Feature #3229
Adagios package
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-adagios | |||
Target version: | v6.6 | |||
Resolution: | NEEDINFO: | No |
Description
Implement nethserver-adagios RPM package, following Nicola's howto
http://community.nethserver.org/t/adagios-installation-on-nethserver/161
Related issues
Associated revisions
Initial commit. Refs #3229
/etc/nagios/nagios.cfg retains the original file permissions.
To allow Adagios modify the file contents run
chgrp nagios /etc/nagios/nagios.cfg
Added nsclient winexe. Refs #3229
Initial commit. Refs #3229
xinetd livestatus configuration. Refs #3229
nagios and nrpe services are access=private by default.
backup-data configuration for nethserver-adagios package. Refs #3229
Save everything under /etc/nagios directory.
Save /etc/adagios/adagios.conf
nethserver-adagios.spec: require nethserver-httpd. Refs #3229
nethserver-adagios-conf action: run git init on /etc/nagios. Refs #3229
Only one module of adagios UI can initialize the repository
automatically. Other parts require it already initialized.
Dashboard link to Adagios web app. Refs #3229
Use config backup for adagios.conf and /etc/nagios. Refs #3229
Also backup as data everything under /var/lib/pnp4nagios/
Use LDAP authentication for Adagios. Refs #3229
Grant ownership of .cfg files from nagios RPM. Refs #3229
Use LDAP authentication on adagios, nagios and pnp4nagios apps. Refs #3229
Realm "Nagios Access"
Require nethserver-directory (admin account).
Require SSL for LDAP authentication. Refs #3229
History
#1 Updated by Davide Principi about 6 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Davide Principi
- % Done changed from 20 to 30
#2 Updated by Davide Principi about 6 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 30 to 60
Test case
- install the package
- Connect to
http://<serverip>/adagios
- Test the application works and no file permissions problems arise
Known issue:
- nagios.cfg is not writable
#3 Updated by Davide Principi about 6 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-adagios-0.0.1-1.ns6.noarch.rpm
#4 Updated by Davide Principi about 6 years ago
- Status changed from ON_QA to TRIAGED
- % Done changed from 70 to 20
Add
- multisite
xinetd
configuration - set default daemon access
private
- winexe bundle
#5 Updated by Davide Principi about 6 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Davide Principi
- % Done changed from 20 to 30
#6 Updated by Davide Principi about 6 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 30 to 60
Test case 2
- execute original test case (see previous comment)
- check connections from trusted networks are allowed on ports 6557, 5666. i.e.
# nc -z localhost 6557 Connection to localhost 6557 port [tcp/*] succeeded!
- check deploying of nsclient on windows machines
#7 Updated by Davide Principi about 6 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-xinetd-0.0.1-1.ns6.noarch.rpmnethserver-adagios-0.0.1-1.2.geb4742d.ns6.noarch.rpmnethserver-adagios-0.0.1-1.3.g08976bf.ns6.noarch.rpmnethserver-adagios-0.0.1-1.4.g170a8ea.ns6.noarch.rpmnethserver-adagios-0.0.1-1.5.g80aa70d.ns6.noarch.rpm
nethserver-adagios-0.0.1-1.6.gf274d24.ns6.noarch.rpm
#8 Updated by Davide Principi about 6 years ago
- Related to Feature #3230: OCS Inventory NG package added
#9 Updated by Giacomo Sanchietti about 6 years ago
- Assignee set to Giacomo Sanchietti
#10 Updated by Giacomo Sanchietti about 6 years ago
- Status changed from ON_QA to TRIAGED
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 70 to 20
Test case 1: FAILED
Adagios fails when trying to edit built-in configurations.
All files under /etc/nagios/objects
must be writable. These files belong to nagios packages but can be changed (even the ownership) since they are all marked as config files and the nagios package will not overwrite them in case of update.
Eventually we can also set an ACL like this:
setfacl -m group:nagios:rw /etc/nagios/objects/timeperiods.cfgSteps to reproduce:
- try to edit the HTTP service inside the localhost host
- try to change nagiosadmin contact
- try to change existing time periods
Test case 2: SUCCESS
Both ports are open.
Notes
I also suggest following enhancements:- move backup of /etc/nagios to configuration backup:
mv /etc/backup-data.d/nethserver-adagios.include /etc/backup-config.d/nethserver-adagios.include
- add PNP data to backup data:
echo /var/lib/pnp4nagios/ > /etc/backup-data.d/nethserver-adagios.include
- use LDAP authentication instead of built-in apache auth. Example (
/etc/httpd/conf.d/adagios.conf
):<Location /adagios> ... AuthType Basic AuthName "Login" AuthBasicProvider ldap AuthLDAPBindDN cn=adagios,dc=directory,dc=nh AuthLDAPBindPassword <auto_generated_password> AuthLDAPURL "ldap://localhost/ou=People,dc=directory,dc=nh?uid?sub?(objectClass=posixAccount)" Require user admin Satisfy all ... </Location>
#11 Updated by Davide Principi about 6 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Davide Principi
- % Done changed from 20 to 30
#12 Updated by Davide Principi almost 6 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 30 to 60
- Changed backup configuration
- LDAP authentication (only admin user is accepted), require nethserver-directory
- Require SSL on adagios, nagios and pnp4nagios web apps
Testing
- repeat previous test cases
- check restricted locations are accessible only with SSL
#13 Updated by Davide Principi almost 6 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-adagios-0.0.1-1.11.g17af0a4.ns6.noarch.rpm
#14 Updated by dz0 0te almost 6 years ago
- Assignee set to dz0 0te
#15 Updated by dz0 0te almost 6 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
dz0 0te) - % Done changed from 70 to 90
System and Package Version installed
VM KVM - Clean install of Nethserver 6.6 fully updated
Package Installed: none
Other Package installed: none
Test Original Problem
Feature
Install Updated Package
yum --enablerepo=nethserver-testing install nethserver-adagios-0.0.1-1.11.g17af0a4.ns6
Test Results after update
Test case 1:
install OK
deny connect on http OK
Connect to https://serverip/adagios OK
Edit/Save config (was permission problem) OK
Test case2:
Both ports are open
Ldap Auth: OK
Verified or Reopen
Verified
Note
...
#16 Updated by Davide Principi almost 6 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
In nethserver-updates/6.6
nethserver-adagios-1.0.0-1.ns6.noarch.rpm
nethserver-xinetd-1.0.0-1.ns6.noarch.rpm
adagios-1.6.1-1.git.143.fc57957.el6.noarch.rpm
bash-completion-1.3-7.el6.noarch.rpm
fping-2.4b2-10.el6.x86_64.rpm
mk-livestatus-1.2.2-3.git.1177.22baef4.el6.x86_64.rpm
nagios-3.5.1-1.el6.x86_64.rpm
nagios-common-3.5.1-1.el6.x86_64.rpm
nagios-okplugin-apc-2.1.2-1.git.0.03f7389.el6.noarch.rpm
nagios-okplugin-brocade-0.0.5-1.git.0.09dcc39.el6.x86_64.rpm
nagios-okplugin-check_disks-1.0.7-1.git.0.f986b73.el6.noarch.rpm
nagios-okplugin-check_time-1.0.3-1.git.0.5f604b8.el6.x86_64.rpm
nagios-okplugin-mailblacklist-1.1-1.git.0.e9222eb.el6.noarch.rpm
nagios-plugins-1.4.16-10.el6.x86_64.rpm
nagios-plugins-all-1.4.16-10.el6.x86_64.rpm
nagios-plugins-breeze-1.4.16-10.el6.x86_64.rpm
nagios-plugins-by_ssh-1.4.16-10.el6.x86_64.rpm
nagios-plugins-cluster-1.4.16-10.el6.x86_64.rpm
nagios-plugins-dhcp-1.4.16-10.el6.x86_64.rpm
nagios-plugins-dig-1.4.16-10.el6.x86_64.rpm
nagios-plugins-disk-1.4.16-10.el6.x86_64.rpm
nagios-plugins-disk_smb-1.4.16-10.el6.x86_64.rpm
nagios-plugins-dns-1.4.16-10.el6.x86_64.rpm
nagios-plugins-dummy-1.4.16-10.el6.x86_64.rpm
nagios-plugins-file_age-1.4.16-10.el6.x86_64.rpm
nagios-plugins-flexlm-1.4.16-10.el6.x86_64.rpm
nagios-plugins-fping-1.4.16-10.el6.x86_64.rpm
nagios-plugins-game-1.4.16-10.el6.x86_64.rpm
nagios-plugins-hpjd-1.4.16-10.el6.x86_64.rpm
nagios-plugins-http-1.4.16-10.el6.x86_64.rpm
nagios-plugins-icmp-1.4.16-10.el6.x86_64.rpm
nagios-plugins-ide_smart-1.4.16-10.el6.x86_64.rpm
nagios-plugins-ircd-1.4.16-10.el6.x86_64.rpm
nagios-plugins-ldap-1.4.16-10.el6.x86_64.rpm
nagios-plugins-load-1.4.16-10.el6.x86_64.rpm
nagios-plugins-log-1.4.16-10.el6.x86_64.rpm
nagios-plugins-mailq-1.4.16-10.el6.x86_64.rpm
nagios-plugins-mrtg-1.4.16-10.el6.x86_64.rpm
nagios-plugins-mrtgtraf-1.4.16-10.el6.x86_64.rpm
nagios-plugins-mysql-1.4.16-10.el6.x86_64.rpm
nagios-plugins-nagios-1.4.16-10.el6.x86_64.rpm
nagios-plugins-nrpe-2.15-2.el6.x86_64.rpm
nagios-plugins-nt-1.4.16-10.el6.x86_64.rpm
nagios-plugins-ntp-1.4.16-10.el6.x86_64.rpm
nagios-plugins-ntp-perl-1.4.16-10.el6.x86_64.rpm
nagios-plugins-nwstat-1.4.16-10.el6.x86_64.rpm
nagios-plugins-oracle-1.4.16-10.el6.x86_64.rpm
nagios-plugins-overcr-1.4.16-10.el6.x86_64.rpm
nagios-plugins-perl-1.4.16-10.el6.x86_64.rpm
nagios-plugins-pgsql-1.4.16-10.el6.x86_64.rpm
nagios-plugins-ping-1.4.16-10.el6.x86_64.rpm
nagios-plugins-procs-1.4.16-10.el6.x86_64.rpm
nagios-plugins-real-1.4.16-10.el6.x86_64.rpm
nagios-plugins-rpc-1.4.16-10.el6.x86_64.rpm
nagios-plugins-sensors-1.4.16-10.el6.x86_64.rpm
nagios-plugins-smtp-1.4.16-10.el6.x86_64.rpm
nagios-plugins-snmp-1.4.16-10.el6.x86_64.rpm
nagios-plugins-ssh-1.4.16-10.el6.x86_64.rpm
nagios-plugins-swap-1.4.16-10.el6.x86_64.rpm
nagios-plugins-tcp-1.4.16-10.el6.x86_64.rpm
nagios-plugins-time-1.4.16-10.el6.x86_64.rpm
nagios-plugins-ups-1.4.16-10.el6.x86_64.rpm
nagios-plugins-users-1.4.16-10.el6.x86_64.rpm
nagios-plugins-wave-1.4.16-10.el6.x86_64.rpm
nrpe-2.15-2.el6.x86_64.rpm
okconfig-1.3.0-1.git.0.79bff73.el6.noarch.rpm
perl-Crypt-DES-2.05-9.el6.x86_64.rpm
perl-Math-Calc-Units-1.07-6.el6.noarch.rpm
perl-Nagios-Plugin-0.35-1.el6.noarch.rpm
perl-Net-SNMP-5.2.0-4.el6.noarch.rpm
pnp4nagios-0.6.22-2.el6.x86_64.rpm
pynag-0.9.1-1.git.165.9b69b4f.el6.noarch.rpm
python-django15-1.5.6-1.el6.noarch.rpm
qstat-2.11-9.20080912svn311.el6.x86_64.rpm
winexe-1.1-1.git.0.9d83c1e.el6.x86_64.rpm