Sometimes, even though we Apply Configuration, it never completes in Nagios. Here is the error message it produces:
* Configuration submitted for processing… * Waiting for configuration verification………………<
Here at Bobcares, we have seen several such Nagios-related issues as part of our Server Management Services for web hosts and online service providers.
Today we’ll take a look at the causes for this problem and see the fix.
Why Apply Configuration never completes in Nagios?
Before we get into the solution part of this error message, let’s see what causes this error to occur.
1. Missing/Incorrect sudoers Entries
2. Large amount of objects
3. SSL/TLS redirection
4. localhost missing from /etc/hosts
What to do when Apply Configuration never completes in Nagios
Now let’s see how our Support Engineers assist our customers in fixing this problem.
1. Missing/Incorrect sudoers Entries
High-level privileges are necessary for backend components in Nagios XI. These are accommodated for in sudoers entries. This allows us to execute high-level commands using scripts without requiring user input. If these entries are missing then they can cause errors. When tailing the log /usr/local/nagiosxi/var/cmdsubsys.log we see:
Another reconfigure process is still running, sleeping... Another reconfigure process is still running, sleeping... Another reconfigure process is still running, sleeping...
or:
sudo: no tty present and no askpass program specified RESETTING CONFIG PERMS FAILED!\n OUTPUT=RESETTING CONFIG PERMS FAILED!\n RETURNCODE=4
Another error occurs if we su as the Nagios user and execute the following commands:
su nagios
cd /usr/local/nagiosxi/scripts
./reconfigure_nagios.shWe will be prompted for the password for the Nagios user.
Actually, the password prompt must not appear. This is another indication that the sudoers entries are incorrect/missing.
Eventually, we may get the following error on the Apply Configuration screen:
Reset config permissions failed. An error occurred while attempting to apply your configuration to Nagios Core. Monitoring engine configuration files have been rolled back to their last known good checkpoint
Fixing the sudoers Entries
Here are the steps to get correct sudoers entries from the XI installation file.
1. First, we download the XI installation file to our Nagios XI server. We do this using the wget command and below link for our version of Nagios XI
https://assets.nagios.com/downloads/nagiosxi/versions.php
2. Next, we open an ssh session to our Nagios XI host. If we are already connected as the Nagios user (in the step above) we will need to exit to become an admin.
3. Then we execute the following commands:
cd /tmp
wget https://assets.nagios.com/downloads/nagiosxi/5/xi-5.5.7.tar.gz4. Once the download completes, we need to use the name of the downloaded file in the next command. In this example xi-5.5.7.tar.gz is the name that we are using.
tar xzf xi-5.5.7.tar.gz nagiosxi/nagiosxi/nagiosxi.sudoers --strip-components 2As a result, this will extract a file named nagiosxi.sudoers, and this file contains all the correct entries.
5. We then run all these commands to fix our /etc/sudoers file to make sure it has all the correct entries:
grep -v NAGIOSXI /etc/sudoers > /etc/sudoers.new
mv -f /etc/sudoers.new /etc/sudoers
rm -rf /etc/sudoers.d/nagiosxi
sed -i 's/^Defaults requiretty/#Defaults requiretty/g' /etc/sudoers
cat /tmp/nagiosxi.sudoers >> /etc/sudoers
chmod 440 /etc/sudoers6. Lastly, we run the below command to ensure the old lock file is removed:
rm -f /usr/local/nagiosxi/scripts/reconfigure_nagios.lockAfter making these changes we try and “Apply Configuration” from CCM and this should resolve the problem.
2. A Large Amount Of Objects
Sometimes when creating a large number of objects the apply configuration process takes longer than expected and PHP may time out or exceed limits.
These are defined in the php.ini file. Usually, the location of the php.ini file differs depending on the operating system/version. The following command will determine the location:
find /etc -name php.iniIf there are multiple results then the one in the apache directory is the one that we need to change.
We edit /etc/php.ini and increase these values:
max_execution_time = 60 max_input_time = 60 memory_limit = 256M
Lastly, after making the changes, we restart the Apache.
systemctl restart httpd.service
3. SSL/TLS Redirection
When implementing SSL/TLS certificates on the Nagios XI server, the option use_https needs to be defined as true in the config.inc.php file.
So, we edit /usr/local/nagiosxi/html/config.inc.php and define the option as follows:
$cfg['use_https'] = true;
4. localhost Missing From /etc/hosts
We edit /etc/hosts files and make sure there are local host entries. For example:
127.0.0.1 localhost.localdomain localhost.localdomain localhost4 localhost4.localdomain4 localhost xi-c6x-x64 ::1 localhost.localdomain localhost.localdomain localhost6 localhost6.localdomain6 localhost xi-c6x-x64
Finally, after making these changes we try and “Apply Configuration” from Core Configuration Manager and the problem should be resolved.
[Need any further assistance in fixing Nagios errors? – We are here to help you]
Conclusion
Today, we saw how our Support Engineers provide a solution to this Nagios problem.
0 Comments