Step by Step Nagios Installation and Configuration

Nagios is an awesome Open Source monitoring tool, its provides you more comprehensive monitoring environment to always keep an eye on your all machines / networks whether you are in  your data center or just your small labs.

With Nagios, you can monitor your remote hosts and their services remotely on a single window. It shows warnings and indicates if something goes wrong in your servers which eventually helps us to detect some problems before they occur. It helps us to reduce downtime and business losses.

This tutorial explains how to install and configure the Nagios tool on Linux. I am using RHEL 5.8 for installation Nagios.

Before installation of Nagios some prerequisites are required to resolve the dependencies of Nagios.

1.    Install required dependencies:

During portions of the installation you'll need to have root access to your machine.

Make sure you've installed the following packages on your RHEL5.8 installation before continuing installation of Nagios 4.0.1.

• Apache
• PHP
• GCC compiler
• GD development libraries

You can use yum default package installer to install these packages by running the following commands (as root):

[root@RHEL5 ~]#yum install httpd php

[root@RHEL5 ~]#yum install gcc glibc glibc-common

[root@RHEL5 ~]#yum install gd gd-devel

[root@RHEL5 ~]#yum install make net-snmp

2.    Create Nagios user and Group:

[root@RHEL5 ~]# useradd nagios

[root@RHEL5 ~]# passwd nagios

Changing password for user nagios.

New UNIX password:

BAD PASSWORD: it is based on a dictionary word

Retype new UNIX password:

passwd: all authentication tokens updated successfully.

Create a new nagcmd group for allowing external commands to be submitted through the web interface. Add both the nagios user and the apache user to the group.

[root@RHEL5 ~]# groupadd nagcmd

[root@RHEL5 ~]# /usr/sbin/usermod -a -G nagcmd nagios

[root@RHEL5 ~]# /usr/sbin/usermod -a -G nagcmd apache

3.    Download Nagios Core 4.0.1 and Nagios Plugin 1.5

Create a directory for your Nagios installation and all its future downloads.

[root@RHEL5 ~]# mkdir /root/downloads

[root@RHEL5 ~]# cd /root/downloads

Now download latest Nagios Core 4.0.1 and Nagios plugins 1.5 packages with wget command.

[root@RHEL5 downloads]# wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-4.0.1.tar.gz

[root@RHEL5 downloads]# wget https://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz

4.    Extract Nagios Core and its Plugins:

We need to extract the downloaded packages with tar command.

[root@RHEL5 downloads]# tar -xzvf nagios-4.0.1.tar.gz

[root@RHEL5 downloads]# tar -xzvf nagios-plugins-1.5.tar.gz

When you extract these tarballs with tar command, two new folders will appear in that directory.

[root@RHEL5 downloads]# ls -ltr

total 4060

drwxr-xr-x 15 root root    4096 Oct  2 20:57 nagios-plugins-1.5

drwxrwxr-x 18  root root    4096 Oct 16 05:06 nagios-4.0.1

-rw-r--r--  1   root root 1695367 Oct 16 05:19 nagios-4.0.1.tar.gz

-rw-r--r--  1    root root 2428258 Jan 16  2014 nagios-plugins-1.5.tar.gz

5.    Configure Nagios Core:

i)                  Now, first we will configure Nagios Core and to do so we need to go to Nagios directory and run configure file and if everything goes fine, it will show the output in the end as sample output. Please see below

[root@RHEL5 downloads]# cd nagios-4.0.1

[root@RHEL5 nagios-4.0.1]# ./configure --with-command-group=nagcmd

Sample Output:

*** Configuration summary for nagios 4.0.1 10-15-2013 ***:

 General Options:

 -------------------------

        Nagios executable:  nagios

        Nagios user/group:  nagios,nagios

       Command user/group:  nagios,nagcmd

             Event Broker:  yes

        Install ${prefix}:  /usr/local/nagios

    Install ${includedir}:  /usr/local/nagios/include/nagios

                Lock file:  ${prefix}/var/nagios.lock

   Check result directory:  ${prefix}/var/spool/checkresults

           Init directory:  /etc/rc.d/init.d

  Apache conf.d directory:  /etc/httpd/conf.d

             Mail program:  /bin/mail

                  Host OS:  linux-gnu

 Web Interface Options:

 ------------------------

                 HTML URL:  http://localhost/nagios/

                  CGI URL:  http://localhost/nagios/cgi-bin/

 Traceroute (used by WAP):  /bin/traceroute

Review the options above for accuracy.  If they look okay,

type 'make all' to compile the main program and CGIs.

ii)           Now, after configuring we need to Compile and install all the binaries with make command and make install command will install all the needed libraries in your machine and we can proceed further.

[root@RHEL5 nagios-4.0.1]# make all

[root@RHEL5 nagios-4.0.1]# make install

Sample Output:

*** Main program, CGIs and HTML files installed ***

You can continue with installing Nagios as follows (type 'make'

without any arguments for a list of all possible options):

  make install-init

     - This installs the init script in /etc/rc.d/init.d

  make install-commandmode

     - This installs and configures permissions on the

       directory for holding the external command file

  make install-config

     - This installs sample config files in /usr/local/nagios/etc

make[1]: Leaving directory `/root/downloads/nagios-4.0.1'

iii)          Following command will install the init scripts for Nagios.

[root@RHEL5 nagios-4.0.1]# make install-init

/usr/bin/install -c -m 755 -d -o root -g root /etc/rc.d/init.d

/usr/bin/install -c -m 755 -o root -g root daemon-init /etc/rc.d/init.d/nagios

*** Init script installed ***

iv)          To make nagios work from command line we need to install command-mode.

[root@RHEL5 nagios-4.0.1]# make install-commandmode

/usr/bin/install -c -m 775 -o nagios -g nagcmd -d /usr/local/nagios/var/rw

chmod g+s /usr/local/nagios/var/rw

*** External command directory configured ***

v)           Next, install sample nagios files, please run following command.

[root@RHEL5 nagios-4.0.1]# make install-config

6.    Customizing Nagios Configuration:

Open the “contacts.cfg” file with your choice of editor and set the email address associated with the nagiosadmin contact definition to receiving email alerts.

[root@RHEL5 ~]# vi /usr/local/nagios/etc/objects/contacts.cfg

##############################################################################

 CONTACTS

##############################################################################

# Just one contact defined by default - the Nagios admin (that's you)

# This contact definition inherits a lot of default values from the 'generic-contact'

# template which is defined elsewhere.

define contact{

        contact_name          nagiosadmin             ; Short name of user

        use          generic-contact    ; Inherit default values from generic-contact template (defined above)

        alias        Nagios Admin            ; Full name of user

        email  jitendrakumaryogi@gmail.com    ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******

        }

7.    Install and configure Web Interface for Nagios:

We are done with all configuration in the backend, now we will configure Web Interface for Nagios with following command. The below command will Configure Web interface for Nagios and a web admin user will be created “nagiosadmin”.

[root@RHEL5 nagios-4.0.1]# make install-webconf

/usr/bin/install -c -m 644 sample-config/httpd.conf /etc/httpd/conf.d/nagios.conf

*** Nagios/Apache conf file installed ***

In this step, we will be creating a password for “nagiosadmin”. After executing this command, please provide a password twice and keep it remember because this password will be used when you login in the Nagios Web interface.

[root@RHEL5 nagios-4.0.1]# htpasswd -s -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Restart Apache to make the new settings take effect.

[root@RHEL5 nagios-4.0.1]# service httpd restart

Stopping httpd:                                            [  OK  ]

Starting httpd:                                            [  OK  ]

8.    Compile and Install Nagios Plugin:

We have downloaded nagios plugins in /root/downloads, Go there and configure and install it as directed below.

[root@RHEL5 nagios-4.0.1]# cd /root/downloads/

[root@RHEL5 downloads]# cd nagios-plugins-1.5

[root@RHEL5 nagios-plugins-1.5]#./configure --with-nagios-user=nagios --with-nagios-group=nagios

[root@RHEL5 nagios-plugins-1.5]# make

[root@RHEL5 nagios-plugins-1.5]# make install

9.    Verify Nagios configuration file:

Now we are all done with Nagios configuration and its time to verify it and to do so please insert following command. If everything goes smooth it will show up similar to below output.

[root@RHEL5 nagios-plugins-1.5]# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

10.  Add Nagios Services to System Startup:

To make Nagios work across reboots, we need to add nagios and https with chkconfig command.

[root@RHEL5 nagios-plugins-1.5]# chkconfig --add nagios

[root@RHEL5 nagios-plugins-1.5]# chkconfig --level 35 nagios on

[root@RHEL5 nagios-plugins-1.5]#  chkconfig --add httpd

[root@RHEL5 nagios-plugins-1.5]# chkconfig --level 35 httpd on

Restart Nagios to make the new settings take effect.

[root@RHEL5 nagios-plugins-1.5]# service nagios start

nagios is stopped

Starting nagios:                                           [  OK  ]

11.  Modify SELinux Settings:

RedHat ships with SELinux (Security Enhanced Linux) installed and in Enforcing mode by default. This can result in "Internal Server Error" messages when you attempt to access the Nagios CGIs. See if SELinux is in Enforcing mode.

            [root@RHEL5 nagios-4.0.1]# getenforce

Put SELinux into Permissive mode.

            [root@RHEL5 nagios-4.0.1]# setenforce 0

To make this change permanent, you'll have to modify the settings in /etc/selinux/config and reboot.

Instead of disabling SELinux or setting it to permissive mode, you can use the following command to run the CGIs under SELinux enforcing/targeted mode:

[root@RHEL5 nagios-4.0.1]# chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/

[root@RHEL5 nagios-4.0.1]# chcon -R -t httpd_sys_content_t /usr/local/nagios/share/

12. Login to Nagios Web Interface:

Your nagios is ready to work, please open it in your browser with “http://Your-server-IP-address/nagios” or “http://FQDN/nagios” and provide the username “nagiosadmin” and password.

Nagios Login

Install RepoForge (RPMForge) Repository on RHEL, CentOS, Scientific Linux 6.x/5.x/4.x

Like EPEL, REMI, RPM Fusion repositories, RepoForge, formerly known as RPMForge, is a third party repository that has collection of over 5000 software packages for RHEL and its derivatives like CentOS and Scientific Linux. In this handy tutorial, let us see how to add RepoForge repository on RHEL/CentOS/Scientific Linux 6.x, 5.x and 4.x versions. Here x refers the version numbers i.e. 6.1, 6.2, 6.3 etc.

1.    Install RepoForge On RHEL/CentOS/Scientific Linux 6 – 32 bit

Run the following commands to install RepoForge repository on 32 bit RHEL 6.x based systems.

# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.i686.rpm

# rpm -Uvh rpmforge-release-0.5.3-1.el6.rf.i686.rpm

2.    Install RepoForge On RHEL/CentOS/Scientific Linux 6 – 64 bit

Run the following commands to install RepoForge repository on 64 bit RHEL 6.x based systems.

# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

# rpm -Uvh rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

3.    Install RepoForge On RHEL/CentOS/Scientific Linux 5 – 32 bit

Run the following commands to install RepoForge repository on 32 bit RHEL 5.x based systems.

# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el5.rf.i386.rpm

# rpm -Uvh rpmforge-release-0.5.3-1.el5.rf.i386.rpm

4.    Install RepoForge On RHEL/CentOS/Scientific Linux 5 – 64 bit

Run the following commands to install RepoForge repository on 64 bit RHEL 5.x based systems.

# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el5.rf.x86_64.rpm

# rpm -Uvh rpmforge-release-0.5.3-1.el5.rf.x86_64.rpm

5.    Install RepoForge On RHEL/CentOS/Scientific Linux 4 – 32 bit

Run the following commands to install RepoForge repository on 32 bit RHEL 4.x based systems.

# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el4.rf.i386.rpm

# rpm -Uvh rpmforge-release-0.5.3-1.el4.rf.i386.rpm

6.    Install RepoForge On RHEL/CentOS/Scientific Linux 4 – 64 bit

Run the following commands to install RepoForge repository on 64 bit RHEL 4.x based systems.

# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el4.rf.x86_64.rpm

# rpm -Uvh rpmforge-release-0.5.3-1.el4.rf.x86_64.rpm

7.    Import RepoForge GPG key

To import DAG’s GPG key for all RHEL/CentOS/Scientific Linux 6.x, 5.x, 4.x, enter the following command:

# rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt

8.    Update the Repositories

After installing the RepoForge repository package, you have to update the repository lists using command:

# yum update

That’s it.

Repoforge has been added and enabled in RHEL 6.x/5.x/4.x systems.

Step by Step Installation of SVN (Subversion) Server

Subversion is free open source version control system to manage the files/directories and the changes of them made all time. The open source community has been using Subversion (SVN) widely of many collaborative development projects.

SVN supports several protocols for network access: SVN, SVN+SSH, HTTP, HTTPS. If you are behind a firewall, HTTP-based Subversion is advantageous since SVN traffic will go through the firewall without any additional firewall rule setting. In this tutorial, I will describe how to set up an HTTP-based Subversion server on Cent OS 5.8.

1.       Installation of Apache Server.

[root@svnserver ~]# yum install httpd*

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

 * addons: centos.mirror.net.in

 * base: mirror.vietoss.com

 * centosplus: mirrors.fibo.vn

 * contrib: mirrors.digipower.vn

 * extras: centos-hn.viettelidc.com.vn

 * updates: mirrors.digipower.vn

Setting up Install Process

Package httpd-2.2.3-83.el5.centos.x86_64 already installed and latest version

[root@svnserver ~]# /etc/init.d/httpd status

httpd is stopped

[root@svnserver ~]# chkconfig httpd on

[root@svnserver ~]# service httpd start

Starting httpd: httpd: apr_sockaddr_info_get() failed for svnserver

httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

                                                           [  OK  ]

[root@svnserver ~]# vi /etc/httpd/conf/httpd.conf

ServerName svnserver.example.com

[root@svnserver ~]# service httpd restart

Stopping httpd:                                            [  OK  ]

Starting httpd:                                            [  OK  ]

2.       Installation of subversion server.

[root@svnserver ~]# yum install mod_dav_svn subversion

3.       Configure Subversion.

Open the subversion config file ‘/etc/httpd/conf.d/subversion.conf’ and edit as follows:

[root@svnserver conf.d]# vi /etc/httpd/conf.d/subversion.conf

LoadModule dav_svn_module     modules/mod_dav_svn.so

LoadModule authz_svn_module   modules/mod_authz_svn.so

#

# Example configuration to enable HTTP access for a directory

# containing Subversion repositories, "/var/www/svn".  Each repository

# must be readable and writable by the 'apache' user.  Note that if

# SELinux is enabled, the repositories must be labelled with a context

# which httpd can write to; this will happen by default for

# directories created in /var/www.  Use "restorecon -R /var/www/svn"

# to label the repositories if upgrading from a previous release.

#

#

# To create a new repository "http://localhost/repos/stuff" using

# this configuration, run as root:

#

#   # cd /var/www/svn

#   # svnadmin create stuff

#   # chown -R apache.apache stuff

#

<Location /svn>

   DAV svn

   SVNParentPath /var/www/svn

   # Limit write permission to list of valid users.

      # Require SSL connection for password protection.

      # SSLRequireSSL

      AuthType Basic

      AuthName "Authorization Realm"

      AuthUserFile /etc/svn-auth-users

     Require valid-user

   </Location>

4.       Create a new user for Subversion called “jitendra” for instance.

[root@svnserver ~]# htpasswd -cm /etc/svn-auth-users jitendra

New password:

Re-type new password:

Adding password for user Jitendra

5.       Create and configure subversion Repository.

Create a directory for subversion repository under “/var/www/svn” directory.

[root@svnserver ~]# mkdir /var/www/svn

[root@svnserver ~]# cd /var/www/svn

[root@svnserver svn]# svnadmin create repos

[root@svnserver svn]# ls

repos

 [root@svnserver svn]# chown apache.apache -R repos

[root@svnserver svn]# service httpd restart

Stopping httpd:                                            [  OK  ]

Starting httpd:                                            [  OK  ]

6.       Disable Anonymous Users.

If you want to disable the anonymous user to access the repository, just edit the following line in‘repos/conf/svnserver.conf’ file.

[root@svnserver conf.d]# vi /var/www/svn/repos/conf/svnserve.conf

anon-access = none

authz-db = authz

7.       SELINUX Settings.

 If you enabled SELinux, run the following commands to change the SELinux context security.

[root@svnserver ~]# chcon -R -t httpd_sys_content_t var/www/svn/repos/
[root@svnserver ~]# chcon -R -t httpd_sys_rw_content_t /var/www/svn/repos/

8.       IPTABLES Settings.

Make sure that you have opened the apache default port ’80′ through iptables.

[root@svnserver ~]# vi /etc/sysconfig/iptables

-A INPUT -p udp -m state --state NEW --dport 80 -j ACCEPT

-A INPUT -p tcp -m state --state NEW --dport 80 -j ACCEPT

9.       Testing Subversion.

We can test the subversion by typing http://10.226.10.10/svn/repos in web browser.

10.   Create additional links(directories) under Subversion Repository.

Create some sample directories in any place and import them to your Subversion repository.

[root@svnserver ~]# mkdir subversion-templates
[root@svnserver ~]# cd subversion-templates/
[root@svnserver subversion-templates]#mkdir  jitendra

Now import the sub directories using the command ‘svn import’.

[root@svnserver ~]# svn import -m 'Initial import' subversion-templates/ http://10.226.10.10/svn/repos/
Authentication realm: <http://10.226.10.10:80> Subversion repositories

Username: jitendra

Password for 'jitendra':

Adding         /subversion-templates/jitendra

-----------------------------------------------------------------------

ATTENTION!  Your password for authentication realm:

   <http://10.226.10.10:80> Subversion repositories

can only be stored to disk unencrypted!  You are advised to configure

your system so that Subversion can store passwords encrypted, if

possible.  See the documentation for details.

You can avoid future appearances of this warning by setting the value

of the 'store-plaintext-passwords' option to either 'yes' or 'no' in

'/root/.subversion/servers'.

-----------------------------------------------------------------------

Store password unencrypted (yes/no)? no

Committed revision 1.