updated template

templates/nrpe_cfg.erb

@@ -24,73 +24,13 @@ listen_queue_size=<%= @ne_listen_queue_size %>
 nrpe_user=<%= @ne_user %>
 nrpe_group=<%= @ne_user %>
 
+allowed_hosts=127.0.0.1,::1,<%= @ne_nagios_server %>
+dont_blame_nrpe=<%= @ne_dont_blame_nrpe %>
+allow_bash_command_substitution=<%= @ne_allow_bash_cmd_subst %>
 
-# ALLOWED HOST ADDRESSES
-# This is an optional comma-delimited list of IP address or hostnames
-# that are allowed to talk to the NRPE daemon. Network addresses with a bit mask
-# (i.e. 192.168.1.0/24) are also supported. Hostname wildcards are not currently
-# supported.
-#
-# Note: The daemon only does rudimentary checking of the client's IP
-# address. I would highly recommend adding entries in your /etc/hosts.allow
-# file to allow only the specified host to connect to the port
-# you are running this daemon on.
-#
-# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
-
-allowed_hosts=127.0.0.1,::1
-
-
-# COMMAND ARGUMENT PROCESSING
-# This option determines whether or not the NRPE daemon will allow clients
-# to specify arguments to commands that are executed. This option only works
-# if the daemon was configured with the --enable-command-args configure script
-# option.
-#
-# *** ENABLING THIS OPTION IS A SECURITY RISK! ***
-# Read the SECURITY file for information on some of the security implications
-# of enabling this variable.
-#
-# Values: 0=do not allow arguments, 1=allow command arguments
-
-dont_blame_nrpe=0
-
-
-# BASH COMMAND SUBSTITUTION
-# This option determines whether or not the NRPE daemon will allow clients
-# to specify arguments that contain bash command substitutions of the form
-# $(...). This option only works if the daemon was configured with both
-# the --enable-command-args and --enable-bash-command-substitution configure
-# script options.
-#
-# *** ENABLING THIS OPTION IS A HIGH SECURITY RISK! ***
-# Read the SECURITY file for information on some of the security implications
-# of enabling this variable.
-#
-# Values: 0=do not allow bash command substitutions,
-# 1=allow bash command substitutions
-
-allow_bash_command_substitution=0
-
-
-# COMMAND PREFIX
-# This option allows you to prefix all commands with a user-defined string.
-# A space is automatically added between the specified prefix string and the
-# command line from the command definition.
-#
-# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! ***
-# Usage scenario:
-# Execute restricted commmands using sudo. For this to work, you need to add
-# the nagios user to your /etc/sudoers. An example entry for allowing
-# execution of the plugins from might be:
-#
-# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
-#
-# This lets the nagios user run all commands in that directory (and only them)
-# without asking for a password. If you do this, make sure you don't give
-# random users write access to that directory or its contents!
-
-# command_prefix=/usr/bin/sudo
+<% if @ne_allow_sudo == true -%>
+command_prefix=<%= @ne_command_prefix %>
+<% end -%>
 
 
 # COMMAND TIMEOUT
@@ -247,13 +187,7 @@ command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200
 
 
 
-#allowed_hosts=127.0.0.1,::1,<%= @ne_nagios_server %>
-#dont_blame_nrpe=<%= @ne_dont_blame_nrpe %>
-#allow_bash_command_substitution=<%= @ne_allow_bash_cmd_subst %>
 
-#<% if @ne_allow_sudo == true -%>
-#command_prefix=<%= @ne_command_prefix %>
-#<% end -%>
 
 #command_timeout=<%= @ne_command_timeout %>
 #connection_timeout=<%= @ne_connection_timeout %>