4.10. Using samhain with nagios

After running ./configure, you will find the script check_samhain.pl in the subdirectory scripts/ of the samhain distribution, which you can copy to the nagios libexec/ directory. Before doing so, you may want to edit the script to set the correct path to the libexec/ directory in the following line:

use lib  "/usr/local/nagios/libexec" ;

The following recipe to use this script has been kindly provided by kiarna:

Nagios runs as user 'nagios'. However, in order to check the filesystem, you typically want to run samhain as 'root'. You can use sudo to fix this problem. In your /etc/sudoers file, add the line:

 
nagios ALL = NOPASSWD:/path/to/check_samhain

Next, add the service to the nagios file objects/commands.cfg:

 
# 'check_samhain' command definition
define command{
command_name check_samhain
command_line /usr/bin/sudo -u root $USER1$/check_samhain -t 100
}

Another option would be to install the check_samhain script with SUID permissions instead of using sudo (this requires that the suidperl package is installed and that samhain has been compiled with ./configure --enable-suid ...

 
# 'check_samhain' command definition
define command{
command_name check_samhain
command_line $USER1$/check_samhain -t 100
}

Checking the filesystem may take some time, so you may want to increase the nagios plugin timeout by changing the following line in nagios.cfg from 60 to 600:

 
service_check_timeout=600

Then add the service to the appropriate section in the nagios service.cfg file.