예제 #1
0
int xml_config_log(const xml_config_t *config)
{
	char *facility = NULL, *level = NULL;
	int ret = OBIX_ERR_INVALID_ARGUMENT;

	if (!(level = xml_config_get_str(config, XP_LOG_LEVEL))) {
		log_error("Failed to get %s settings", XP_LOG_LEVEL);
		goto failed;
	}

	if (!(facility = xml_config_get_str(config, XP_LOG_FACILITY))) {
		log_error("Failed to get %s settings", XP_LOG_FACILITY);
		goto failed;
	}

	log_useSyslog(get_log_facility(facility));
	log_setLevel(get_log_level(level));

	ret = OBIX_SUCCESS;

	/* Fall through */

failed:
	if (facility) {
		free(facility);
	}

	if (level) {
		free(level);
	}

	return ret;
}
예제 #2
0
int main(int argc, char **argv){
	int result=OK;
	int x;
	char buffer[MAX_INPUT_BUFFER];
	char *env_string=NULL;
#ifdef HAVE_SSL
	DH *dh;
	char seedfile[FILENAME_MAX];
	int i,c;
#endif

	/* set some environment variables */
	asprintf(&env_string,"NRPE_MULTILINESUPPORT=1");
	putenv(env_string);
	asprintf(&env_string,"NRPE_PROGRAMVERSION=%s",PROGRAM_VERSION);
	putenv(env_string);

	/* process command-line args */
	result=process_arguments(argc,argv);

        if(result!=OK || show_help==TRUE || show_license==TRUE || show_version==TRUE){

		printf("\n");
		printf("NRPE - Nagios Remote Plugin Executor\n");
		printf("Copyright (c) 1999-2008 Ethan Galstad ([email protected])\n");
		printf("Version: %s\n",PROGRAM_VERSION);
		printf("Last Modified: %s\n",MODIFICATION_DATE);
		printf("License: GPL v2 with exemptions (-l for more info)\n");
#ifdef HAVE_SSL
		printf("SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required\n");
#endif
#ifdef HAVE_LIBWRAP
		printf("TCP Wrappers Available\n");
#endif
		printf("\n");
#ifdef ENABLE_COMMAND_ARGUMENTS
		printf("***************************************************************\n");
		printf("** POSSIBLE SECURITY RISK - COMMAND ARGUMENTS ARE SUPPORTED! **\n");
		printf("**      Read the NRPE SECURITY file for more information     **\n");
		printf("***************************************************************\n");
		printf("\n");
#endif
#ifndef HAVE_LIBWRAP
		printf("***************************************************************\n");
		printf("** POSSIBLE SECURITY RISK - TCP WRAPPERS ARE NOT AVAILABLE!  **\n");
		printf("**      Read the NRPE SECURITY file for more information     **\n");
		printf("***************************************************************\n");
		printf("\n");
#endif
	        }

	if(show_license==TRUE)
		display_license();

	else if(result!=OK || show_help==TRUE){

		printf("Usage: nrpe [-n] -c <config_file> <mode>\n");
		printf("\n");
		printf("Options:\n");
		printf(" -n            = Do not use SSL\n");
		printf(" <config_file> = Name of config file to use\n");
		printf(" <mode>        = One of the following two operating modes:\n");  
		printf("   -i          =    Run as a service under inetd or xinetd\n");
		printf("   -d          =    Run as a standalone daemon\n");
		printf("\n");
		printf("Notes:\n");
		printf("This program is designed to process requests from the check_nrpe\n");
		printf("plugin on the host(s) running Nagios.  It can run as a service\n");
		printf("under inetd or xinetd (read the docs for info on this), or as a\n");
		printf("standalone daemon. Once a request is received from an authorized\n");
		printf("host, NRPE will execute the command/plugin (as defined in the\n");
		printf("config file) and return the plugin output and return code to the\n");
		printf("check_nrpe plugin.\n");
		printf("\n");
		}

        if(result!=OK || show_help==TRUE || show_license==TRUE || show_version==TRUE)
		exit(STATE_UNKNOWN);


	/* open a connection to the syslog facility */
	/* facility name may be overridden later */
	get_log_facility(NRPE_LOG_FACILITY);
        openlog("nrpe",LOG_PID,log_facility); 

	/* make sure the config file uses an absolute path */
	if(config_file[0]!='/'){

		/* save the name of the config file */
		strncpy(buffer,config_file,sizeof(buffer));
		buffer[sizeof(buffer)-1]='\x0';

		/* get absolute path of current working directory */
		strcpy(config_file,"");
		getcwd(config_file,sizeof(config_file));

		/* append a forward slash */
		strncat(config_file,"/",sizeof(config_file)-2);
		config_file[sizeof(config_file)-1]='\x0';

		/* append the config file to the path */
		strncat(config_file,buffer,sizeof(config_file)-strlen(config_file)-1);
		config_file[sizeof(config_file)-1]='\x0';
	        }

	/* read the config file */
	result=read_config_file(config_file);	

	/* exit if there are errors... */
	if(result==ERROR){
		syslog(LOG_ERR,"Config file '%s' contained errors, aborting...",config_file);
		return STATE_CRITICAL;
		}

        /* generate the CRC 32 table */
        generate_crc32_table();

	/* initialize macros */
	for(x=0;x<MAX_COMMAND_ARGUMENTS;x++)
		macro_argv[x]=NULL;

#ifdef HAVE_SSL
	/* initialize SSL */
	if(use_ssl==TRUE){
		SSL_library_init();
		SSLeay_add_ssl_algorithms();
		meth=SSLv23_server_method();
		SSL_load_error_strings();

		/* use week random seed if necessary */
		if(allow_weak_random_seed && (RAND_status()==0)){

			if(RAND_file_name(seedfile,sizeof(seedfile)-1))
				if(RAND_load_file(seedfile,-1))
					RAND_write_file(seedfile);

			if(RAND_status()==0){
				syslog(LOG_ERR,"Warning: SSL/TLS uses a weak random seed which is highly discouraged");
				srand(time(NULL));
				for(i=0;i<500 && RAND_status()==0;i++){
					for(c=0;c<sizeof(seedfile);c+=sizeof(int)){
						*((int *)(seedfile+c))=rand();
					        }
					RAND_seed(seedfile,sizeof(seedfile));
					}
				}
			}

		if((ctx=SSL_CTX_new(meth))==NULL){
			syslog(LOG_ERR,"Error: could not create SSL context.\n");
			exit(STATE_CRITICAL);
		        }

		/* ADDED 01/19/2004 */
		/* use only TLSv1 protocol */
		SSL_CTX_set_options(ctx,SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);

		/* use anonymous DH ciphers */
		SSL_CTX_set_cipher_list(ctx,"ADH");
		dh=get_dh512();
		SSL_CTX_set_tmp_dh(ctx,dh);
		DH_free(dh);
		if(debug==TRUE)
			syslog(LOG_INFO,"INFO: SSL/TLS initialized. All network traffic will be encrypted.");
	        }
	else{
		if(debug==TRUE)
			syslog(LOG_INFO,"INFO: SSL/TLS NOT initialized. Network encryption DISABLED.");
	        }
#endif

	/* if we're running under inetd... */
	if(use_inetd==TRUE){

		/* make sure we're not root */
		check_privileges();

		/* redirect STDERR to /dev/null */
		close(2);
		open("/dev/null",O_WRONLY);

		/* handle the connection */
		handle_connection(0);
	        }

	/* else daemonize and start listening for requests... */
	else if(fork()==0){
		
		/* we're a daemon - set up a new process group */
		setsid();

		/* close standard file descriptors */
		close(0);
		close(1);
		close(2);

		/* redirect standard descriptors to /dev/null */
		open("/dev/null",O_RDONLY);
		open("/dev/null",O_WRONLY);
		open("/dev/null",O_WRONLY);

		chdir("/");
		/*umask(0);*/

		/* handle signals */
		signal(SIGQUIT,sighandler);
		signal(SIGTERM,sighandler);
		signal(SIGHUP,sighandler);

		/* log info to syslog facility */
		syslog(LOG_NOTICE,"Starting up daemon");

		/* write pid file */
		if(write_pid_file()==ERROR)
			return STATE_CRITICAL;
		
		/* drop privileges */
		drop_privileges(nrpe_user,nrpe_group);

		/* make sure we're not root */
		check_privileges();

		do{

			/* reset flags */
			sigrestart=FALSE;
			sigshutdown=FALSE;

			/* wait for connections */
			wait_for_connections();

			/* free all memory we allocated */
			free_memory();

			if(sigrestart==TRUE){

				/* read the config file */
				result=read_config_file(config_file);	

				/* exit if there are errors... */
				if(result==ERROR){
					syslog(LOG_ERR,"Config file '%s' contained errors, bailing out...",config_file);
					return STATE_CRITICAL;
				        }
			        }
	
		        }while(sigrestart==TRUE && sigshutdown==FALSE);

		/* remove pid file */
		remove_pid_file();

		syslog(LOG_NOTICE,"Daemon shutdown\n");
	        }

#ifdef HAVE_SSL
	if(use_ssl==TRUE)
		SSL_CTX_free(ctx);
#endif

	/* We are now running in daemon mode, or the connection handed over by inetd has
	   been completed, so the parent process exits */
        return STATE_OK;
	}
예제 #3
0
/* read in the configuration file */
int read_config_file(char *filename){
	FILE *fp;
	char config_file[MAX_FILENAME_LENGTH];
	char input_buffer[MAX_INPUT_BUFFER];
	char *input_line;
	char *temp_buffer;
	char *varname;
	char *varvalue;
	int line=0;
	int len=0;
	int x=0;


	/* open the config file for reading */
	fp=fopen(filename,"r");

	/* exit if we couldn't open the config file */
	if(fp==NULL){
		syslog(LOG_ERR,"Unable to open config file '%s' for reading\n",filename);
		return ERROR;
	        }

	while(fgets(input_buffer,MAX_INPUT_BUFFER-1,fp)){

		line++;
		input_line=input_buffer;

		/* skip leading whitespace */
		while(isspace(*input_line))
			++input_line;

		/* trim trailing whitespace */
		len=strlen(input_line);
		for(x=len-1;x>=0;x--){
			if(isspace(input_line[x]))
				input_line[x]='\x0';
			else
				break;
		        }

		/* skip comments and blank lines */
		if(input_line[0]=='#')
			continue;
		if(input_line[0]=='\x0')
			continue;
		if(input_line[0]=='\n')
			continue;

		/* get the variable name */
		varname=strtok(input_line,"=");
		if(varname==NULL){
			syslog(LOG_ERR,"No variable name specified in config file '%s' - Line %d\n",filename,line);
			return ERROR;
		        }

		/* get the variable value */
		varvalue=strtok(NULL,"\n");
		if(varvalue==NULL){
			syslog(LOG_ERR,"No variable value specified in config file '%s' - Line %d\n",filename,line);
			return ERROR;
		        }

		/* allow users to specify directories to recurse into for config files */
		else if(!strcmp(varname,"include_dir")){

			strncpy(config_file,varvalue,sizeof(config_file)-1);
			config_file[sizeof(config_file)-1]='\x0';

			/* strip trailing / if necessary */
			if(config_file[strlen(config_file)-1]=='/')
				config_file[strlen(config_file)-1]='\x0';

			/* process the config directory... */
			if(read_config_dir(config_file)==ERROR)
				syslog(LOG_ERR,"Continuing with errors...");
			}

		/* allow users to specify individual config files to include */
		else if(!strcmp(varname,"include") || !strcmp(varname,"include_file")){

			/* process the config file... */
			if(read_config_file(varvalue)==ERROR)
				syslog(LOG_ERR,"Continuing with errors...");
		        }

		else if(!strcmp(varname,"server_port"))
			server_port=strdup(varvalue);

		else if(!strcmp(varname,"command_prefix"))
			command_prefix=strdup(varvalue);

		else if(!strcmp(varname,"server_address")){
			server_address=strdup(varvalue);
                        }

                else if(!strcmp(varname,"allowed_hosts"))
			allowed_hosts=strdup(varvalue);

		else if(strstr(input_line,"command[")){
			temp_buffer=strtok(varname,"[");
			temp_buffer=strtok(NULL,"]");
			if(temp_buffer==NULL){
				syslog(LOG_ERR,"Invalid command specified in config file '%s' - Line %d\n",filename,line);
				return ERROR;
			        }
			add_command(temp_buffer,varvalue);
		        }

		else if(strstr(input_buffer,"debug")){
			debug=atoi(varvalue);
			if(debug>0)
				debug=TRUE;
			else 
				debug=FALSE;
		        }

                else if(!strcmp(varname,"nrpe_user"))
			nrpe_user=strdup(varvalue);

                else if(!strcmp(varname,"nrpe_group"))
			nrpe_group=strdup(varvalue);
		
		else if(!strcmp(varname,"dont_blame_nrpe"))
			allow_arguments=(atoi(varvalue)==1)?TRUE:FALSE;

 		else if(!strcmp(varname,"command_timeout")){
			command_timeout=atoi(varvalue);
			if(command_timeout<1){
				syslog(LOG_ERR,"Invalid command_timeout specified in config file '%s' - Line %d\n",filename,line);
				return ERROR;
			        }
		        }

 		else if(!strcmp(varname,"connection_timeout")){
			connection_timeout=atoi(varvalue);
			if(connection_timeout<1){
				syslog(LOG_ERR,"Invalid connection_timeout specified in config file '%s' - Line %d\n",filename,line);
				return ERROR;
			        }
		        }

		else if(!strcmp(varname,"allow_weak_random_seed"))
			allow_weak_random_seed=(atoi(varvalue)==1)?TRUE:FALSE;

		else if(!strcmp(varname,"pid_file"))
			pid_file=strdup(varvalue);

		else if(!strcmp(varname,"log_facility")){
			if((get_log_facility(varvalue))==OK){
				/* re-open log using new facility */
				closelog();
				openlog("nrpe",LOG_PID,log_facility); 
				}
			else
				syslog(LOG_WARNING,"Invalid log_facility specified in config file '%s' - Line %d\n",filename,line);
			}

		else{
			syslog(LOG_WARNING,"Unknown option specified in config file '%s' - Line %d\n",filename,line);
			continue;
		        }

	        }


	/* close the config file */
	fclose(fp);

	return OK;
	}
예제 #4
0
파일: nsca.c 프로젝트: aia/icinga-nsca
int main(int argc, char **argv) {
	char buffer[MAX_INPUT_BUFFER];
	int result;
	uid_t uid = -1;
	gid_t gid = -1;


	/* process command-line arguments */
	result = process_arguments(argc, argv);

	if (result != OK || show_help == TRUE || show_license == TRUE || show_version == TRUE) {

		if (result != OK)
			printf("Incorrect command line arguments supplied\n");
		printf("\n");
		printf("NSCA - Nagios Service Check Acceptor for Icinga\n");
		printf("Copyright (c) 2010-2012 Icinga Development Team and Community Contributors (http://www.icinga.org)\n");
		printf("Copyright (c) 2009-2012 Nagios Core Development Team and Community Contributors\n");
		printf("Copyright (c) 2000-2009 Ethan Galstad\n");
		printf("Version: %s\n", PROGRAM_VERSION);
		printf("Last Modified: %s\n", MODIFICATION_DATE);
		printf("License: GPL v2\n");
		printf("Encryption Routines: ");
#ifdef HAVE_LIBMCRYPT
		printf("AVAILABLE");
#else
		printf("NOT AVAILABLE");
#endif
		printf("\n");
#ifdef HAVE_LIBWRAP
		printf("TCP Wrappers Available\n");
#endif
		printf("\n");
	}

	if (result != OK || show_help == TRUE) {
		printf("Usage: %s -c <config_file> [mode]\n", argv[0]);
		printf("\n");
		printf("Options:\n");
		printf(" <config_file> = Name of config file to use\n");
		printf(" [mode]        = Determines how NSCA should run. Valid modes:\n");
		printf("   --inetd     = Run as a service under inetd or xinetd\n");
		printf("   --daemon    = Run as a standalone multi-process daemon\n");
		printf("   --single    = Run as a standalone single-process daemon (default)\n");
		printf("\n");
		printf("Notes:\n");
		printf("This program is designed to accept passive check results from\n");
		printf("remote hosts that use the send_nsca utility.  Can run as a service\n");
		printf("under inetd or xinetd (read the docs for info on this), or as a\n");
		printf("standalone daemon.\n");
		printf("\n");
	}

	if (show_license == TRUE)
		display_license();

	if (result != OK || show_help == TRUE || show_license == TRUE || show_version == TRUE)
		do_exit(STATE_UNKNOWN);


	/* open a connection to the syslog facility */
	/* facility may be overridden later */
	get_log_facility(NSCA_LOG_FACILITY);
	openlog("nsca", LOG_PID | LOG_NDELAY, log_facility);

	/* make sure the config file uses an absolute path */
	if (config_file[0] != '/') {

		/* save the name of the config file */
		strncpy(buffer, config_file, sizeof(buffer));
		buffer[sizeof(buffer) - 1] = '\0';

		/* get absolute path of current working directory */
		strcpy(config_file, "");
		getcwd(config_file, sizeof(config_file));

		/* append a forward slash */
		strncat(config_file, "/", sizeof(config_file) - 2);
		config_file[sizeof(config_file) - 1] = '\0';

		/* append the config file to the path */
		strncat(config_file, buffer, sizeof(config_file) - strlen(config_file) - 1);
		config_file[sizeof(config_file) - 1] = '\0';
	}

	/* read the config file */
	result = read_config_file(config_file);

	/* exit if there are errors... */
	if (result == ERROR)
		do_exit(STATE_CRITICAL);

	/* generate the CRC 32 table */
	generate_crc32_table();


	/* how should we handle client connections? */
	switch (mode) {

	case INETD:
		/* chroot if configured */
		do_chroot();

		/* if we're running under inetd, handle one connection and get out */
		handle_connection(0, NULL);
		break;

	case MULTI_PROCESS_DAEMON:

		/* older style, mult-process daemon */
		/* execution cascades below... */
		install_child_handler();

		/*     |
		       |
		       |     */
	case SINGLE_PROCESS_DAEMON:
		/*     |
		       |
		       V     */

		/* daemonize and start listening for requests... */
		if (fork() == 0) {

			/* we're a daemon - set up a new process group */
			setsid();

			/* handle signals */
			signal(SIGQUIT, sighandler);
			signal(SIGTERM, sighandler);
			signal(SIGHUP, sighandler);
			
			signal(SIGPIPE, SIG_IGN);

			/* close standard file descriptors */
			close(0);
			close(1);
			close(2);

			/* redirect standard descriptors to /dev/null */
			open("/dev/null", O_RDONLY);
			open("/dev/null", O_WRONLY);
			open("/dev/null", O_WRONLY);

			/* get group information before chrooting */
			get_user_info(nsca_user, &uid);
			get_group_info(nsca_group, &gid);

			/* write pid file */
			if (write_pid_file(uid, gid) == ERROR)
				return STATE_CRITICAL;

			/* chroot if configured */
			do_chroot();

			/* drop privileges */
			if (drop_privileges(nsca_user, uid, gid) == ERROR)
				do_exit(STATE_CRITICAL);

			do {

				/* reset flags */
				sigrestart = FALSE;
				sigshutdown = FALSE;

				/* wait for connections */
				wait_for_connections();

				if (sigrestart == TRUE) {

					/* free memory */
					free_memory();

					/* re-read the config file */
					result = read_config_file(config_file);

					/* exit if there are errors... */
					if (result == ERROR) {
						syslog(LOG_ERR, "Config file '%s' contained errors, bailing out...", config_file);
						break;
					}
				}

			} while (sigrestart == TRUE && sigshutdown == FALSE);

			/* remove pid file */
			remove_pid_file();

			syslog(LOG_NOTICE, "Daemon shutdown\n");
		}
		break;

	default:
		break;
	}

	/* we are now running in daemon mode, or the connection handed over by inetd has been completed, so the parent process exits */
	do_exit(STATE_OK);

	/* keep the compilers happy... */
	return STATE_OK;
}
예제 #5
0
파일: nsca.c 프로젝트: aia/icinga-nsca
/* read in the configuration file */
static int read_config_file(char *filename) {
	FILE *fp;
	char input_buffer[MAX_INPUT_BUFFER];
	char *varname;
	char *varvalue;
	int line;
	int checkresult_test_fd = -1;
	char *checkresult_test = NULL;

	/* open the config file for reading */
	fp = fopen(filename, "r");

	/* exit if we couldn't open the config file */
	if (fp == NULL) {
		syslog(LOG_ERR, "Could not open config file '%s' for reading\n", filename);
		return ERROR;
	}

	line = 0;
	while (fgets(input_buffer, MAX_INPUT_BUFFER - 1, fp)) {

		line++;

		/* skip comments and blank lines */
		if (input_buffer[0] == '#')
			continue;
		if (input_buffer[0] == '\0')
			continue;
		if (input_buffer[0] == '\n')
			continue;

		/* get the variable name */
		varname = strtok(input_buffer, "=");
		if (varname == NULL) {
			syslog(LOG_ERR, "No variable name specified in config file '%s' - Line %d\n", filename, line);
			return ERROR;
		}

		/* get the variable value */
		varvalue = strtok(NULL, "\n");
		if (varvalue == NULL) {
			syslog(LOG_ERR, "No variable value specified in config file '%s' - Line %d\n", filename, line);
			return ERROR;
		}

		if (!strcmp(varname, "server_port"))
			server_port = strdup(varvalue);

		else if (!strcmp(varname, "server_address")) {
			server_address = strdup(varvalue);
		} else if (strstr(input_buffer, "command_file")) {
			if (strlen(varvalue) > sizeof(command_file) - 1) {
				syslog(LOG_ERR, "Command file name is too long in config file '%s' - Line %d\n", filename, line);
				return ERROR;
			}
			strncpy(command_file, varvalue, sizeof(command_file) - 1);
			command_file[sizeof(command_file) - 1] = '\0';
		} else if (strstr(input_buffer, "alternate_dump_file")) {
			if (strlen(varvalue) > sizeof(alternate_dump_file) - 1) {
				syslog(LOG_ERR, "Alternate dump file name is too long in config file '%s' - Line %d\n", filename, line);
				return ERROR;
			}
			strncpy(alternate_dump_file, varvalue, sizeof(alternate_dump_file) - 1);
			alternate_dump_file[sizeof(alternate_dump_file) - 1] = '\0';
		} else if (strstr(input_buffer, "password")) {
			if (strlen(varvalue) > sizeof(password) - 1) {
				syslog(LOG_ERR, "Password is too long in config file '%s' - Line %d\n", filename, line);
				return ERROR;
			}
			strncpy(password, varvalue, sizeof(password) - 1);
			password[sizeof(password) - 1] = '\0';
		} else if (strstr(input_buffer, "decryption_method")) {

			decryption_method = atoi(varvalue);

			switch (decryption_method) {
			case ENCRYPT_NONE:
			case ENCRYPT_XOR:
				break;
#ifdef HAVE_LIBMCRYPT
			case ENCRYPT_DES:
			case ENCRYPT_3DES:
			case ENCRYPT_CAST128:
			case ENCRYPT_CAST256:
			case ENCRYPT_XTEA:
			case ENCRYPT_3WAY:
			case ENCRYPT_BLOWFISH:
			case ENCRYPT_TWOFISH:
			case ENCRYPT_LOKI97:
			case ENCRYPT_RC2:
			case ENCRYPT_ARCFOUR:
			case ENCRYPT_RIJNDAEL128:
			case ENCRYPT_RIJNDAEL192:
			case ENCRYPT_RIJNDAEL256:
			case ENCRYPT_WAKE:
			case ENCRYPT_SERPENT:
			case ENCRYPT_ENIGMA:
			case ENCRYPT_GOST:
			case ENCRYPT_SAFER64:
			case ENCRYPT_SAFER128:
			case ENCRYPT_SAFERPLUS:
				break;
#endif
			default:
				syslog(LOG_ERR, "Invalid decryption method (%d) in config file '%s' - Line %d\n", decryption_method, filename, line);
#ifndef HAVE_LIBMCRYPT
				if (decryption_method >= 2)
					syslog(LOG_ERR, "Daemon was not compiled with mcrypt library, so decryption is unavailable.\n");
#endif
				return ERROR;
			}
		} else if (strstr(input_buffer, "debug")) {
			if (atoi(varvalue) > 0)
				debug = TRUE;
			else
				debug = FALSE;
		} else if (strstr(input_buffer, "aggregate_writes")) {
			if (atoi(varvalue) > 0)
				aggregate_writes = TRUE;
			else
				aggregate_writes = FALSE;
		} else if (strstr(input_buffer, "check_result_path")) {
			if (strlen(varvalue) > MAX_INPUT_BUFFER - 1) {
				syslog(LOG_ERR, "Check result path is too long in config file '%s' - Line %d\n", filename, line);
				return ERROR;
			}
			check_result_path = strdup(varvalue);
			asprintf(&checkresult_test, "%s/nsca.test.%i", check_result_path, getpid());
			checkresult_test_fd = open(checkresult_test, O_WRONLY | O_CREAT, 0644);

			if (checkresult_test_fd > 0) {
				unlink(checkresult_test);
				free(checkresult_test);
			} else {
				syslog(LOG_ERR, "check_result_path config variable found, but directory not writeable.\n");
				free(checkresult_test);
				return ERROR;
			}
		} else if (strstr(input_buffer, "append_to_file")) {
			if (atoi(varvalue) > 0)
				append_to_file = TRUE;
			else
				append_to_file = FALSE;
		} else if (!strcmp(varname, "max_packet_age")) {
			max_packet_age = strtoul(varvalue, NULL, 10);
			if (max_packet_age > 900) {
				syslog(LOG_ERR, "Max packet age cannot be greater than 15 minutes (900 seconds).\n");
				return ERROR;
			}
		}

		else if (!strcmp(varname, "nsca_user"))
			nsca_user = strdup(varvalue);

		else if (!strcmp(varname, "nsca_group"))
			nsca_group = strdup(varvalue);

		else if (!strcmp(varname, "nsca_chroot"))
			nsca_chroot = strdup(varvalue);

		else if (!strcmp(varname, "pid_file"))
			pid_file = strdup(varvalue);

		else if (!strcmp(varname, "log_facility")) {
			if ((get_log_facility(varvalue)) == OK) {
				/* re-open log using new facility */
				closelog();
				openlog("nsca", LOG_PID | LOG_NDELAY, log_facility);
			} else
				syslog(LOG_WARNING, "Invalid log_facility specified in config file '%s' - Line %d\n", filename, line);
		}

		else {
			syslog(LOG_ERR, "Unknown option specified in config file '%s' - Line %d\n", filename, line);

			return ERROR;
		}
	}

	/* close the config file */
	fclose(fp);

	return OK;
}