 tty5     00:00:00 /sbin/mingetty /dev/tty5
root      1924     1  0 May28 tty6     00:00:00 /sbin/mingetty /dev/tty6
root      1929  1899  0 May28 ?        00:00:00 /usr/libexec/gdm-simple-slave --display-id /org/gnome/DisplayManager/Display1 --force-active-vt
root      1931  1929  0 May28 tty1     00:00:13 /usr/bin/Xorg :0 -nr -verbose -auth /var/run/gdm/auth-for-gdm-qkhHYP/database -nolisten tcp vt1
root      1946     1  0 May28 ?        00:00:00 /usr/sbin/console-kit-daemon --no-daemon
gdm       2016     1  0 May28 ?        00:00:00 /usr/bin/dbus-launch --exit-with-session
gdm       2017     1  0 May28 ?        00:00:00 /bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session
gdm       2018  1929  0 May28 ?        00:00:00 /usr/bin/gnome-session --autostart=/usr/share/gdm/autostart/LoginWindow/
root      2021     1  0 May28 ?        00:00:00 /usr/libexec/devkit-power-daemon
gdm       2025     1  0 May28 ?        00:00:02 /usr/libexec/gconfd-2
gdm       2042  2018  0 May28 ?        00:00:02 /usr/libexec/at-spi-registryd
gdm       2044     1  0 May28 ?        00:15:31 /usr/libexec/gnome-settings-daemon --gconf-prefix=/apps/gdm/simple-greeter/settings-manager-plugins
gdm       2046     1  0 May28 ?        00:00:00 /usr/libexec/bonobo-activation-server --ac-activate --ior-output-fd=12
gdm       2053     1  0 May28 ?        00:00:00 /usr/libexec/gvfsd
gdm       2054  2018  0 May28 ?        00:00:02 metacity
gdm       2055  2018  0 May28 ?        00:00:05 gnome-power-manager
gdm       2056  2018  0 May28 ?        00:00:15 /usr/libexec/gdm-simple-greeter
gdm       2057  2018  0 May28 ?        00:00:00 /usr/libexec/polkit-gnome-authentication-agent-1
gdm       2059  2018  0 May28 ?        00:00:00 plymouth-log-viewer --icon
root      2061     1  0 May28 ?        00:00:00 /usr/libexec/polkit-1/polkitd
gdm       2070     1  0 May28 ?        00:00:00 /usr/bin/pulseaudio --start --log-target=syslog
rtkit     2072     1  0 May28 ?        00:00:07 /usr/libexec/rtkit-daemon
root      2077  1929  0 May28 ?        00:00:00 pam: gdm-password
root      2110     1  0 May28 ?        00:00:00 auditd
root      2130  1672  0 May31 ?        00:00:00 sshd: shanuma [priv]
shanuma   2141  2130  0 May31 ?        00:00:03 sshd: shanuma at pts/1
shanuma   2142  2141  0 May31 pts/1    00:00:00 -ksh
root      2165  2142  0 May31 pts/1    00:00:00 su xymon
xymon     2277  2165  0 May31 pts/1    00:00:00 bash
xymon     4326     1  0 12:45 ?        00:00:00 /home/xymon/server/bin/xymonlaunch --config=/home/xymon/server/etc/tasks.cfg --env=/home/xymon/server/etc/xym
xymon     4327  4326  0 12:45 ?        00:00:05 xymond --pidfile=/var/log/xymon/xymond.pid --restart=/home/xymon/server/tmp/xymond.chk --checkpoint-file=/hom
xymon     4328  4326  0 12:45 ?        00:00:00 xymond_channel --channel=stachg --log=/var/log/xymon/history.log xymond_history --pidfile=/var/log/xymon/xymo
xymon     4329  4326  0 12:45 ?        00:00:00 xymond_channel --channel=page --log=/var/log/xymon/alert.log xymond_alert --checkpoint-file=/home/xymon/serve
xymon     4330  4326  0 12:45 ?        00:00:00 xymond_channel --channel=client --log=/var/log/xymon/clientdata.log xymond_client
xymon     4331  4326  0 12:45 ?        00:00:00 xymond_channel --channel=status --log=/var/log/xymon/rrd-status.log xymond_rrd --rrddir=/home/xymon/data/rrd
xymon     4332  4326  0 12:45 ?        00:00:00 xymond_channel --channel=data --log=/var/log/xymon/rrd-data.log xymond_rrd --rrddir=/home/xymon/data/rrd
xymon     4333  4326  0 12:45 ?        00:00:00 xymond_channel --channel=clichg --log=/var/log/xymon/hostdata.log xymond_hostdata
xymon     4428  4328  0 12:45 ?        00:00:00 xymond_history --pidfile=/var/log/xymon/xymond_history.pid
xymon     4429  4331  0 12:45 ?        00:00:02 xymond_rrd --rrddir=/home/xymon/data/rrd
xymon     4440  4329  0 12:45 ?        00:00:00 xymond_alert --checkpoint-file=/home/xymon/server/tmp/alert.chk --checkpoint-interval=600
root     12642     1  0 May29 ?        00:00:01 /opt/tivoli/tsm/client/ba/bin/dsmcad
xymon    15719     1  0 18:42 ?        00:00:00 sh -c vmstat 300 2 1>/home/xymon/client/tmp/xymon_vmstat.uspvldmzlx29.15639 2>&1; mv /home/xymon/client/tmp/x
xymon    15721 15719  0 18:42 ?        00:00:00 vmstat 300 2
postfix  15740  1752  0 18:43 ?        00:00:00 pickup -l -t fifo -u
root     15750  1798  0 18:44 ?        00:00:00 sleep 60
root     15755 31327  2 18:45 pts/1    00:00:00 ps -ef
root     30002  2277  0 09:53 pts/1    00:00:00 su xymon
xymon    30160 30002  0 09:53 pts/1    00:00:00 bash
root     30219 30160  0 09:55 pts/1    00:00:00 su shanuma
shanuma  30374 30219  0 09:55 pts/1    00:00:00 ksh
root     30418 30374  0 09:55 pts/1    00:00:00 su xymon
xymon    30423 30418  0 09:55 pts/1    00:00:00 bash
root     31120 30423  0 10:15 pts/1    00:00:00 su shanuma
shanuma  31313 31120  0 10:15 pts/1    00:00:00 ksh
root     31326 31313  0 10:15 pts/1    00:00:00 sudo bash
root     31327 31326  0 10:15 pts/1    00:00:00 bash
[root at uspvldmzlx29 xymon]#



3)      Xymonnetagain.log

a.       Well your chmod should have fixed this. And I see the logs are old so perhaps they did.

Here is the last 4 logs for Xymonnetagain.log, this I was executed at server time 2013-06-03 18:55

2013-05-31 19:40:27 Execution of '/usr/local/sbin/fping -Ae' failed with error-code 4
2013-05-31 19:40:27 /usr/local/sbin/fping: can't create raw socket (must run as root?) : Operation not permitted
2013-05-31 19:41:27 Execution of '/usr/local/sbin/fping -Ae' failed with error-code 4
2013-05-31 19:41:27 /usr/local/sbin/fping: can't create raw socket (must run as root?) : Operation not permitted
2013-06-03 12:09:00 Execution of '/usr/local/sbin/fping -Ae' failed with error-code 4
2013-06-03 12:09:00 /usr/local/sbin/fping: can't create raw socket (must run as root?) : Operation not permitted

Please let me know if any more information required from my side to analyses this issue. If possible can you please take remote control of my server to fix the issue.


Thanks,
Siddesh
From: Root, Paul T [mailto:Paul.Root at CenturyLink.com]
Sent: Tuesday, June 04, 2013 12:12 AM
To: Siddesha Dodderi Hanumantharayappa; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

Not much to go on here. You still don't say what not working means.

What we see here:

1)      Xymond.log

a.       This is telling you that a client machine is sending updates to the server as machine name 'uspvldmzlx29', and that the server doesn't know about that machine. That means 1 of two things

                                                               i.      The machine is not in ~xymon/server/etc/hosts.cfg

                                                             ii.      There is a mismatch in the name provided by the client machine verses what the server has in hosts.cfg

2)      Xymongen.log

a.       Not sure about this. Looks like xymon possibly has not come up right, a process hasn't started that should.

b.      Provide a "ps -ef"

3)      Xymonlaunch.log

a.       As I've said before, this probably isn't an issue. Tasks.d is used for local customization not by default.

4)      Xymonnetagain.log

a.       Well your chmod should have fixed this. And I see the logs are old so perhaps they did.


What's in your Ghost clients report?

From: Siddesha Dodderi Hanumantharayappa [mailto:Siddesha.Hanumantharayappa at ness.com]
Sent: Monday, June 03, 2013 12:42 PM
To: Root, Paul T; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

I have following information with me:

Xymon service is running.
OS is Red Hat Enterprise Linux Server release 6.2 (Santiago)

Below logs in "xymond.log"
2013-06-03 13:30:44 xymond servername MACHINE='uspvldmzlx29' not listed in hosts.cfg, dropping xymond status

Below logs in "xymongen.log"
2013-05-27 11:01:35 xymond status-board not available, code 7
2013-05-27 11:01:35 Failed to load current Xymon status, aborting page-update
2013-05-27 11:02:32 Whoops ! Failed to send message (timeout)
2013-05-27 11:02:32 ->
2013-05-27 11:02:32 ->  Recipient '161.230.144.78', timeout 15
2013-05-27 11:02:32 ->  1st line: 'xymondboard fields=hostname,testname,color,flags,lastchange,logtime,validtime,acktime,disabletime,sender,cookie,line1,acklist'

Below logs in "xymonlaunch.log"
2013-05-31 10:28:53 Setting up logfiles
2013-05-31 11:59:01 xymonlaunch starting
2013-05-31 11:59:01 Loading tasklist configuration from /home/xymon/server/etc/tasks.cfg
2013-05-31 11:59:01 Cannot open directory /home/xymon/server/etc/tasks.d
2013-05-31 11:59:01 Loading hostnames
2013-05-31 11:59:01 Loading saved state
2013-05-31 11:59:01 Setting up network listener on 0.0.0.0:1984
2013-05-31 11:59:01 Setting up signal handlers
2013-05-31 11:59:01 Setting up xymond channels
2013-05-31 11:59:01 Setting up logfiles

Below logs in "xymonnetagain.log"
2013-05-28 11:48:21 Execution of '/usr/local/sbin/fping -Ae' failed with error-code 4
2013-05-28 11:48:21 /usr/local/sbin/fping: can't create raw socket (must run as root?) : Operation not permitted

Please let me know if you need any more information.


From: Root, Paul T [mailto:Paul.Root at CenturyLink.com]
Sent: Monday, June 03, 2013 10:55 PM
To: Siddesha Dodderi Hanumantharayappa; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

You'll need to provide what "not working" means.

What's running on the system.
What is the OS?
What startup scripts are running?
What's in the log files for xymon?
What's in the logfiles for httpd?
What do you know about the OS in question?

From: Siddesha Dodderi Hanumantharayappa [mailto:Siddesha.Hanumantharayappa at ness.com]
Sent: Monday, June 03, 2013 12:06 PM
To: Root, Paul T; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

Please find I set it to as below:
[root at uspvldmzlx29 xymon]# ls -l /usr/local/sbin/fping
-rwsr-xr-x 1 root root 67404 Nov 27  2012 /usr/local/sbin/fping

Still Xymon not working, Please suggest me what next I should do?

Thanks,
Siddesh

From: Siddesha Dodderi Hanumantharayappa
Sent: Monday, June 03, 2013 8:42 PM
To: 'Root, Paul T'; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

Please let me know should I run

chmod u+s /usr/local/sbin/fping

OR

chmod -s /usr/local/sbin/fping


From: Siddesha Dodderi Hanumantharayappa
Sent: Monday, June 03, 2013 8:40 PM
To: 'Root, Paul T'; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

HI Paul,

I found this command "chmod -s /usr/local/sbin/fping" is that correct, can I execute it.


From: Root, Paul T [mailto:Paul.Root at CenturyLink.com]
Sent: Monday, June 03, 2013 8:33 PM
To: Siddesha Dodderi Hanumantharayappa; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

There you go. That's a problem. As we said last week. Fping has to be setuid.

Look at the chmod man page to learn how to set that.


From: Siddesha Dodderi Hanumantharayappa [mailto:Siddesha.Hanumantharayappa at ness.com]
Sent: Monday, June 03, 2013 9:53 AM
To: Root, Paul T; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

The result is as below:

[root at uspvldmzlx29 sbin]# pwd
/usr/local/sbin
[root at uspvldmzlx29 sbin]# ls -l
total 68
-r-xr-xr-x 1 root root 67404 Nov 27  2012 fping
[root at uspvldmzlx29 sbin]#


From: Root, Paul T [mailto:Paul.Root at CenturyLink.com]
Sent: Monday, June 03, 2013 8:02 PM
To: Siddesha Dodderi Hanumantharayappa; 'Jeremy Laidman'
Cc: 'xymon at xymon.com'
Subject: RE: [Xymon] Xymon application is not working

Not having a .../tasks.d directory is not a big deal. It is used for putting additional files in for specific tasks you want to run. It would be things you add, not the stock tasks. Makes upgrading a bit easier. And gives you better organization. It is not used "out of the box".

The ping command is not used by xymon. Xymon uses either xymonping (still in beta and not recommended) or fping. Do your "ls -l" on fping. If it's not setuid (-rwsr-xr-x probably) then it won't work correctly for xymon.


From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Siddesha Dodderi Hanumantharayappa
Sent: Monday, June 03, 2013 9:07 AM
To: Jeremy Laidman
Cc: xymon at xymon.com<mailto:xymon at xymon.com>
Subject: Re: [Xymon] Xymon application is not working

Hi Jeremy,

The information which you provided was so good, I have done the instruction provided by  the out is as follow:

[xymon at uspvldmzlx29 shanuma]$ grep -c ^ /home/xymon/server/etc/tasks.d/*
grep: /home/xymon/server/etc/tasks.d/*: No such file or directory
[xymon at uspvldmzlx29 shanuma]$ ls -l /bin/ping
-rwsr-xr-x. 1 root root 40760 Mar 22  2011 /bin/ping

Please let me know what should I do next.

Thanks,
Siddesh

From: Jeremy Laidman [mailto:jlaidman at rebel-it.com.au]
Sent: Monday, June 03, 2013 5:52 AM
To: Siddesha Dodderi Hanumantharayappa
Cc: xymon at xymon.com<mailto:xymon at xymon.com>
Subject: Re: [Xymon] Xymon application is not working

On 1 June 2013 05:04, Siddesha Dodderi Hanumantharayappa <Siddesha.Hanumantharayappa at ness.com<mailto:Siddesha.Hanumantharayappa at ness.com>> wrote:
2013-05-31 11:59:01 Loading tasklist configuration from /home/xymon/server/etc/tasks.cfg
2013-05-31 11:59:01 Cannot open directory /home/xymon/server/etc/tasks.d

This might be important.  Make sure that the user ID under which xymond process is running has permission to access the tasks.d directory.  For example, login as or switch to the xymon user and run 'grep -c ^ /home/xymon/server/etc/tasks.d/*'.

Although I don't think it would cause the problems you're seeing.  It seems like xymond is not running, and is causing the statusboard request to time-out.  Perhaps you can check that the IP address of 161.230.144.78 is your Xymon server.

The fping error relates to the fact that accessing a socket to send a low-level packet type (ICMP=ping) requires root privileges, and the xymon user is not permitted to do so.  It's the same for regular ping and regular users.  But most UNIX systems work around this by giving the ping binary a special permission flag called "set-UID" or "set user-ID".  Sometimes "set-GID" (set-group-ID) is set instead or as well as.  This flag tells the kernel to switch to the user and/or group that owns the file being executed, and as it is owned by the root user, it switches to root's user ID for the life of the process, so that it can do low-level packet stuff.

So if you run "ls -l /bin/ping" you should find that the set-UID bit is set, indicated by an "s" in place of the "x" in the "user" permissions.  Here's mine:

-rwsr-xr-x 1 root root 38112 2011-02-18 06:48 /bin/ping*

So this "s" means it's executable AND set-UID for the "root" user.

If you do the same thing for fping, you'll find it has an "x" instead of an "s", meaning it's executable, but without any special switch-user magic capability.  You can add the setuid flag with this command (run as root or under sudo):

chmod u+s /usr/local/sbin/fping

Before you do this, you should make sure that the fping binary is not writeable by non-root users.  If it is, then a non-root user can replace the contents of the file with their own, and they get to run it as root and then take over your machine.  Perhaps you could do something like (as root/sudo): "chmod ugo-w /usr/local/sbin/fping".  This will ensure that nobody has "write" permissions on the file.  Then check with "ls -l" and then, set the setuid flag.

If you're not sure about these permissions, check with your local security-aware sysadmin.

J

The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by forwarding this email to MailAdmin at ness.com<mailto:MailAdmin at ness.com> and then delete it from your system. Ness technologies is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by forwarding this email to MailAdmin at ness.com<mailto:MailAdmin at ness.com> and then delete it from your system. Ness technologies is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by forwarding this email to MailAdmin at ness.com<mailto:MailAdmin at ness.com> and then delete it from your system. Ness technologies is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by forwarding this email to MailAdmin at ness.com<mailto:MailAdmin at ness.com> and then delete it from your system. Ness technologies is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by forwarding this email to MailAdmin at ness.com and then delete it from your system. Ness technologies is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20130603/4ef29ec2/attachment.html>


More information about the Xymon mailing list