changed default illegal characters
This commit is contained in:
Arne Teuke
@@ -111,6 +111,12 @@ All files and directories are configured with correct selinux context. If selinu
|
|||||||
### Known Problems
|
### Known Problems
|
||||||
* SSL/TLS support: Version 3 of NRPE supposedly has support for SSL/ TLs. However, at the time of writing this module, this seems to be buggy, as I was unable to start the NRPE service as soon as the `ssl_cert_file` line was uncommented in teh configuration file, despite having valid certs in the right position on the node. This happened when installing manually, not through this Puppet module. For that reason I included the `$ne_enable_ssl` boolean parameter, which is set to `false` by default, hence disabling SSL/TLS options until this has been fixed upstream, or a valid workaround has been found. Setting this option to `true` will include all SSL / TLS settings.
|
* SSL/TLS support: Version 3 of NRPE supposedly has support for SSL/ TLs. However, at the time of writing this module, this seems to be buggy, as I was unable to start the NRPE service as soon as the `ssl_cert_file` line was uncommented in teh configuration file, despite having valid certs in the right position on the node. This happened when installing manually, not through this Puppet module. For that reason I included the `$ne_enable_ssl` boolean parameter, which is set to `false` by default, hence disabling SSL/TLS options until this has been fixed upstream, or a valid workaround has been found. Setting this option to `true` will include all SSL / TLS settings.
|
||||||
|
|
||||||
|
### Troubleshooting
|
||||||
|
* `CHECH_NRPE: Unable to read output`: Nagios sudo access also needs Selinux to allow this. Default settings in this module take care for both through `$ne_allow_sudo` and `$ne_include_selinux`.
|
||||||
|
* `CHECK_NRPE: Receive header underflow - only 0 bytes received (4 expected): This is down to the new illegal meta characters feature via `nasty_metachars`.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### Support
|
### Support
|
||||||
* OS: CentOS 6, 7
|
* OS: CentOS 6, 7
|
||||||
* Puppet 3.x
|
* Puppet 3.x
|
||||||
|
|||||||
@@ -78,7 +78,7 @@
|
|||||||
# 0x10 (16) = Log if client has a certificate
|
# 0x10 (16) = Log if client has a certificate
|
||||||
# 0x20 (32) = Log details of client's certificate if it has one
|
# 0x20 (32) = Log details of client's certificate if it has one
|
||||||
# -1 or 0xff or 0x2f = All of the above
|
# -1 or 0xff or 0x2f = All of the above
|
||||||
# @param [string] ne_nasty_metachars list of characters that cannot
|
# @param [array] ne_nasty_metachars list of characters that cannot
|
||||||
# be passed to the NRPE daemon.
|
# be passed to the NRPE daemon.
|
||||||
# @param [string] ne_include_file include definitions from an external
|
# @param [string] ne_include_file include definitions from an external
|
||||||
# config file.
|
# config file.
|
||||||
@@ -137,7 +137,7 @@ $ne_ssl_cert_file = "/etc/pki/tls/certs/${::fqdn}.crt.pem",
|
|||||||
$ne_ssl_privatekey_file = "/etc/pki/tls/private/${::fqdn}.key.pem",
|
$ne_ssl_privatekey_file = "/etc/pki/tls/private/${::fqdn}.key.pem",
|
||||||
$ne_ssl_client_certs = '2',
|
$ne_ssl_client_certs = '2',
|
||||||
$ne_ssl_logging = '0x00',
|
$ne_ssl_logging = '0x00',
|
||||||
$ne_nasty_metachars = '"|`&><\'\\[]{};\r\n\"',
|
$ne_nasty_metachars = ["|`&><[]{};\n\'"],
|
||||||
$ne_include_file = '',
|
$ne_include_file = '',
|
||||||
|
|
||||||
# nrpe.conf
|
# nrpe.conf
|
||||||
|
|||||||
Reference in New Issue
Block a user