Ask Your Question
0

Managing Nagios With Puppet, host file permissions

asked 2015-03-09 10:30:25 -0500

niccoX gravatar image

updated 2015-03-09 10:43:38 -0500

Puppet 2.7.26

Adding new hosts createas a mode 600 cfg file, instead of mode 644. Seems to be a old tracked bug:

link text

I have a bugfix in my server.pp file:

class nagios::server {
         package { [ "nagios" ]:
                ensure => latest;
         }
         service { "nagios":
                ensure => running,
                enabled => true,
                }
        }

        # Hack for bug #3299 where nagios stuff is root:600
        file { ["/etc/nagios/hosts.d/", "/etc/nagios/services.d/"]:
                ensure => directory,
                mode => 644,
                recurse => true,
        }

But I miss the last line ref: link text

    # Collect and instantiate all the puppet stuff
    Nagios_host <<||>>
    Nagios_service <<||>>

Don't know what it exactly does, and if it's the reason that the hack doesn't work, setting new hosts cfg files to mode 644.

Need to ask if it makes any difference if the hack is set before or after you define your nagios_host

edit retag flag offensive close merge delete

3 Answers

Sort by ยป oldest newest most voted
0

answered 2015-03-17 08:05:06 -0500

niccoX gravatar image

I managed to have the hack working, by placing it at the very end of the configuration file. There is still one issue. The files are applied with 600, and this makes nagios not be able to start. So I need to run puppet_apply one more time, for the hack to change the files from 600 to 644.

I'm not sure, if I can edit the hack and change ensure => to present,?

edit flag offensive delete link more
0

answered 2015-03-09 16:28:21 -0500

lorcutt gravatar image

I set my class up so that the client declares a virtual definition:

@@nagios::host { $::fqdn:
  file_owner => $file_owner,
  file_group => $file_group,
  file_mode  => $file_mode,
  base_dir   => $base_dir,
}

The server then instantiates it:

 Nagios::Host  <<||>>
  {
    notify  => Class[nagios::service],
  }

And the host class itself does two things - create the nagios host file and declare permissions on it:

define nagios::host
(
  $file_owner,
  $file_group,
  $file_mode,
  $base_dir,
)
{
        $target_file = "${base_dir}/hosts.d/${name}.cfg"
        nagios_host { $name:
            ensure => present,
            hostgroups => $hostgroups,
            target => $target_file,
          }
        file { $target_file:
          ensure  => present,
          tag     => "nagios_host",
          owner   => $file_owner,
          group   => $file_group,
          mode    => $file_mode,
        }
}

Hope that helps.

edit flag offensive delete link more
0

answered 2015-03-17 11:21:18 -0500

TommyTheKid gravatar image

Two things..

  • First, It seems like the file ownership/group/permissions should really be defined by the Nagios server rather than its "targets" ... Would this not be a good place for something like "File {}" to be defined in the scope that Nagios is importing all those exported resources, then NOT define it in the resources themselves?

  • Second, Why not just have a single hosts.cfg file with all hosts in it, and generate the contents of that file with concat() or an ERB? Edit-ability concerns of having all the hosts in one file are moot if you are not editing the file directly.

Just two completely of the cuff observations :)

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-03-09 10:30:25 -0500

Seen: 391 times

Last updated: Mar 17 '15