blog [AdminSysGNULinux]

blog

Table des matières

2 billet(s) pour janvier 2026

2026:
- janvier

2025:
- mars
- avril
- mai
- juin
- juillet
- août
- septembre
- octobre
- novembre
- décembre

2 billet(s) pour janvier 2026

Git - Duplication d'un dépôt	2026/01/19 10:22	Jean-Baptiste
Exemple simple de conf Nagios	2026/01/14 10:07	Jean-Baptiste

Notes NSClient (Agent Nagios / Centreon pour windows)

Voir :

WebAPI

Voir :

Pb plugin Nagios centreon NSClient 403

Voir aussi :

check_ncpa
check-mk-agent
Exporter prometheus

check_nt et Centreon : https://www.starmate.fr/centreon-et-nsclient/

Flux

PORT	SENS	SERVICE	PLUGIN
12489/tcp	NAGIOS ⇒ HOTE	NSClientServer	check_nt
5666/tcp	NAGIOS ⇒ HOTE	NRPEServer	check_nrpe / check_centreon_nrpe3
5667/tcp	NAGIOS ⇐ HOTE	NSCAClient
8443/tcp	NAGIOS ⇒ HOTE	NSClientServer	(restapi)
80 or 443/tcp	NAGIOS ⇐ HOTE	NRDPClient

En plus de

PORT	SENS	SERVICE	NOTE
ICMP	NAGIOS ⇒ HOTE	PING
161/udp	NAGIOS ⇒ HOTE	SNMP
162/udp	NAGIOS ⇐ HOTE	SNMP Traps

# Port 5666
check_nrpe -H localhost -c check_load
 
# Pour 1248
check_nt -H 192.168.1.10 -p 1248 -v UPTIME
check_nt -H 192.168.1.10 -p 1248 -v CLIENTVERSION
check_nt -H 192.168.1.10 -p 1248 -v INSTANCES -l Process
 
#check_nt!CPULOAD!-l 5,80,90
#check_nt!MEMUSE!-w 80 -c 90
#check_nt!USEDDISKSPACE!-l c -w 80 -c 90

$ /usr/lib64/nagios/plugins/check_nt -H 10.12.50.61 -p 12489 -s 'P@ssw0rd' -v USEDDISKSPACE -d SHOWALL -l c
c:\ - total: 49.90 Gb - used: 11.78 Gb (24%) - free 38.12 Gb (76%) | 'c:\ Used Space'=11.78Gb;0.00;0.00;0.00;49.90

Rest API

Changer

; Section for REST API users
[/settings/WEB/server/users/centreon]
password=centreon
role=limited

en

; Section for REST API users
[/settings/WEB/server/users/SupUser]
password=P@ssw0rd
role=limited

Autres

nscp web -- password --display
nscp web password set=icinga --debug
nscp web password -- --set icinga

If you want to fill this file with all available options run the following command:

nscp settings --generate --add-defaults --load-all

If you want to activate a module and bring in all its options use:

nscp settings --activate-module <MODULE NAME=""> --add-defaults

For details run:

nscp settings --help

Conf

Voir :

nsclient.ini

[/settings/default]
password =Str0ngPassw0rd
; PORT NUMBER - Port to use for check_nt.
port = 12489
 
[/modules]
NSClientServer = 1
CheckDisk = 1
CheckEventLog = 1
WebServer = 0
Scheduler = 1
 
[/settings/default]
allowed hosts = 127.0.0.1,10.133.134.0/24,10.136.243.0/24
timeout = 30
 
[/settings/log]
level = debug

[/settings/default]
allowed hosts = 0.0.0.0/0
password = P@ssw0rd
port = 12489
 
[/modules]
WEBServer = 1
NRPEServer = 0
NSClientServer = 1
 
[/settings/WEB/server]
; ALLOWED HOSTS - A coma separated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges.
allowed hosts = 0.0.0.0/0
 
[/settings/WEB/server/users/Sup]
password = P@ssw0rd
role=limited

Multi instance - Multiple NSClient++

nscp service --install --name nscp2

Source : https://nsclient.org/docs/installing/

Old

[Settings]
use_file=1
 
[modules]
NRPEListener.dll
NSClientListener.dll
;CheckWMI.dll
CheckSystem.dll

If you want to fill this file with all available options run the following command:

nscp settings --generate --add-defaults --load-all

If you want to activate a module and bring in all its options use:

nscp settings --activate-module <MODULE NAME> --add-defaults

For details run:

nscp settings --help

Notes

NSCA - Nagios Service Check Acceptor : Supervision en mode actif

Err

# /usr/lib64/nagios/plugins/check_nt -H 10.12.50.61 -p 12489 -s 'P@ssw0rd' -v UPTIME
could not fetch information from server

Solution

Dans mon cas il fallait autoriser le serveur Nagios par son nom ou son IP dans le fichier NSC.ini

2025/04/15 15:22 · Jean-Baptiste

nagios, centreon, windows, rest, supervision

Monter un ficher VMDK

Voir aussi :

https://gist.github.com/PedroCavaleiro/43e4a19a6bec21bc7c587b3bbb966265

Voir :

supermin (utilisé en backend par virt-filesystems)

Install

apt-get install libguestfs-tools
#apt-get install linux-image-generic

Lister les partitions

# virt-filesystems -a plop_disk0.vmdk
/dev/sda1
/dev/vghome/lvhome
/dev/vgsyst/lvopt
/dev/vgsyst/lvroot
/dev/vgsyst/lvtmp
/dev/vgsyst/lvusr
/dev/vgsyst/lvvar

Montage de la partition

mkdir -p /mnt/vm/root
guestmount -a plop_disk0.vmdk -m /dev/vgsyst/lvroot --ro /mnt/vm/root

Autre

Debug de virt-filesystems

export LIBGUESTFS_DEBUG=1 LIBGUESTFS_TRACE=1

Err - error mount_options mount exited with status 32 mount /sysroot: can't read superblock

# guestmount -a PLOP_disk0.vmdk -m /dev/vghome/lvhome /mnt/vm/home/
libguestfs: error: mount_options: mount exited with status 32: mount: /sysroot: can't read superblock on /dev/mapper/vghome-lvhome.
       dmesg(1) may have more information after failed mount system call.
guestmount: ‘/dev/vghome/lvhome’ could not be mounted.
guestmount: Did you mean to mount one of these filesystems?
guestmount:     /dev/sda1 (ext3)
guestmount:     /dev/vghome/lvhome (ext3)

Solution

Monter la partition en lecture seule

guestmount -a PLOP_disk0.vmdk -m /dev/vghome/lvhome --ro /mnt/vm/home/

2025/04/09 15:59 · Jean-Baptiste

fs, vm, block, vmdk

Lancer des applications Android sous GNU Linux

Voir :

Anbox
Waydroid (wayland)
https://it-admin.tg/ubuntu-24-04-avec-waydroid/

WayDroid

WayDroid fonctionne sous Wayland

waydroid first-launch

Err WayDroid session is stopped

Solution

waydroid container start

2025/04/07 14:15 · Jean-Baptiste

Note crack ASM Assembly reverse

Voir :

https://ctftime.org/writeup/16052

2025/04/04 17:44 · Jean-Baptiste

asm, crack, exe

Pb plugin Nagios centreon NSClient 403

Getting response 403 Your not allowed from NSClient++ running on Windows over the REST API but curl ok

Problème

https://community.icinga.com/t/getting-response-403-your-not-allowed-from-nsclient-running-on-windows-over-the-rest-api/4005

$ /usr/lib/centreon/plugins/centreon_nsclient_restapi.pl --plugin=apps::nsclient::restapi::plugin --mode=query --hostname='192.168.1.161' --port='8443' --proto='https' --legacy-password='centreon' --insecure --command=check_cpu --arg="warning=time = '5m' and load > 80" --arg="critical=time = '5m' and load > 90" --arg=show-all
UNKNOWN: 403 Forbidden

Alors que le curl fonctionne

curl -k -u centreon:centreon https://192.168.1.161:8443/api/v1/scripts/ext?all=true

Analyse - Création d'un MITM HTTPS avec socat

Décapsuler HTTPS en créant un MITM HTTP (HTTPS to HTTP)

socat TCP-LISTEN:8080,fork OPENSSL:10.12.50.161:8443,verify=0

Création des certificats pour encapsulation HTTPS (HTTP to HTTPS)

Voir :

FQDN=localhost
 
#openssl genrsa -out plop.key 2048
#openssl req -new -key plop.key -x509  -subj '/CN=localhost'  -out plop.cert
#cat plop.key plop.cert > plop.pem
 
# Ou 
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout plop.key -out plop.crt

Résultats

Test OK

curl -k -u centreon:centreon https://127.0.0.1:1443/api/v1/scripts/ext?all=true

[root@centreon-central ~]# PORT=1443 FQDN=localhost
[root@centreon-central ~]# socat -v -ls OPENSSL-LISTEN:${PORT},reuseaddr,cert=${FQDN}.pem,verify=0,crlf,fork TCP4:localhost:8080
> 2025/04/04 12:27:38.353691  length=146 from=0 to=145
GET /api/v1/scripts/ext?all=true HTTP/1.1
Host: 127.0.0.1:1443
Authorization: Basic Y2VudHJlb246Y2VudHJlb24=
User-Agent: curl/7.61.1
Accept: */*

< 2025/04/04 12:27:38.378346  length=1681 from=0 to=1680
HTTP/1.1 200\r\r
Content-Length: 1544\r\r
Set-cookie: token=yapnxrpMCARCr4zdGc81tBDKsMlaZTXC; path=/\r\r
Set-cookie: uid=centreon; path=/\r\r
\r\r

Test NOK

/usr/lib/centreon/plugins/centreon_nsclient_restapi.pl --plugin=apps::nsclient::restapi::plugin --mode=query --hostname='127.0.0.1' --port='1443' --proto='https' --legacy-password='centreon' --insecure --command=check_cpu --arg="warning=time = '5m' and load > 80" --arg="critical=time = '5m' and load > 90" --arg=show-all
UNKNOWN: 403 Forbidden

[root@centreon-central ~]# socat -v -ls OPENSSL-LISTEN:${PORT},reuseaddr,cert=${FQDN}.pem,verify=0,crlf,fork TCP4:localhost:8080
> 2025/04/04 12:34:59.797373  length=315 from=0 to=314
GET /query/check_cpu?warning%3Dtime%20%3D%20%275m%27%20and%20load%20%3E%2080&critical%3Dtime%20%3D%20%275m%27%20and%20load%20%3E%2090&show-all HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: Keep-Alive, TE
Host: 127.0.0.1:1443
User-Agent: centreon::plugins::backend::http::useragent
Password: centreon

< 2025/04/04 12:34:59.804956  length=59 from=0 to=58
HTTP/1.1 403\r\r
Content-Length: 20\r\r
\r\r
403 Your not allowed

Solution

Ajouter les arguments ci-dessous pour l'authentification “basic”

--basic
--credentials
--username=centreon
--password=centreon

/usr/lib/centreon/plugins/centreon_plugins --plugin=apps::nsclient::restapi::plugin --mode=query --hostname='192.168.1.161' --port='8443' --proto='https' --basic --credentials --username=centreon --password=centreon --insecure --command=check_cpu --arg="warning=time = '5m' and load > 80" --arg="critical=time = '5m' and load > 90" --arg=show-all

Autres socat

Pour test

socat -v -ls OPENSSL-LISTEN:${PORT},reuseaddr,cert=${FQDN}.pem,verify=0,crlf,fork SYSTEM:"echo HTTP/1.0 200; echo Content-Type\: text/plain; echo; echo \"hello from $(hostname) at \$(date)\""

2025/04/04 14:18 · Jean-Baptiste

windows, nagios, centreon, supervision, https, tls, mitm

<< Billets récents | Anciens billets >>

blog.txt · Dernière modification : 2025/03/24 15:06 de 127.0.0.1