« On why the Mac's small population is not a defense against an attack | Main | Conversation with EMC and Dantz about EMC's new Acquisition »

So these are my notes on setting up Nagios 1.2 on Mac OS X Server 10.3.5. If nothing else, it'll add to the Google Database. Nagios, for those unfamiliar with it, is an open source network monitoring application, ala Intermapper, or Lansurveyor. (Although if you don't know what Nagios is to begin with, you're going to want to check out the Nagios site before you do all the work I talk about here.) Note, this is not with MySQL support compiled in, since that's going away in favor of an n-tier structure. There are a few requirements for Nagios, namely zlib, libpng, libjpeg, and GD lib. if you have current versions of them already, you're golden. otherwise, follow the appropriate steps (If you're installing this on a stock Server setup, you don't have them). You also need Apple's Developer Tools, otherwise you have nothing to compile with. All of this is from my experience installing this on a G4 Tower running Server 10.3.5 and now into the breach...

Following the rough order I used.. (Credit where credit is due section. This is based on an earlier article from the most excellent AFP548.com site. If you're doing this kind of stuff a lot, look there first, you'll be glad you did.)

zlib setup:
download the latest zlib from http://sourceforge.net/projects/libpng/
unpack the tar.gz file with gnutar -xzvf path/to/tarball
cd to the zlib directory
./configure
sudo make install
sudo ranlib /usr/lib/libz.a

libPNG setup
download the most current version of LibPNG, at LEAST 1.2.7 to avoid nasty security holes and bugs from: http://libpng.sourceforge.net/, get the tar.gz version
unpack the tarball with gnutar: gnutar -xzvf path/to/tarball
cd into the libpng-1.2.7 directory
cd into the scripts subdirectory
cp ./makefile.darwin ../makefile
cd ..
make
sudo make install
sudo ranlib /usr/local/lib/libpng.a

libjpeg setup
get the latest libjpeg source from ftp://ftp.uu.net/graphics/jpeg/, currently jpegsrc.v6b.tar.gz
unpack the tar.gz file with gnutar -xzvf path/to/tarball
cd to the jpeg-6b directory
make
sudo makedir /usr/local/man/man1 (if you don't already have one)
sudo ranlib /usr/local/lib/libjpeg

GD lib setup
download the latest from http://www.boutell.com/gd/ , currently 2.0.2.8
unpack the tar.gz file with gnutar -xzvf path/to/tarball
./configure
make
sudo make install (Note that 2.0.2.8 may not work right in Panther, so if you get a lot of errors on the make, then download 1.8.4 if 2.X makes and installs correctly for you, ignore the rest of this section)
unpack the 1.8.4 tar.gz file with gnutar -xzvf
cd to the 1.8.4 directory
no ./configure, just make
sudo make install : TAKE NOTE OF THE INSTALL LOCATIONS, YOU'LL NEED THEM FOR NAGIOS!

Nagios setup

PLEASE, read through all the steps FIRST so you understand what's going to happen and there's no surprises. Surprises in this app are a right proper pain.

if it doesn't already exist, sudo mkdir /usr/local/nagios
In System Preferences, create a new user called nagios. This will, under Panther, also create the nagios group.

In NetInfo manager:
make sure that the users nagios and www are in the nagios group
delete the home directory entry for user nagios
change the passwd for user nagios to *
make sure that user nagios has no shell (changing it to /usr/bin/false works)

Because of the tendency for Nagios to not find the GD libraries when you do a 'normal' make, we'll have to specify their locations for the configure step. Those options are:

-with-gd-lib=/usr/local/lib for the gdlibs
--with-gd-inc=/usr/local/include for the gd includes

Standard configuration options are:
--prefix=/usr/local/nagios the root nagios directory (you did create this already, right?)
--with-cgirul=/cgi-bin/ the path for the CGIs

NOTE: There is a tendency to try and specify the physical CGI path that exists in the Mac OS X finder. DON'T DO THIS!!! By default, Apache on Mac OS X Server has this aliased correctly so that cgi-bin can and SHOULD be used. If you try to use the /Library/WebServer/CGI-Executables path, you're GOING to cause yourself a LOT of problems! You have been warned!

-with-htmlurl=/ the root directory in nagios for the web display. It's actually going to be /usr/local/nagios/share
so our ./configure command is going to be:

./configure --with-gd-lib=/usr/local/lib --with-gd-inc=/usr/local/include --prefix=/usr/local/nagios --with-cgirul=/cgi-bin/ -with-htmlurl=/ --with-nagios-user=nagios --with-nagios-group=nagios

Go ahead and run that. If you get any errors, make sure you pathed everything correctly, run make clean, then rerun the ./configure
make all
sudo make install
sudo make install-commandmode
sudo make install-config

Congratulations! If you didn't get any errors, then you now have Nagios installed. Now, you're still not ready to go yet. you have to install the plugins, and configure some things so it will work right.

Nagios Plugins

To build the plugins, you can download them from the Nagios Plugin site, and just build them yourself. It's not too hard to do, I'll leave that as a challenge for you if you feel like doing it :-)

Nagios config files

Nagios comes with a complete set of example config file. Now, you won't be able to use them like that, (you just have to rename them to make them “real”...it's pretty obvious how, they just have to end in .cfg), and you'll have to plan your setup a bit, but the Nagios documentation is really excellent, and will, if you read it, give you everything you need to configure Nagios correctly. (The configs are so variable based on your needs that there's no point in me doing samples, you'd have to do almost as much editing on them as you'll have to on the sample configs anyway.)

Nagios HTML pages

Out of the gate, you're going to have to do some retouching of /usr/local/nagios/share/side.html. Basically, Nagios assumes a Linux-like environment, and doesn't grok how Apple changed the Apache directories. So, it sets the path to /nagios/cgi-bin/ and that won't work, so you need to make sure that all the cgi-bin references are /cgi-bin/nameofcgi.cgi, otherwise Nagios can't find the CGI. If you put your CGIs somewhere else, well, you have to change side.html to reflect your setup.

Nagios CGI file locations

Since by default, Mac OS X Server's Apache uses /Library/WebServer/CGI-Executables/ for /cgi-bin, you have to copy the CGI's from /usr/local/nagios/sbin to that directory. Once you've done that, make sure they're owned by nagios, group is www, and the perms are set to 755. Setting up CGI permissions. You don't want just everyone to have unlimited access to the details of Nagios, so you want to lock down the CGI access.

To do that, we're going to make a couple of changes to httpd.conf, and set up a .htaccess file for locking down access. httpd.conf changes: Note: This is the simplest way to set this up. There are other changes you can make to httpd.conf to do the same thing, and they will work just as well. this one works in my situation.

Open /etc/httpd/httpd.conf in your text editor of choice (I use BBEdit) and look for the following directive:

AllowOverride None
Options None
Options ExecCGI
Order allow,deny
Allow from all

and change it to read:

#AllowOverride None
AllowOverride AuthConfig
# Options None
Options ExecCGI
Order allow,deny
Allow from all

This will allow you to run the CGI's after you have authenticated in your browser. To do that, we need to set up a .htaccess file in the cgi-bin directory, and then set up the passwords. Create file named .htaccess in /Library/WebServer/CGI-Executables/ and set it up thusly:

AuthName “Nagios Access”
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
require valid-user

Once you've done that save it and close it. Now, before we create the password file for this, you want to know all the users that will be authenticating. At the very least some sort of catchall Nagios admin user. For our example, we used nagiosadmin, but you can add others. Run the following:

sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

This will create the user file that our .htaccess file is looking for, and set the first user to nagiosadmin. you'll be asked for the password for this user, set it to what you feel is correct. To add other users, you run sudo htpasswd /usr/local/nagios/etc/htpasswd.users You do this once for each user you want to add. You only need the -c swtich when you are creating the file and first entry. Then, edit the “use_authentication” line in /usr/local/nagios/etc/cgi.cfg to read:

use_authentication=1

If you read that file, you'll also note this is where you set which nagios user can do what. The docs that are a part of Nagios explain this thoroughly, so I don't have to.

Server Admin Web Server Setup

Finally, you have to set up OS X Server's Web Server so that it knows about Nagios. You do this in Server Admin. In my case, since this machine is the only thing running as a Web server on this box, I just pointed the primary site at /usr/local/nagios/share/ and that was it. You MUST enable CGI Execution here, (otherwise this won't really work) and you'll really want to kill the performance cache for this site too. (It's a nice idea, but a pain in the tushie the way it works.) Once thats done, you should be set. Just point your browser at the machine running Nagios and enjoy! If you are going to be running Nagios on your network, I would highly recommend joining the nagios-users mailing list. It has a good s/n ratio, and the responses on it are quite helpful in my experience.

Comments

Trackback Pings

TrackBack URL for this entry:
http://www.bynkii.com/cgi-bin/mt/mt-tb.cgi/267

Listed below are links to weblogs that reference Installing and Setting up Nagios 1.2 on Mac OS X Server 10.3.5:

» installing Nagios on Mac OS X Server from niload
A network monitoring system makes it easier to bring OS X Server into the enterprise. Here's a link to building one. [Read More]

Tracked on December 7, 2004 11:56 PM