"wrong" defaults in configuration of check_nrpe command

Bug #975918 reported by Michael Lamertz
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
nagios-nrpe (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Hi,

according to the nrpe docs, it's not recommended to use check_nrpe with parameters due to security risks.

The nrpe docs contain a check_nrpe sample configuration that follows this recommendation. This sample is included in the README.gz within package nagios-nrpe-server.

The packaged version of nagios-nrpe-plugin though makes parameterized check_nrpe the default and defines check_nrpe_1arg for parameterless checks.

I think, this reversal of defaults is misleading, breaks provided examples, and should either be switched to the upstream default or at least be documented in the README.Debian (which is not included with the nagios-nrpe-plugin package).

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in nagios-nrpe (Ubuntu):
status: New → Confirmed
Revision history for this message
Junkern (ulf-bjork) wrote :

Same issue in 16.04

I think this package should be recompiled with setting dont_blame_nrpe, and have it disabled in conf as default.

Revision history for this message
Bas Couwenberg (sebastic) wrote :
Changed in nagios-nrpe (Ubuntu):
status: Confirmed → Fix Committed
Revision history for this message
Bas Couwenberg (sebastic) wrote :

nagios-nrpe (3.0.1-1) includes the fix for this issue.

Changed in nagios-nrpe (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.