[mrtg] Permission denied at /usr/bin/../lib64/mrtg2/MRTG_lib.pm line 1580
Courtney, Wrolf
Wrolf.Courtney at nyct.com
Sun Sep 28 22:47:37 CEST 2014
Thanks, but it seems that it was a SELinux issue. I posted the resolution earlier.
The .ok.ok message is due to a bug in the error message at line 1580, it appends an erroneous extra .ok to the name of the cache file in the error message. The code around there is kind of grungy, looks like the cfg fle and cache file variable names are swapped, but it runs just fine.
The cron job is just fine, it was already working for all the other .cfg files, it works unchanged now that I resolved the SELinux issue. Not a DAC issue, since I run the cron job as root.
Thanks again for your help.
Wrolf
________________________________________
From: Steve Shipway [s.shipway at auckland.ac.nz]
Sent: Wednesday, September 24, 2014 5:48 PM
To: Courtney, Wrolf; mrtg at lists.oetiker.ch
Subject: RE: [mrtg] Permission denied at /usr/bin/../lib64/mrtg2/MRTG_lib.pm line 1580
Well, for a start, your cron job appears to have a bug, as it is calling MRTG passing the .ok file as a parameter instead of just using the .cfg files. The .ok file is a cache generated by a successful MRTG pass in the same directory as the cfg file.
Secondly, you need to grant your MRTG process write permission to the /etc/mrtg directory so that it can create these .ok files for the real .cfg files. When you run from the command line, you’re likely running as your own user or as root, and so have permission; but the user you run the MRTG cron job as does not have permission (possibly you wrap it in a su wrapper or something). It is also possible that, though the directory is writeable, the file /etc/mrtg/00255520WLC1.ok.ok already exists in there but is not writeable, resulting in the error. Check that this file doesn’t exist and view its permissions if it does; however, I think its very existence is due to the first error I mentioned above.
Steve
Steve Shipway
s.shipway at auckland.ac.nz
From: mrtg [mailto:mrtg-bounces+s.shipway=auckland.ac.nz at lists.oetiker.ch] On Behalf Of Courtney, Wrolf
Sent: Thursday, 25 September 2014 1:34 a.m.
To: mrtg at lists.oetiker.ch
Subject: [mrtg] Permission denied at /usr/bin/../lib64/mrtg2/MRTG_lib.pm line 1580
I get the following error on one of my MRTG config files when I run it from a cron job. I do not get the error when I run it from the command line. I have plenty of other config files run from the same cron job that run just fine.
ERROR: writing /etc/mrtg/00255520WLC1.ok.ok: Permission denied at /usr/bin/../lib64/mrtg2/MRTG_lib.pm line 1580.
Anyone seen this before?
Wrolf Courtney
Contents of /etc/cron.d/mrtg
LANG=C
0-59/5 * * * * root bash -c "ls /etc/mrtg/*.cfg | xargs -l /usr/bin/mrtg"
Contents of /etc/mrtg/00255520WLC1.cfg (showing first interface only)
# Created by
# /usr/bin/cfgmaker --ifref=name --ifdesc=descr --output=/etc/mrtg/00255520WLC1.
cfg --global "WorkDir: /var/www/mrtg/00255520WLC1" --global "Options[_]: growrig
ht,bits" --snmp-options=:::::2 public at 10.3.3.1<mailto:public at 10.3.3.1>
### Global Config Options
# for UNIX
# WorkDir: /home/http/mrtg
# or for NT
# WorkDir: c:\mrtgdata
### Global Defaults
# to get bits instead of bytes and graphs growing to the right
# Options[_]: growright, bits
EnableIPv6: no
WorkDir: /var/www/mrtg/00255520WLC1
Options[_]: growright,bits
######################################################################
# System: 00255520WLC1-1
# Description: Ethernet Routing Switch 5520-48T-PWR HW:35 FW:6.0.0.6 SW
:v6.0.3.008 BN:08 (c) Nortel Networks
# Contact: NCSO - 646 252-5700
# Location: 331 Bay Street SIRR
######################################################################
### Interface 1 >> Descr: 'Nortel-Ethernet-Routing-Switch-5520-48T-PWR-Module---
Port-1' | Name: 'ifc1 (Slot: 1 Port: 1)' | Ip: '' | Eth: '' ###
Target[10.3.3.1_ifc1_(Slot_1_Port_1)]: #ifc1\ (Slot\:\ 1\ Port\:\ 1):public@
10.3.3.1:::::2
SetEnv[10.3.3.1_ifc1_(Slot_1_Port_1)]: MRTG_INT_IP="" MRTG_INT_DESCR="Nortel-
Ethernet-Routing-Switch-5520-48T-PWR-Module---Port-1"
MaxBytes[10.3.3.1_ifc1_(Slot_1_Port_1)]: 1250000
Title[10.3.3.1_ifc1_(Slot_1_Port_1)]: Nortel Ethernet Routing Switch 5520-48T
-PWR Module - Port 1 -- 00255520WLC1-1
PageTop[10.3.3.1_ifc1_(Slot_1_Port_1)]: <h1>Nortel Ethernet Routing Switch 55
20-48T-PWR Module - Port 1 -- 00255520WLC1-1</h1>
<div id="sysdetails">
<table>
<tr>
<td>System:</td>
<td>00255520WLC1-1 in 331 Bay Street SIR
R</td>
</tr>
<tr>
<td>Maintainer:</td>
<td>NCSO - 646 252-5700</td>
</tr>
<tr>
<td>Description:</td>
<td>Nortel-Ethernet-Routing-Switch-5520-
48T-PWR-Module---Port-1 </td>
</tr>
<tr>
<td>ifType:</td>
<td>ethernetCsmacd (6)</td>
</tr>
<tr>
<td>ifName:</td>
<td>ifc1 (Slot: 1 Port: 1)</td>
</tr>
<tr>
<td>Max Speed:</td>
<td>10.0 Mbits/s</td>
</tr>
</table>
</div>
More information about the mrtg
mailing list