Nagios Check Using IP Address Instead of localhost
Hello everyone -
I have Nagios checks set up on a MySQL Replication slave. These checks have been working just fine for two years.
Suddenly this morning, we are seeing errors indicating:
"Access denied for user nagios@10.##.##.##"
The nagios user exists in the MySQL server as nagios@locahost
So, the 'quick-fix' is to add the MySQL account nagios@10.##.##.## - but - I have been asked to find out what actually happened here.
I am unable to find any DNS errors in the MySQL error log (as I have seen on other occasions on other servers in the past).
The /etc/hosts file does NOT have an entry associating the IP address with localhost
/var/log/messages also contains no DNS messages.
Has anyone ever seen this before?
I performed some searches here and on Google, but I'm not finding much that exists out there about this -
Thanks in advance for any ideas you might be able to send my way.
/David C.
I have Nagios checks set up on a MySQL Replication slave. These checks have been working just fine for two years.
Suddenly this morning, we are seeing errors indicating:
"Access denied for user nagios@10.##.##.##"
The nagios user exists in the MySQL server as nagios@locahost
So, the 'quick-fix' is to add the MySQL account nagios@10.##.##.## - but - I have been asked to find out what actually happened here.
I am unable to find any DNS errors in the MySQL error log (as I have seen on other occasions on other servers in the past).
The /etc/hosts file does NOT have an entry associating the IP address with localhost
/var/log/messages also contains no DNS messages.
Has anyone ever seen this before?
I performed some searches here and on Google, but I'm not finding much that exists out there about this -
Thanks in advance for any ideas you might be able to send my way.
/David C.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Figured this out on my own, but Arnold was on the right track.
nagios@localhost will be seen as a different user than nagios@10.x.x.x.
If you want to have one nagios account accessible from multiple location with a single password, use % for host i.e nagios@% will work for nagios@localhost and nagios@anyhost.
Presumably the nagios account is limited to performing select on a specific test database versus being able to query any database on the server.
If you want to have one nagios account accessible from multiple location with a single password, use % for host i.e nagios@% will work for nagios@localhost and nagios@anyhost.
Presumably the nagios account is limited to performing select on a specific test database versus being able to query any database on the server.
ASKER
You're correct. As I wrote above: "So, the 'quick-fix' is to add the MySQL account nagios@10.##.##.## - but - I have been asked to find out what actually happened here."
And I think I may have figured it out on my own.
This Slave was recently restored from a mysqlbackup from the master in order to re-establish replication. The nagios@10.##.##.## account did not exist on the master. It only existed on the slave.
When the master data was restored, nagios@localhost was the only nagios account that existed.
To solve the problem, I am going to add the nagios@10.##.##.## account to the Master - which will replicate to the Slave - and prevent this same situation from developing again at some point in the future.
Many thanks to Arnold and everyone else who took the time to have a look at this - I appreciate your help!
/David C.