Created attachment 215138 [details] NRPEv4 New port for NRPE4. I found this port as nrpe3 is marked as outdated but there is no new version since 2017, as only v4 receives update. V4 also introduces TLS1.3 support. I took the Makefile from nrpe3 and adjusted to newest version. - portlint -A is happy - poudriere builds fine on 12.1 64bit - poudriere testport runs fine on 12.1 64bit - pkg installs fine and nagios checks a handled correctly I decided to add a new port since the existing port is labeld as nrpe3, and with nrpe4 you need to add an additional parameter to make it backward compatible (which would break existing setups).
zeising@, sorry for adding you CC, but since you maintain nrpe3 maybe you want to have look.
(In reply to Michael Muenz from comment #1) Don't apologize, it's ok to ask for help and reviews. :) Is there anything in nrpe4 that breaks nrpe3 setups (I haven't looked myself). Otherwise, it might make sense to simply update nrpe3 to this version (and rename it) rather than have both versions. What do you think?
I'm open for both options but it seems when nrpe v4 wants to contact an instance of nrpe v3 (like when when you update the package on the server and not the agents), you have to adjust the syntax to use v3 full backwards compatibility. It should work [1] as the changelog for 4.0.0 states, but I can't test all scenarios. [1]https://github.com/NagiosEnterprises/nrpe/blob/master/CHANGELOG.md
Sorry for sitting on this, I had forgot about it. I believe the best way is to simply update nrpe to 4.0. If anyone still needs nrpe3, a separate port for that can be created.
Michael Muenz, are you OK with simply replacing NRPE3 with NRPE4? Do you want to maintain NRPE4?
Hi Niclas, sorry for late reply, was on vacation. I'm not sure how this works since older port is called nrpe3. For me this sounds like creating a port "nrpe" and remove "nrpe3"? Again, I'm unsure if this breaks existing setups when nrpe3 will be upgraded to v4. I can take maintainership if there are no concerns. Best, Michael
Thank you both for working on this. Two minor items I have noticed so far while testing. 1. In the event that both nrpe3 and nrpe4 appear in the ports tree concurrently, they will either need to be marked in CONFLICT with each other, or (perhaps better) their config files de-conflicted (sample, pkg-message, and rc script). % pkg info -lF nrpe3-3.2.1.txz nrpe3-3.2.1: /usr/local/share/licenses/nrpe3-3.2.1/catalog.mk /usr/local/share/licenses/nrpe3-3.2.1/LICENSE /usr/local/share/licenses/nrpe3-3.2.1/GPLv2+ /usr/local/etc/nrpe.cfg.sample /usr/local/libexec/nagios/check_nrpe3 /usr/local/sbin/nrpe3 /usr/local/etc/rc.d/nrpe3 % pkg info -lF nrpe4-4.0.3.txz nrpe4-4.0.3: /usr/local/share/licenses/nrpe4-4.0.3/catalog.mk /usr/local/share/licenses/nrpe4-4.0.3/LICENSE /usr/local/share/licenses/nrpe4-4.0.3/GPLv2 /usr/local/etc/nrpe.cfg.sample /usr/local/libexec/nagios/check_nrpe4 /usr/local/sbin/nrpe4 /usr/local/etc/rc.d/nrpe4 2. The config sample sets the PID location, which takes precedence over the port-configured default. pid_file=/var/nrpe.pid However, when I comment this out, the pid file is not written to where I expect it to be. Curiously, I have been unable to find the pid file, but the rc script is still able to status and stop the running process. This may affect nrpe3 as well. I haven't checked.
Hello, yes this affects nrpe3 as well. if commenting out the pid file, the default specified in /usr/local/etc/rc.d/nrpe3 doesnt work. Only works if set via nrpe.cfg. the default pid_file is dangerous because this sets /var to nagios:wheel.
Maintainer reset.
I am monitoring some linux systems which have nrpe 4.0.x and on them the syslog gets below messages on each check, even if the check itself works fine: May 22 19:30:18 examplehostname nrpe[27333]: Error: (use_ssl == true): Request packet version was invalid! May 22 19:30:18 examplehostname nrpe[27333]: Could not read request from client 62.12.173.3, bailing out... May 22 19:30:18 examplehostname nrpe[27333]: INFO: SSL Socket Shutdown. Seems to be related to an issue with still using check_nrpe3 (3.2.1) from the Nagios server, see https://support.nagios.com/forum/viewtopic.php?t=59064 Would be really nice to have nrpe updated to the latest 4.0.3 release. I guess renaming the port to net-mgmt/nrpe is probably the best solution, as based on https://github.com/NagiosEnterprises/nrpe/releases it is still the same project. And based on the note at https://github.com/NagiosEnterprises/nrpe it is marked as "deprecated" and will only receive security fixes. So no big changes will happen in the future anyway.
(In reply to Fabian Wenk from comment #10) I just discovered that when in the remote nrpe 4.0.x the config option 'disable_syslog=1' is set, the mention messages are not logged any more. But sure, this is more a workaround then a real solution.
Confirm, net-mgmt/nrpe3 obsolete, and require set `-3` option. nrpe support v4 protocol. if need update or portcommiter for this patch, i'm take this.
(In reply to Michael Muenz from comment #6) > I can take maintainership if there are no concerns. Now that net-mgmt/nrpe3 has no maintainer, perhaps the best way to get this moving again is to re-affirm your interest in becoming the maintainer.
Sure :) Been a long time working on v4 but it isn't rocket science. So you want to rename nrpe3 to nrpe or just add this port and timeout the version 3?
(In reply to Michael Muenz from comment #14) As I have mention in my comment #10, renaming the port to just nrpe is probably a good solution. But please also add a pkg-message file to notify users that they have to adjust their configuration: When using the nrpe server the currently used nrpe3_enable= option in rc.conf needs to be changed. And on systems where the Nagios server is running, the command name in the corresponding command definition needs to be change from the currently used check_nrpe3 to probably check_nrpe4. Maybe also mention, that check_nrpe4 may need the -3 option for checking nrpe3 servers.
This bug appears to be OBE due to https://cgit.freebsd.org/ports/commit/?id=55338de6ad307f8e296f41dd83ce7efa1d9918a8 commit 55338de6ad307f8e296f41dd83ce7efa1d9918a8 Author: Muhammad Moinur Rahman <bofh@FreeBSD.org> Date: Wed May 3 03:15:59 2023 +0200 net-mgmt/nrpe: Resurrect port with new version THIS WILL REPLACE net-mgmt/nrpe3 WHICH FAILS TO BUILD WITH OpenSSL 3.0.0 and later. nrpe is used to execute Nagios plugins on remote hosts and report the results to the main Nagios server. From the Nagios homepage: Allows you to execute "local" plugins (like check_disk, check_procs, etc.) on remote hosts. The check_nrpe plugin is called from Nagios and actually makes the plugin requests to the remote host. Requires that nrpe be running on the remote host (either as a standalone daemon or as a service under inetd).