|
1 #!/usr/bin/perl -w |
|
2 |
|
3 # Copyright (C) 2011 Christian Arnold |
|
4 # |
|
5 # This program is free software: you can redistribute it and/or modify |
|
6 # it under the terms of the GNU General Public License as published by |
|
7 # the Free Software Foundation, either version 3 of the License, or |
|
8 # (at your option) any later version. |
|
9 # |
|
10 # This program is distributed in the hope that it will be useful, |
|
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
13 # GNU General Public License for more details. |
|
14 # |
|
15 # You should have received a copy of the GNU General Public License |
|
16 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
17 # |
|
18 # Christian Arnold <arnold@schlittermann.de> |
|
19 |
|
20 use strict; |
|
21 use warnings; |
|
22 use File::Basename; |
|
23 use Getopt::Long; |
|
24 use Date::Manip; |
|
25 use Pod::Usage; |
|
26 use if $ENV{DEBUG} => "Smart::Comments"; |
|
27 |
|
28 my %ERRORS = ( |
|
29 OK => 0, |
|
30 WARNING => 1, |
|
31 CRITICAL => 2, |
|
32 UNKNOWN => 3, |
|
33 DEPENDENT => 4 |
|
34 ); |
|
35 |
|
36 sub get_status(); |
|
37 sub report($$); |
|
38 sub version($$); |
|
39 |
|
40 my $ME = basename $0; |
|
41 my $VERSION = "2.0"; |
|
42 |
|
43 my %opt = ( |
|
44 binary => "/usr/bin/apt-key", |
|
45 warning => "1month", |
|
46 critical => "1week", |
|
47 ); |
|
48 |
|
49 MAIN: { |
|
50 Getopt::Long::Configure('bundling'); |
|
51 GetOptions( |
|
52 "b|binary=s" => \$opt{binary}, |
|
53 "w|warning=s" => \$opt{warning}, |
|
54 "c|critical=s" => \$opt{critical}, |
|
55 "h|help" => sub { pod2usage( -verbose => 1, -exitval => $ERRORS{OK} ) }, |
|
56 "m|man" => sub { pod2usage( -verbose => 2, -exitval => $ERRORS{OK} ) }, |
|
57 "V|version" => sub { version( $ME, $VERSION ); exit $ERRORS{OK}; } |
|
58 ) or pod2usage( -verbose => 1, -exitval => $ERRORS{CRITICAL} ); |
|
59 |
|
60 unless ( -x $opt{binary} ) { |
|
61 print "APTKEYS CRITICAL: $opt{binary} - not found or not executable\n"; |
|
62 exit $ERRORS{CRITICAL}; |
|
63 } |
|
64 |
|
65 my ( $warning, $critical ) = get_status(); |
|
66 report( $warning, $critical ); |
|
67 } |
|
68 |
|
69 sub get_status() { |
|
70 my $w_time = DateCalc( "today", "+ $opt{warning}" ); |
|
71 my $c_time = DateCalc( "today", "+ $opt{critical}" ); |
|
72 |
|
73 my @command = ( "$opt{binary}", "list" ); |
|
74 open( OUTPUT, "-|" ) or do { |
|
75 open( STDERR, ">&STDOUT" ); |
|
76 exec(@command); |
|
77 }; |
|
78 |
|
79 my %keys = (); |
|
80 while (<OUTPUT>) { |
|
81 $/ = ""; |
|
82 my ( $keyid, $date ) = |
|
83 (m#^pub[^/]+/([^\s]+)\s+[^\s]+[^0-9-]+([0-9-]+)]$#m) |
|
84 or next; |
|
85 my ($description) = (m#^uid\s+(.*)$#m) or next; |
|
86 |
|
87 my $parsedate = ParseDate($date); |
|
88 &Date_Cmp( $parsedate, $w_time ) > 0 |
|
89 and push( @{ $keys{"$keyid, $description, $date"} }, "OK" ) |
|
90 and next; |
|
91 &Date_Cmp( $parsedate, $c_time ) > 0 |
|
92 and push( @{ $keys{"$keyid, $description, $date"} }, "WARNING" ) |
|
93 and next; |
|
94 push( @{ $keys{"$keyid, $description, $date"} }, "CRITICAL" ); |
|
95 } |
|
96 |
|
97 my ( @warning, @critical ) = (); |
|
98 foreach ( sort keys %keys ) { |
|
99 if ( @{ $keys{$_} }[0] eq "WARNING" ) { |
|
100 push( @warning, $_ ); |
|
101 } |
|
102 elsif ( @{ $keys{$_} }[0] eq "CRITICAL" ) { |
|
103 push( @critical, $_ ); |
|
104 } |
|
105 } |
|
106 |
|
107 return ( \@warning, \@critical ); |
|
108 } |
|
109 |
|
110 sub report($$) { |
|
111 my ( $warning, $critical ) = @_; |
|
112 |
|
113 if (@$critical) { |
|
114 print "APTKEYS CRITICAL: @$critical\n"; |
|
115 exit $ERRORS{CRITICAL}; |
|
116 } |
|
117 elsif (@$warning) { |
|
118 print "APTKEYS WARNING: @$warning\n"; |
|
119 exit $ERRORS{WARNING}; |
|
120 } |
|
121 else { |
|
122 print "APTKEYS OK: all aptkeys in limit\n"; |
|
123 exit $ERRORS{OK}; |
|
124 } |
|
125 } |
|
126 |
|
127 sub version($$) { |
|
128 my $progname = shift; |
|
129 my $version = shift; |
|
130 |
|
131 print <<_VERSION; |
|
132 $progname version $version |
|
133 Copyright (C) 2011 by Christian Arnold and Schlittermann internet & unix support. |
|
134 |
|
135 $ME comes with ABSOLUTELY NO WARRANTY. This is free software, |
|
136 and you are welcome to redistribute it under certain conditions. |
|
137 See the GNU General Public Licence for details. |
|
138 _VERSION |
|
139 } |
|
140 |
|
141 __END__ |
|
142 |
|
143 =head1 NAME |
|
144 |
|
145 check_aptkeys - nagios plugin to check the expire date for aptkeys |
|
146 |
|
147 =head1 SYNOPSIS |
|
148 |
|
149 check_aptkeys [-b|--binary path] |
|
150 [-w|--warning string] |
|
151 [-c|--critical string] |
|
152 [-h|--help] |
|
153 [-m|--man] |
|
154 [-v|--version] |
|
155 |
|
156 =head1 OPTIONS |
|
157 |
|
158 =over |
|
159 |
|
160 =item B<-b>|B<--binary> I<path> |
|
161 |
|
162 apt-keys binary (default: /usr/bin/apt-key) |
|
163 |
|
164 =item B<-w>|B<--warning> I<string> |
|
165 |
|
166 Time before change to warning status. (default: I<1month>) |
|
167 |
|
168 =item B<-c>|B<--critical> I<string> |
|
169 |
|
170 Time before change to critical status. (default: I<1week>) |
|
171 |
|
172 =item B<-h>|B<--help> |
|
173 |
|
174 Print detailed help screen. |
|
175 |
|
176 =item B<-m>|B<--man> |
|
177 |
|
178 Print manual page. |
|
179 |
|
180 =item B<-V>|B<--version> |
|
181 |
|
182 Print version information. |
|
183 |
|
184 =back |
|
185 |
|
186 =head1 DESCRIPTION |
|
187 |
|
188 This plugin check the expire date for aptkeys. This plugin must be run as root. |
|
189 |
|
190 =head1 VERSION |
|
191 |
|
192 This man page is current for version 2.0 of check_aptkeys. |
|
193 |
|
194 =head1 AUTHOR |
|
195 |
|
196 Written by Christian Arnold L<arnold@schlittermann.de> |
|
197 |
|
198 =head1 COPYRIGHT |
|
199 |
|
200 Copyright (C) 2011 by Christian Arnold and Schlittermann internet & unix support. |
|
201 This is free software, and you are welcome to redistribute it under certain conditions. |
|
202 See the GNU General Public Licence for details. |
|
203 |
|
204 =cut |