diff -r 000000000000 -r 57a003cf847f check_aptkeys.pl
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/check_aptkeys.pl	Fri Mar 04 16:43:47 2011 +0100
@@ -0,0 +1,204 @@
+#!/usr/bin/perl -w
+
+#    Copyright (C) 2011  Christian Arnold
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#    Christian Arnold <arnold@schlittermann.de>
+
+use strict;
+use warnings;
+use File::Basename;
+use Getopt::Long;
+use Date::Manip;
+use Pod::Usage;
+use if $ENV{DEBUG} => "Smart::Comments";
+
+my %ERRORS = (
+    OK        => 0,
+    WARNING   => 1,
+    CRITICAL  => 2,
+    UNKNOWN   => 3,
+    DEPENDENT => 4
+);
+
+sub get_status();
+sub report($$);
+sub version($$);
+
+my $ME      = basename $0;
+my $VERSION = "2.0";
+
+my %opt = (
+    binary   => "/usr/bin/apt-key",
+    warning  => "1month",
+    critical => "1week",
+);
+
+MAIN: {
+    Getopt::Long::Configure('bundling');
+    GetOptions(
+        "b|binary=s"   => \$opt{binary},
+        "w|warning=s"  => \$opt{warning},
+        "c|critical=s" => \$opt{critical},
+        "h|help" => sub { pod2usage( -verbose => 1, -exitval => $ERRORS{OK} ) },
+        "m|man" => sub { pod2usage( -verbose => 2, -exitval => $ERRORS{OK} ) },
+        "V|version" => sub { version( $ME, $VERSION ); exit $ERRORS{OK}; }
+    ) or pod2usage( -verbose => 1, -exitval => $ERRORS{CRITICAL} );
+
+    unless ( -x $opt{binary} ) {
+        print "APTKEYS CRITICAL: $opt{binary} - not found or not executable\n";
+        exit $ERRORS{CRITICAL};
+    }
+
+    my ( $warning, $critical ) = get_status();
+    report( $warning, $critical );
+}
+
+sub get_status() {
+    my $w_time = DateCalc( "today", "+ $opt{warning}" );
+    my $c_time = DateCalc( "today", "+ $opt{critical}" );
+
+    my @command = ( "$opt{binary}", "list" );
+    open( OUTPUT, "-|" ) or do {
+        open( STDERR, ">&STDOUT" );
+        exec(@command);
+    };
+
+    my %keys = ();
+    while (<OUTPUT>) {
+        $/ = "";
+        my ( $keyid, $date ) =
+          (m#^pub[^/]+/([^\s]+)\s+[^\s]+[^0-9-]+([0-9-]+)]$#m)
+          or next;
+        my ($description) = (m#^uid\s+(.*)$#m) or next;
+
+        my $parsedate = ParseDate($date);
+        &Date_Cmp( $parsedate, $w_time ) > 0
+          and push( @{ $keys{"$keyid, $description, $date"} }, "OK" )
+          and next;
+        &Date_Cmp( $parsedate, $c_time ) > 0
+          and push( @{ $keys{"$keyid, $description, $date"} }, "WARNING" )
+          and next;
+        push( @{ $keys{"$keyid, $description, $date"} }, "CRITICAL" );
+    }
+
+    my ( @warning, @critical ) = ();
+    foreach ( sort keys %keys ) {
+        if ( @{ $keys{$_} }[0] eq "WARNING" ) {
+            push( @warning, $_ );
+        }
+        elsif ( @{ $keys{$_} }[0] eq "CRITICAL" ) {
+            push( @critical, $_ );
+        }
+    }
+
+    return ( \@warning, \@critical );
+}
+
+sub report($$) {
+    my ( $warning, $critical ) = @_;
+
+    if (@$critical) {
+        print "APTKEYS CRITICAL: @$critical\n";
+        exit $ERRORS{CRITICAL};
+    }
+    elsif (@$warning) {
+        print "APTKEYS WARNING: @$warning\n";
+        exit $ERRORS{WARNING};
+    }
+    else {
+        print "APTKEYS OK: all aptkeys in limit\n";
+        exit $ERRORS{OK};
+    }
+}
+
+sub version($$) {
+    my $progname = shift;
+    my $version  = shift;
+
+    print <<_VERSION;
+$progname version $version
+Copyright (C) 2011 by Christian Arnold and Schlittermann internet & unix support.
+
+$ME comes with ABSOLUTELY NO WARRANTY. This is free software,
+and you are welcome to redistribute it under certain conditions.
+See the GNU General Public Licence for details.
+_VERSION
+}
+
+__END__
+
+=head1 NAME
+
+check_aptkeys - nagios plugin to check the expire date for aptkeys
+
+=head1 SYNOPSIS
+
+check_aptkeys [-b|--binary path]
+              [-w|--warning string]
+              [-c|--critical string]
+              [-h|--help]
+              [-m|--man]
+              [-v|--version]
+
+=head1 OPTIONS
+
+=over
+
+=item B<-b>|B<--binary> I<path>
+
+apt-keys binary (default: /usr/bin/apt-key)
+
+=item B<-w>|B<--warning> I<string>
+
+Time before change to warning status. (default: I<1month>)
+
+=item B<-c>|B<--critical> I<string>
+
+Time before change to critical status. (default: I<1week>)
+
+=item B<-h>|B<--help>
+
+Print detailed help screen.
+
+=item B<-m>|B<--man>
+
+Print manual page.
+
+=item B<-V>|B<--version>
+
+Print version information.
+
+=back
+
+=head1 DESCRIPTION
+
+This plugin check the expire date for aptkeys.  This plugin must be run as root.
+
+=head1 VERSION
+
+This man page is current for version 2.0 of check_aptkeys.
+
+=head1 AUTHOR
+
+Written by Christian Arnold L<arnold@schlittermann.de>
+
+=head1 COPYRIGHT
+
+Copyright (C) 2011 by Christian Arnold and Schlittermann internet & unix support.
+This is free software, and you are welcome to redistribute it under certain conditions.
+See the GNU General Public Licence for details.
+
+=cut