Cannot execute binary file - Zabbix external scripts on CentOS

Question

Problem: We use Zabbix as monitoring system. In addition to using its built in items, we also use something called external scripts feature (this), where custom scripts can be written and called via Zabbix. The problem facing here is its getting timed out. Script is simple expect file which goes inside a device and pulls some data. This works when called via root. But when called via Zabbix user, its complaining

/usr/bin/expect: /usr/bin/expect: cannot execute binary file

Script looks like this,

#!/usr/bin/expect
set host "IP_ADDRESS"
set uname "username"
set pwd "password"
set prompt "#|>|:|\\\$";
set val ""
set domain [lindex $argv 0]
log_user 0
set timeout -1
spawn /usr/bin/ssh "$uname@$host"
expect "$uname@$host's password:"
send "$pwd\n"
sleep 1
#expect -re "$prompt"
expect ">"
sleep 1
send "show wireless rf-domain statistics detail on $domain | grep Signals\r"
sleep 1
expect  ">"
set val $expect_out(buffer)
send "exit\n"
puts $val

This is named as rf_signal.exp. Its called via a wrapper shell script named rf_signal.

#!/bin/bash
val=$(/usr/bin/expect '/usr/local/etc/scripts/rf_signal.exp' $1 | grep 'RF Signals' | cut -d':' -f2 | cut -d',' -f1 | cut -d' ' -f3 | sed -e 's/\s//g') 
echo "$val"

And if called as root, this works fine for example

[root@zbx-proxy2 externalscripts]# pwd
/usr/local/share/zabbix/externalscripts
[root@zbx-proxy2 externalscripts]# whoami
root
[root@zbx-proxy2 externalscripts]# /usr/local/share/zabbix/externalscripts/rf_signal DOMAIN_NAME
241
[root@zbx-proxy2 externalscripts]#

Where as if I call as zabbix user I am getting, cannot execute binary file error. With expect as a path

[root@zbx-proxy2 externalscripts]# runuser -l zabbix /usr/bin/expect /usr/local/share/zabbix/externalscripts/rf_signal 
/usr/bin/expect: /usr/bin/expect: cannot execute binary file
[root@zbx-proxy2 externalscripts]#

Without expect as a path, it waits -

[root@zbx-proxy2 externalscripts]# runuser -l zabbix  /usr/local/share/zabbix/externalscripts/rf_signal

PSTree command output shows it calls expect and contents inside the file

[root@zbx-proxy2 ~]# pstree -p 26295
runuser(26295)---bash(26296)---bash(26309)-+-cut(26312)
                                           |-cut(26313)
                                           |-cut(26314)
                                           |-expect(26310)---ssh(26316)
                                           |-grep(26311)
                                           `-sed(26315)

PS details.

[root@zbx-proxy2 ~]# ps aux | grep zabbix  | grep -v "proxy\|agent\|fping"
root     26295  0.0  0.0 130700  1388 pts/3    S+   15:46   0:00 runuser -l zabbix /usr/local/share/zabbix/externalscripts/rf_signal
zabbix   26296  0.0  0.0 108184  1628 pts/3    S+   15:46   0:00 -bash /usr/local/share/zabbix/externalscripts/rf_signal
zabbix   26309  0.0  0.0 108184   576 pts/3    S+   15:46   0:00 -bash /usr/local/share/zabbix/externalscripts/rf_signal
zabbix   26310  0.0  0.0 115336  2260 pts/3    S+   15:46   0:00 /usr/bin/expect /usr/local/etc/scripts/rf_signal.exp
zabbix   26311  0.0  0.0 103260   868 pts/3    S+   15:46   0:00 grep RF Signals
zabbix   26312  0.0  0.0 100972   676 pts/3    S+   15:46   0:00 cut -d: -f2
zabbix   26313  0.0  0.0 100972   672 pts/3    S+   15:46   0:00 cut -d, -f1
zabbix   26314  0.0  0.0 100972   676 pts/3    S+   15:46   0:00 cut -d  -f3
zabbix   26315  0.0  0.0 105268   872 pts/3    S+   15:46   0:00 sed -e s/\s//g
zabbix   26316  0.0  0.0  59856  3220 pts/14   Ss+  15:46   0:00 /usr/bin/ssh username@IP_ADDRESS
root     26688  0.0  0.0 105324   912 pts/7    S+   15:47   0:00 grep zabbix
[root@zbx-proxy2 ~]#

All the scripts have read and execute permissions to all the users. And expect/grep/cut - whatever used inside the scripts are having read/execute permissions. What could be the issue?

Why not use the built-in Zabbix SSH items - https://www.zabbix.com/documentation/3.4/manual/config/items/itemtypes/ssh_checks ? — Richlv, Feb 12 '18 at 14:55
I can't use ssh items as i need to parse and generate pretty output hence the shell script wrapper. — Shekar, Feb 12 '18 at 15:22
Really bad, despite requesting not to downvote, someone wants deliberately downvote and discourage posting in stackoverflow. — Shekar, Feb 12 '18 at 15:24

AnythingIsFine · Answer 1 · 2018-02-12T13:38:13.923

0

I would suggest you use:

su - zabbix -c "/usr/local/share/zabbix/externalscripts/rf_signal"

to run the script instead of runuser.

Usually, the zabbix user has /sbin/nologin set up as a login shell, which means you won't be able to login via ssh onto the respective server. You may check /etc/passwd on the remote server to verify this.

As an additional note, you may use expect -d to enable debug in your expect script and see where it fails. Set expect's timeout to a different value like 180 (3 minutes) as opposed to -1 otherwise it will never exit.

edited Feb 12 '18 at 13:38

answered Feb 12 '18 at 13:24

AnythingIsFine

1,777
13
11

I got the same result of can't run binary file to su -, hence used runuser. Inside the script its not using zabbix as a user to do ssh, but a different username which is hardcoded inside the script. Let me try with expect -d and setting 180s timeout. – Shekar Feb 12 '18 at 15:19

Cannot execute binary file - Zabbix external scripts on CentOS

1 Answers1