summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xnagios-check-apt-updates127
1 files changed, 80 insertions, 47 deletions
diff --git a/nagios-check-apt-updates b/nagios-check-apt-updates
index 2fbade1..a4e4cd6 100755
--- a/nagios-check-apt-updates
+++ b/nagios-check-apt-updates
@@ -29,10 +29,45 @@ use Getopt::Long;
$ENV{'PATH'} = '/bin:/sbin:/usr/bin:/usr/sbin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+my $APT = '/usr/bin/apt-get';
+my $VERBOSE;
+
+sub do_check($$$$) {
+ my ($pre_command, $name, $updates_security, $updates_other) = @_;
+
+ print STDERR "Running $APT update in $name\n" if $VERBOSE;
+ open (UPDATE, "$pre_command$APT update|") or die ("Cannot run $APT update in $name: $!\n");
+ my @ignore=<UPDATE>;
+ close UPDATE;
+ if ($CHILD_ERROR) { # program failed
+ die("$APT update returned with non-zero exit code in $name: ".($CHILD_ERROR / 256)."\n");
+ };
+
+ print STDERR "Running $APT --simulate upgrade | sort -u in $name\n" if $VERBOSE;
+ open (TODO, "$pre_command$APT --simulate upgrade | sort -u |") or die ("Cannot run $APT --simulate upgrade | sort -u in $name: $!\n");
+ my @lines=<TODO>;
+ close TODO;
+ if ($CHILD_ERROR) { # program failed
+ die("$APT --simulate upgrade | sort -u returned with non-zero exit code in $name: ".($CHILD_ERROR / 256)."\n");
+ };
+
+ print STDERR "Processing information for $name\n" if $VERBOSE;
+ for my $line (@lines) {
+ if ($line =~ m/^Inst\s+(\S+)\s+/) {
+ my $package = $1;
+ if ($line =~ m/^Inst\s+\S+\s+.*security/i) {
+ push @$updates_security, $package.($name ne '/' ? "($name)" : '');
+ } else {
+ push @$updates_other, $package.($name ne '/' ? "($name)" : '');
+ };
+ }
+ }
+}
+
+
my $VERSION = '0.0.3 - $Rev$';
-my $APT = '/usr/bin/apt-get';
-my $USE_SUDO = 1;
+my $use_sudo = 1;
my $params;
# nagios exit codes
@@ -42,6 +77,7 @@ my $CRITICAL = 2;
my $UNKNOWN = 3;
$params->{'chroots'} = [];
+$params->{'vservers'} = [];
Getopt::Long::config('bundling');
if (!GetOptions (
'--help' => \$params->{'help'},
@@ -51,6 +87,7 @@ if (!GetOptions (
'--verbose' => \$params->{'verbose'},
'--warnifupdates' => \$params->{'warnifupdates'},
'--chroot=s' => $params->{'chroots'},
+ '--vserver=s' => $params->{'vservers'}
)) {
die ("Usage: $PROGRAM_NAME [--help|--version] [--sudo|--nosudo] [--verbose]\n");
};
@@ -59,19 +96,22 @@ if ($params->{'help'}) {
print "Usage: $PROGRAM_NAME [--help|--version] [--sudo|--nosudo] [--verbose]\n";
print "Reports packages to upgrade, updating the list if necessary.\n";
print "\n";
- print " --help Print this short help.\n";
- print " --version Report version number.\n";
- print " --sudo Use sudo to call apt-get (default).\n";
- print " --nosudo Do not use sudo to call apt-get.\n";
- print " --warnifupdates Exit with a WARNING status if any updates are available.\n";
- print " --verbose Be a little verbose.\n";
- print " --chroot=<path> Run check in path.\n";
+ print " --help Print this short help.\n";
+ print " --version Report version number.\n";
+ print " --sudo Use sudo to call apt-get (default).\n";
+ print " --nosudo Do not use sudo to call apt-get.\n";
+ print " --warnifupdates Exit with a WARNING status if any updates are available.\n";
+ print " --verbose Be a little verbose.\n";
+ print " --chroot=<path> Run check in path.\n";
+ print " --vserver=<vserver> Run check in vserver.\n";
print "\n";
print "Note that for --sudo (default) you will need entries in /etc/sudoers like these:\n";
- print "nagios ALL=(ALL) NOPASSWD: /usr/bin/apt-get update\n";
- print "nagios ALL=(ALL) NOPASSWD: /usr/bin/apt-get --simulate upgrade\n";
- print "nagios ALL=(ALL) NOPASSWD: /usr/sbin/chroot /chroot-ia32 /usr/bin/apt-get update\n";
- print "nagios ALL=(ALL) NOPASSWD: /usr/sbin/chroot /chroot-ia32 /usr/bin/apt-get --simulate upgrade\n";
+ print "nagios ALL=(ALL) NOPASSWD: /usr/bin/apt-get update\n";
+ print "nagios ALL=(ALL) NOPASSWD: /usr/bin/apt-get --simulate upgrade\n";
+ print "nagios ALL=(ALL) NOPASSWD: /usr/sbin/chroot /chroot-ia32 /usr/bin/apt-get update\n";
+ print "nagios ALL=(ALL) NOPASSWD: /usr/sbin/chroot /chroot-ia32 /usr/bin/apt-get --simulate upgrade\n";
+ print "nagios ALL=(ALL) NOPASSWD: /usr/sbin/vserver phpserver exec /usr/bin/apt-get update\n";
+ print "nagios ALL=(ALL) NOPASSWD: /usr/sbin/vserver phpserver exec /usr/bin/apt-get --simulate upgrade\n";
print "\n";
exit (0);
};
@@ -86,20 +126,27 @@ if ($params->{'sudo'} && $params->{'nosudo'}) {
die ("$PROGRAM_NAME: --sudo and --nosudo are mutually exclusive.\n");
};
if ($params->{'sudo'}) {
- $USE_SUDO = 1;
+ $use_sudo = 1;
};
if ($params->{'nosudo'}) {
- $USE_SUDO = 0;
+ $use_sudo = 0;
};
-if (scalar @{$params->{'chroots'}} == 0) {
+if (scalar @{$params->{'chroots'}} == 0 && scalar @{$params->{'vservers'}} == 0) {
$params->{'chroots'} = ['/'];
};
+$VERBOSE = $params->{'verbose'};
+
$SIG{'__DIE__'} = sub {
print STDERR @_;
exit $UNKNOWN;
};
+
+my @updates_security;
+my @updates_other;
+
+
# Make sure chroot paths are nice;
my @chroots = ();
for my $root (@{$params->{'chroots'}}) {
@@ -109,42 +156,28 @@ for my $root (@{$params->{'chroots'}}) {
die ("Chroot path $root is not nice.\n");
};
};
-
-my @updates_security;
-my @updates_other;
-
for my $root (@chroots) {
my $pre_command = ($root ne '/') ? "chroot $root " : '';
- $pre_command = ($USE_SUDO ? 'sudo ' : '').$pre_command;
-
- print STDERR "Running $APT update in $root\n" if $params->{'verbose'};
- open (UPDATE, "$pre_command$APT update|") or die ("Cannot run $APT update in $root: $!\n");
- my @ignore=<UPDATE>;
- close UPDATE;
- if ($CHILD_ERROR) { # program failed
- die("$APT update returned with non-zero exit code in $root: ".($CHILD_ERROR / 256)."\n");
+ $pre_command = ($use_sudo ? 'sudo ' : '').$pre_command;
+ do_check($pre_command, $root, \@updates_security, \@updates_other);
+}
+
+# Make sure vserver names are nice;
+my @vservers = ();
+for my $vserver (@{$params->{'vservers'}}) {
+ if ($vserver =~ m#^([a-zA-Z0-9.-]+)$#) {
+ push @vservers, $1;
+ } else {
+ die ("Vserver name $vserver is not nice.\n");
};
+};
+for my $vserver (@vservers) {
+ my $pre_command = "/usr/sbin/vserver $vserver exec ";
+ do_check($pre_command, $vserver, \@updates_security, \@updates_other);
+}
+
- print STDERR "Running $APT --simulate upgrade | sort -u in $root\n" if $params->{'verbose'};
- open (TODO, "$pre_command$APT --simulate upgrade | sort -u |") or die ("Cannot run $APT --simulate upgrade | sort -u in $root: $!\n");
- my @lines=<TODO>;
- close TODO;
- if ($CHILD_ERROR) { # program failed
- die("$APT --simulate upgrade | sort -u returned with non-zero exit code in $root: ".($CHILD_ERROR / 256)."\n");
- };
- print STDERR "Processing information for $root\n" if $params->{'verbose'};
- for my $line (@lines) {
- if ($line =~ m/^Inst\s+(\S+)\s+/) {
- my $package = $1;
- if ($line =~ m/^Inst\s+\S+\s+.*security/i) {
- push @updates_security, $package.($root ne '/' ? "($root)" : '');
- } else {
- push @updates_other, $package.($root ne '/' ? "($root)" : '');
- };
- }
- }
-};
my $exit = $OK;