Ad Widget

Collapse

zabbix-agent 2.2.0 log warning

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • man
    Junior Member
    • Feb 2009
    • 5
    #1

    zabbix-agent 2.2.0 log warning

    hello,

    today i'm upgraded production server/agent to zabbix 2.2.0
    all looks fine.

    on agent side i use UserParameter for mysql status checking
    Code:
    UserParameter=mysql.status[*],mysqladmin -u$1 -p$2 extended-status | awk '$$2 ~ /^$3$/ { if($$4 != "|") print $$4 }'
    in mysql is created user with password to check this information.
    user and password values are parsed to command line from template macros

    after agent upgrade to 2.2.0 i'm started to receive warning in zabbix-agentd.log
    Code:
     25435:20131113:101300.307 Starting Zabbix Agent [MON01]. Zabbix 2.2.0 (revision 40163).
 25435:20131113:101300.308 using configuration file: /usr/local/etc/zabbix_agentd.conf
 25436:20131113:101300.313 agent #0 started [collector]
 25437:20131113:101300.315 agent #1 started[listener #1]
 25438:20131113:101300.315 agent #2 started[listener #2]
 25440:20131113:101300.316 agent #4 started [active checks #1]
 25439:20131113:101300.317 agent #3 started[listener #3]
Warning: Using a password on the command line interface can be insecure.
Warning: Using a password on the command line interface can be insecure.
    how can i disable this warnings or maybe is a different way how to check mysql status?
    Last edited by man; 13-11-2013, 14:00.
    Tags: None
    • HarryKalahan
      Member
      • Jan 2014
      • 40
      #2
      Hi all,

      I have to research hard to get a solution, but at the end I think this is the best way.

      If you want use a user parameter with mysqladmin specifying password, to get rid of the warning messages you have to create an script similar to this:

      Code:
      #!/bin/bash
MYSQLADMIN=/usr/bin/mysqladmin

value=`$MYSQLADMIN -uroot -p<pass> status|cut -f9 -d":"`

echo $value
      You could save the script in the External Checks' directory. After that, must change the Userparameter line in the zabbix_agentd.conf:

      HTML Code:
      UserParameter=mysql.qps,/opt/zabbix/extChecks/mysql_qps.sh 2>/dev/null
      The problem is that the warning is embeded with this kind of execution and you can't send the message to STDOUT, etc. So the unique way in this case is by helping with an intermediate script.

      At any way, the most secure and cleanest way to do it is using the mysql_config_editor to protect and encrypt the MySQL root password. This option it's available since MySQL 5.6.6 version.

      I'm using Debian 8 jessie 64bits with MySQL 5.7 and Zabbix Server 3.2.1.

      So, first of all, we have to login as zabbix user in Linux and execute this command:

      Code:
      # su zabbix
$ cd /home/zabbix
$ mysql_config_editor set --login-path=client --host=localhost --user=root --password
Password:*****
      This command generates a hidden file called .mylogin.cnf in our home. The file contains the encrypted password. We generate it under zabbix user, because Zabbix Server login as zabbix to execute external checks and user parameters by the agent.

      Now, you have to modify your user parameter:
      HTML Code:
      UserParameter=mysql.qps,export HOME=/home/zabbix; mysqladmin --login-path=client -uroot status|cut -f9 -d":"
      Why are we using the export before? The reason is the zabbix login through Zabbix Server doesn't load all the needed system variables and at this case we need the HOME enviroment variable. Without it we will receive a mysql login error. I took much time with that.

      At the end, restart the zabbix-agent and it should work without using text plain passwords.

      I hope this helps.

      Best regards.

        Comment

        Previous template Next
        Working...