[Pkg-nagios-devel] Bug#848343: ITP: nrpe-ng -- The next generation Nagios Remote Plugin Executor

Sebastiaan Couwenberg sebastic at xs4all.nl
Fri Dec 16 15:54:22 UTC 2016


On 12/16/2016 04:24 PM, Chris Boot wrote:
> On 16/12/16 12:32, Sebastiaan Couwenberg wrote:
>> On 12/16/2016 01:02 PM, Chris Boot wrote:
>>> This is a rewrite from the ground up of NRPE. This set of programs
>>> allows you to run Nagios check scripts on a remote host.
>>>
>>> Its main selling points are:
>>> - nearly drop-in NRPE replacement
>>> - real, proper TLS/SSL with keys/certificates
>>> - safer command-line argument passing
>>> - support for named command-line arguments
>>>
>>> I plain to maintain both the Debian package and continue upstream
>>> development with a colleague for my employer, Tiger Computing, on
>>> company time.
>>
>> Will you maintain this package under the pkg-nagios umbrella?
> 
> It had not occurred to me to do so, but I don't see any reason not to
> particularly. I've added pkg-nagios-devel to the Cc list; does anyone on
> that list have any strong feelings either way? If not, I propose that we
> might as well do so.

Maintaining nrpe-ng outside of the pkg-nagios team doesn't make sense to
me, pretty much all the Nagios related packages are maintained under its
umbrella. I strongly encourage you to maintain nrpe-ng within the team,
please join via: https://alioth.debian.org/projects/pkg-nagios/

>> And how does the TLS/SSL support compare to the reworked TLS/SSL support
>> in NRPE 3.x?
> 
> I was unaware of NRPE 3.x until you mentioned it. I started work on
> nrpe-ng a couple of years ago for my own use before I filed this ITP. It
> appears as though the TLS/SSL support is similar: both the server and
> the client/plugin check each others' certificates and hostnames for
> validity, and only modern crypto is allowed.
> 
> I guess the main difference between the two programs now is that mine
> permits argument passing still, while this is disabled in nagios-nrpe.
> Mine is also written using Python rather than C, and the protocol is
> effectively just an HTTP request wrapped in SSL so it's potentially
> proxiable, for example.

Having more alternatives to the packages for which Nagios Enterprises is
upstream is probably a good thing, although the popularity of Icinga has
forced them to open up their development to the community, which
resulted in the recent new NRPE and NSCA releases.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-nagios-devel/attachments/20161216/76463dcb/attachment.sig>


More information about the Pkg-nagios-devel mailing list