Problem

Several security issues have been logged against the older version of Nagios that has been included in GroundWork Monitor. While these are generally difficult to trigger, and the vectors for some of them are not even available in the GroundWork context, it seemed sensible to provide an upgrade to the latest Nagios release (GroundWork internal case GWMON-12847) to assuage any concerns.

Separately from the Nagios version itself, while developing the upgrade, we noticed a very small window of opportunity still existed for loss of data received by the Bronx event broker used by GroundWork Monitor, right around the time that Nagios gets restarted. That window has been closed with this upgrade (GroundWork internal case GWMON-10412).

This patch was designed to be compatible with GWME-7.1.1, and is referred to here GWME-7.1.1-4 - Nagios 4.3.1.

Solution

Nagios and its related CGI programs and associated artifacts are replaced with the upgraded versions. The Bronx event broker module is replaced with a version that adapts to changes in the Nagios internal data structures. A few small adjustments are made in the Monarch configuration code to adapt to this new Nagios release.

Installation

Step 1: Download the patch files.

Step 2: Decompress the install script in a location that is accessible, and make it executable.

tar zxvf TB7.1.1-4.tgz
chmod +x TB7.1.1-4_install

Step 3: Place the groundwork-7.1.1-nagios-4.3.1-upgrade-files.tar.gz file in the /tmp directory so the install script knows how to find it.

Step 4: Stop Nagios.

service groundwork stop nagios

Step 5: Run the install script, and respond to the prompts.

./TB7.1.1-4_install

Step 6: Start Nagios.

service groundwork start nagios

Uninstallation

Step 1: Make the uninstall script executable.

chmod +x TB7.1.1-4_uninstall

Step 2: Stop Nagios.

service groundwork stop nagios

Step 3: Run the uninstall script, and respond to the prompts.

./TB7.1.1-4_uninstall

Step 4: Start Nagios.

service groundwork start nagios