Nagios Check Using IP Address Instead of localhost

Hello everyone -

I have Nagios checks set up on a MySQL Replication slave. These checks have been working just fine for two years.
Suddenly this morning, we are seeing errors indicating:
"Access denied for user nagios@10.##.##.##"

The nagios user exists in the MySQL server as nagios@locahost

So, the 'quick-fix' is to add the MySQL account nagios@10.##.##.##     - but -  I have been asked to find out what actually happened here.

I am unable to find any DNS errors in the MySQL error log (as I have seen on other occasions on other servers in the past).

The /etc/hosts file does NOT have an entry associating the IP address with localhost

/var/log/messages also contains no DNS messages.

Has anyone ever seen this before?
I performed some searches here and on Google, but I'm not finding much that exists out there about this -
Thanks in advance for any ideas you might be able to send my way.

/David C.
LVL 2
learningtechnologiesAsked:
Who is Participating?
 
arnoldCommented:
You have to make sure that nagios user has rights to login from 10.* or % as anywhere.

you either need to within mysql update mysql.user set host='%' where user=nagios;
flush privileges;

When the account was added it was limited to localhost login only.
0
 
learningtechnologiesAuthor Commented:
Thank you, Arnold -

You're correct. As I wrote above: "So, the 'quick-fix' is to add the MySQL account nagios@10.##.##.##    - but -  I have been asked to find out what actually happened here."

And I think I may have figured it out on my own.

This Slave was recently restored from a mysqlbackup from the master in order to re-establish replication.  The nagios@10.##.##.## account did not exist on the master.  It only existed on the slave.

When the master data was restored, nagios@localhost was the only nagios account that existed.

To solve the problem, I am going to add the nagios@10.##.##.## account to the Master - which will replicate to the Slave - and prevent this same situation from developing again at some point in the future.

Many thanks to Arnold and everyone else who took the time to have a look at this - I appreciate your help!

/David C.
0
 
learningtechnologiesAuthor Commented:
Figured this out on my own, but Arnold was on the right track.
0
 
arnoldCommented:
nagios@localhost will be seen as a different user than nagios@10.x.x.x.
If you want to have one nagios account accessible from multiple location with a single password, use % for host i.e nagios@% will work for nagios@localhost and nagios@anyhost.

Presumably the nagios account is limited to performing select on a specific test database versus being able to query any database on the server.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.