Ad Widget

**Calimero** · 02-07-2009, 09:36

Do you have grsec or similar kernel patches ? Maybe SELinux ?

What if:
$ sudo su - zabbix
$ ps aux | grep apache

**fabalti** · 02-07-2009, 10:03

Hi

How I make to know if I have grsec or similar kernel patches ?

$ sudo su - zabbix
$ ps aux | grep apache2
zabbix 30920 0.0 0.0 4412 680 pts/0 S+ 15:33 0:00 grep apache2

**fabalti** · 02-07-2009, 16:01

Is there someone to help me ?

**Calimero** · 02-07-2009, 16:19

try 'uname -a' maybe there's a hint about grsec. Did you install from official Debian media or is your distro somehow customized (dedicated server with botched kernels provided by hosting company for example ...) ?

Check the kernel 'config' file to see if there's anything related to grsec in the build options.

There's 'sestatus' to tell you whether SELinux is enabled or not. I'm not familiar with SELinux as I considered more a pain in the ass than anything else (*) so it always end up disabled ...

(*) though there seem to be some interesting features but I have no time to dig into docs about SElinux ...

**fabalti** · 02-07-2009, 16:29

I installed Zabbix on a Debian Etch from OVH.

$ uname -a
Linux xxxxxxxx.ovh.net 2.6.27.10-grsec-xxxx-grs-ipv4-64 #5 SMP Wed Apr 1 13:10:38 UTC 2009 x86_64 GNU/Linux

**Calimero** · 02-07-2009, 16:39

Originally posted by fabalti

I installed Zabbix on a Debian Etch from OVH.

$ uname -a
Linux xxxxxxxx.ovh.net 2.6.27.10-grsec-xxxx-grs-ipv4-64 #5 SMP Wed Apr 1 13:10:38 UTC 2009 x86_64 GNU/Linux

Ha ha ha ... OVH's custom lousy kernels.

Check grsecurity's website. As far as I remember there's a "privileged" group that can have extended capabilities compared to basic users and as such users from that group can list other processes.

But I not familiar with grsec, I always remove such kernel to stick with kernels provided by the distro.

PS: c'est justement en pensant à OVH que j'ai écrit "botched kernels".

**MartinJanda** · 21-10-2009, 16:59

Hi,
I have the same problem, but I do not install grsecurity patch in kernel.

On the server where the zabbix server, it works correctly. On the server where only zabbix_agentd it does not work for some processes. for example proc.num[ssh] it works, but proc.num[php] anymore.

Thank you in advance for every idea

**MartinJanda** · 21-10-2009, 17:32

I did some experiments and it is due to the long process name.

The process name must be less than or equal to 31 characters

For example, this is ok:
/usr/bin/php5 ./01234567890.php

and this is bad:
/usr/bin/php5 ./012345678901.php

Or may be length name parametr for proc.num[] is max 15 characters?

**Calimero** · 22-10-2009, 10:04

- run you php script
- 'ps aux | grep php' to get the PID
- tr "\0" "\n" < /proc/<PID>/cmdline

This will show you all command line arguments as seen by the system.

First entry (line) is what you should give to proc.num[] as first argument.

**MartinJanda** · 22-10-2009, 10:24

Yes, but it is just interpreter of php, for example '/usr/bin/php5'. I want monitoring just one process of single script.

I shortened the name of the scripts and it works as I want. However, sometime in the future I ever need to watch something that will not easily be shortened. Have I to report as a bug or as a feature request?

Thank you

Ad Widget

Problem with Zabbix and proc.num

Problem with Zabbix and proc.num

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment