Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
NRPE needs sudo for some plugins
« previous
next »
Print
Pages: [
1
]
Author
Topic: NRPE needs sudo for some plugins (Read 975 times)
bwlinux
Newbie
Posts: 1
Karma: 1
NRPE needs sudo for some plugins
«
on:
August 29, 2022, 08:12:48 pm »
Hi all,
I'm monitoring several OPNsense firewalls w/ Icinga.
I know NRPE has it's security issues, but I'm able to protect access to port 5666 both in firewall rules and allowed hosts.
It appears the NRPE package does not allow adding the nagios user to sudoers any longer.
There also isn't the option to set the command prefix
Currently, I just add nagios to sudoers via the cli
# echo "nagios ALL=(ALL) NOPASSWD: /usr/local/libexec/nagios/" > /usr/local/etc/sudoers.d/nrpe
Then any check like check_procs I create as:
/usr/local/bin/sudo /usr/local/libexec/nagios/check_procs -c 3:10 -C openvpn
While this works, it is not "restore safe".
Is there a better way to get the sudo prefix back into the configuration
Also, on the NRPE General screen, help for the Listen Interface says "Empty means listen to all addresses."
It should say "0.0.0.0 means listen to all addresses"
~
BW
Logged
FriendlyObserver
Newbie
Posts: 5
Karma: 0
Re: NRPE needs sudo for some plugins
«
Reply #1 on:
February 11, 2024, 04:49:58 pm »
Please be so kind to take a look at this post:
https://forum.opnsense.org/index.php?topic=38742.0
Do you have recommendations regarding firewall rules?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
NRPE needs sudo for some plugins