I need to monitor firewalld on a centos 7.6.1810 server.
I setup my check as follows in /etc/zabbix/zabbix_agentd.d
cat userparameter_firewalld.conf
UserParameter=firewalld.status,sudo firewall-cmd --state | awk '{$1=$1};1'
I have added the following to
/etc/sudoers.d
for zabbix
Defaults:zabbix !requiretty
zabbix ALL = NOPASSWD: /bin/firewall-cmd
if I run this from the # prompt I get
# zabbix_agentd -t firewalld.status
firewalld.status [t|running]
However it fails with an error "warning: cannot change directory to /var/lib/zabbix: No such file or directory This account is currently not available"
when I run it with zabbix-get
of if I try and running as the zabbix user on the client
for the zabbix user /etc/passwd has a shell /sbin/nologin and a home of /var/lib/zabbix
the version of zabbix agent is
zabbix_agentd -V
zabbix_agentd (daemon) (Zabbix) 4.0.3
Revision 87993 20 December 2018, compilation time: Dec 20 2018 11:29:54
Copyright (C) 2018 Zabbix SIA
License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it according to
the license. There is NO WARRANTY, to the extent permitted by law.
This product includes software developed by the OpenSSL Project
for use in the OpenSSL Toolkit (http://www.openssl.org/).
Compiled with OpenSSL 1.0.1e-fips 11 Feb 2013
Running with OpenSSL 1.0.1e-fips 11 Feb 2013
also running 4.0.3
I have tried to disable selinux and this did not resolve the issue (nothing in the /var/log/audit) before or after
I can fix it by changing the home to /home/zabbix and using /bin/bash
However I would prefer not to do this and us the install results.
Any advise or comments please ?
thanks
PJ
I setup my check as follows in /etc/zabbix/zabbix_agentd.d
cat userparameter_firewalld.conf
UserParameter=firewalld.status,sudo firewall-cmd --state | awk '{$1=$1};1'
I have added the following to
/etc/sudoers.d
for zabbix
Defaults:zabbix !requiretty
zabbix ALL = NOPASSWD: /bin/firewall-cmd
if I run this from the # prompt I get
# zabbix_agentd -t firewalld.status
firewalld.status [t|running]
However it fails with an error "warning: cannot change directory to /var/lib/zabbix: No such file or directory This account is currently not available"
when I run it with zabbix-get
of if I try and running as the zabbix user on the client
for the zabbix user /etc/passwd has a shell /sbin/nologin and a home of /var/lib/zabbix
the version of zabbix agent is
zabbix_agentd -V
zabbix_agentd (daemon) (Zabbix) 4.0.3
Revision 87993 20 December 2018, compilation time: Dec 20 2018 11:29:54
Copyright (C) 2018 Zabbix SIA
License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it according to
the license. There is NO WARRANTY, to the extent permitted by law.
This product includes software developed by the OpenSSL Project
for use in the OpenSSL Toolkit (http://www.openssl.org/).
Compiled with OpenSSL 1.0.1e-fips 11 Feb 2013
Running with OpenSSL 1.0.1e-fips 11 Feb 2013
also running 4.0.3
I have tried to disable selinux and this did not resolve the issue (nothing in the /var/log/audit) before or after
I can fix it by changing the home to /home/zabbix and using /bin/bash
However I would prefer not to do this and us the install results.
Any advise or comments please ?
thanks
PJ
Comment