Project

General

Profile

Actions

Feature #10915

closed

security/pfSense-pkg-sudo sudo.inc enhancement for better support of NRPE

Added by Infra Weavers over 4 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Normal
Category:
sudo
Target version:
-
Start date:
09/18/2020
Due date:
% Done:

100%

Estimated time:
Plus Target Version:

Description

We have a requirement to permit NRPE to run custom commands as root so that we can, for instance, monitor VPN connected clients and Snort alerts on given interfaces.
In order to do this, we need to add some definitions to the sudoers file for the nagios user, the NRPE process running under the nagios user.

We have made and tested an amendment to the security/pfSense-pkg-sudo package which adds the 'User: nagios' to the drop down list of available users when the `net-mgmt/pfSense-pkg-nrpe` package is installed.

This means we can add sudo definitions for the required checks and check the 'sudo' check box in the NRPE definition and have the check run successfully without any manual editing of /usr/local/etc/sudoers.

We've raised this request ready for creation of the PR.

Actions #2

Updated by Jim Pingle over 4 years ago

  • Status changed from New to Pull Request Review
Actions #4

Updated by Renato Botelho about 4 years ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • % Done changed from 0 to 100

PR has been merged. Thanks!

Actions #5

Updated by Azamat Khakimyanov about 4 years ago

  • Status changed from Feedback to Resolved

Tested on 2.4.5_p1 and on 2.5.0-DEVELOPMENT (built on Wed Nov 11 01:06:53 EST 2020)

With NRPE package installed there is an option to choose 'User: nagios' in SUDO package.

This feature request can be marked resolved.

Actions

Also available in: Atom PDF