diff -r 000000000000 -r 57a003cf847f check_aptkeys.pl --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/check_aptkeys.pl Fri Mar 04 16:43:47 2011 +0100 @@ -0,0 +1,204 @@ +#!/usr/bin/perl -w + +# Copyright (C) 2011 Christian Arnold +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# +# Christian Arnold + +use strict; +use warnings; +use File::Basename; +use Getopt::Long; +use Date::Manip; +use Pod::Usage; +use if $ENV{DEBUG} => "Smart::Comments"; + +my %ERRORS = ( + OK => 0, + WARNING => 1, + CRITICAL => 2, + UNKNOWN => 3, + DEPENDENT => 4 +); + +sub get_status(); +sub report($$); +sub version($$); + +my $ME = basename $0; +my $VERSION = "2.0"; + +my %opt = ( + binary => "/usr/bin/apt-key", + warning => "1month", + critical => "1week", +); + +MAIN: { + Getopt::Long::Configure('bundling'); + GetOptions( + "b|binary=s" => \$opt{binary}, + "w|warning=s" => \$opt{warning}, + "c|critical=s" => \$opt{critical}, + "h|help" => sub { pod2usage( -verbose => 1, -exitval => $ERRORS{OK} ) }, + "m|man" => sub { pod2usage( -verbose => 2, -exitval => $ERRORS{OK} ) }, + "V|version" => sub { version( $ME, $VERSION ); exit $ERRORS{OK}; } + ) or pod2usage( -verbose => 1, -exitval => $ERRORS{CRITICAL} ); + + unless ( -x $opt{binary} ) { + print "APTKEYS CRITICAL: $opt{binary} - not found or not executable\n"; + exit $ERRORS{CRITICAL}; + } + + my ( $warning, $critical ) = get_status(); + report( $warning, $critical ); +} + +sub get_status() { + my $w_time = DateCalc( "today", "+ $opt{warning}" ); + my $c_time = DateCalc( "today", "+ $opt{critical}" ); + + my @command = ( "$opt{binary}", "list" ); + open( OUTPUT, "-|" ) or do { + open( STDERR, ">&STDOUT" ); + exec(@command); + }; + + my %keys = (); + while () { + $/ = ""; + my ( $keyid, $date ) = + (m#^pub[^/]+/([^\s]+)\s+[^\s]+[^0-9-]+([0-9-]+)]$#m) + or next; + my ($description) = (m#^uid\s+(.*)$#m) or next; + + my $parsedate = ParseDate($date); + &Date_Cmp( $parsedate, $w_time ) > 0 + and push( @{ $keys{"$keyid, $description, $date"} }, "OK" ) + and next; + &Date_Cmp( $parsedate, $c_time ) > 0 + and push( @{ $keys{"$keyid, $description, $date"} }, "WARNING" ) + and next; + push( @{ $keys{"$keyid, $description, $date"} }, "CRITICAL" ); + } + + my ( @warning, @critical ) = (); + foreach ( sort keys %keys ) { + if ( @{ $keys{$_} }[0] eq "WARNING" ) { + push( @warning, $_ ); + } + elsif ( @{ $keys{$_} }[0] eq "CRITICAL" ) { + push( @critical, $_ ); + } + } + + return ( \@warning, \@critical ); +} + +sub report($$) { + my ( $warning, $critical ) = @_; + + if (@$critical) { + print "APTKEYS CRITICAL: @$critical\n"; + exit $ERRORS{CRITICAL}; + } + elsif (@$warning) { + print "APTKEYS WARNING: @$warning\n"; + exit $ERRORS{WARNING}; + } + else { + print "APTKEYS OK: all aptkeys in limit\n"; + exit $ERRORS{OK}; + } +} + +sub version($$) { + my $progname = shift; + my $version = shift; + + print <<_VERSION; +$progname version $version +Copyright (C) 2011 by Christian Arnold and Schlittermann internet & unix support. + +$ME comes with ABSOLUTELY NO WARRANTY. This is free software, +and you are welcome to redistribute it under certain conditions. +See the GNU General Public Licence for details. +_VERSION +} + +__END__ + +=head1 NAME + +check_aptkeys - nagios plugin to check the expire date for aptkeys + +=head1 SYNOPSIS + +check_aptkeys [-b|--binary path] + [-w|--warning string] + [-c|--critical string] + [-h|--help] + [-m|--man] + [-v|--version] + +=head1 OPTIONS + +=over + +=item B<-b>|B<--binary> I + +apt-keys binary (default: /usr/bin/apt-key) + +=item B<-w>|B<--warning> I + +Time before change to warning status. (default: I<1month>) + +=item B<-c>|B<--critical> I + +Time before change to critical status. (default: I<1week>) + +=item B<-h>|B<--help> + +Print detailed help screen. + +=item B<-m>|B<--man> + +Print manual page. + +=item B<-V>|B<--version> + +Print version information. + +=back + +=head1 DESCRIPTION + +This plugin check the expire date for aptkeys. This plugin must be run as root. + +=head1 VERSION + +This man page is current for version 2.0 of check_aptkeys. + +=head1 AUTHOR + +Written by Christian Arnold L + +=head1 COPYRIGHT + +Copyright (C) 2011 by Christian Arnold and Schlittermann internet & unix support. +This is free software, and you are welcome to redistribute it under certain conditions. +See the GNU General Public Licence for details. + +=cut