# HG changeset patch # User Heiko Schlittermann # Date 1293575274 -3600 # Node ID a74319812ee1a5fc364ea47b043799b28695d3f5 # Parent 2baeca18bf89b13c4b27082098e1ea4aa6e5f3a1 some modifications to get the "flow" of data more visible. But I'm not sure, if I succeeded. diff -r 2baeca18bf89 -r a74319812ee1 check_exec.pl --- a/check_exec.pl Tue Dec 28 16:49:16 2010 +0100 +++ b/check_exec.pl Tue Dec 28 23:27:54 2010 +0100 @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!/usr/bin/perl # Copyright (C) 2010 Christian Arnold # @@ -19,6 +19,7 @@ use 5.010; use strict; +use warnings; use File::Basename; use Pod::Usage; use Getopt::Long; @@ -26,6 +27,7 @@ use HTTP::Status; use File::Path; use File::Temp; +use if $ENV{DEBUG} => "Smart::Comments"; use lib "/usr/lib/nagios/plugins"; use utils qw (%ERRORS); @@ -35,15 +37,14 @@ my $ME = basename $0; my $VERSION = "0.3"; -sub download($$); -sub verify($$); -sub cleanup($); +sub download($); +sub verify($); sub execute($); sub version($$); my $opt = { url => undef, - path => "/var/tmp/nagios", + dir => "/var/tmp/nagios/check_exec", binary => "/usr/bin/gpg" }; @@ -52,7 +53,7 @@ GetOptions( "u|url=s" => \$opt->{url}, "b|binary=s" => \$opt->{binary}, - "p|path=s" => \$opt->{path}, + "d|dir=s" => \$opt->{dir}, "h|help" => sub { pod2usage(-verbose => 1, -exitval => $ERRORS{OK}) }, "m|man" => sub { pod2usage(-verbose => 2, -exitval => $ERRORS{OK}) }, "V|version" => sub { version($ME, $VERSION); exit $ERRORS{OK}; } @@ -60,86 +61,75 @@ $opt->{url} // pod2usage(-verbose => 1, -exitval => $ERRORS{CRITICAL}); - my $tmp = File::Temp->new(); - my $file = download($opt->{url}, $opt->{path}); - my $run_file = verify($file => $tmp); + # prepare the nest + { + my $err; + mkpath($opt->{dir}, { mode => 0700, error => \$err }); + if (@$err) { + for my $diag (@$err) { + my ($directory, $message) = %$diag; + say + "EXEC CRITICAL: Can't create directory $directory: $message"; + } + exit $ERRORS{CRITICAL}; + } - warn "<< $run_file >>\n"; - die `cat $run_file`; + # files older than 1 hour can be removed + unlink grep { -M > 1 / 24 } glob("$opt->{dir}/*"); + } + + # these two functions return File::Temp Objects! + my $local = download($opt->{url}); + my $exe = verify($local->filename); + execute($exe->filename); } sub execute($) { my $run_file = shift; - chmod 0755, $run_file or do { - print "EXEC CRITICAL: Can't chmod $run_file ($!)\n"; - cleanup($run_file); + chmod 0500, $run_file or do { + say "EXEC CRITICAL: Can't chmod $run_file ($!)"; exit $ERRORS{CRITICAL}; }; - my @cmd = ($run_file); - - exec(@cmd) or print "EXEC CRITICAL: Couldn't exec $run_file ($!)"; -} - -sub cleanup($) { - my $file = shift; - - if (-f $file) { - unlink $file or do { - print "EXEC WARNING: Can't remove $file ($!)\n"; - exit $ERRORS{WARNING}; - } - } + { exec $run_file $ME }; + say "EXEC CRITICAL: Couldn't exec $run_file ($!)"; + exit $ERRORS{CRITICAL}; } -sub download($$) { - my $url = shift; - my $path = shift; - - my $file = basename $url; +sub download($) { + my $url = shift; + my $local = File::Temp->new(DIR => $opt->{dir}); - unless (-d $path) { - mkpath($path, { mode => 0700, error => \my $err }); - for my $diag (@$err) { - my ($directory, $message) = %$diag; - print - "EXEC CRITICAL: Can't create directory $directory: $message\n"; - } - exit $ERRORS{CRITICAL} if defined $err; - } - - $file = "$path/$file"; - - my $rc = getstore($url, $file); + my $rc = getstore($url, $local->filename); if (is_error($rc)) { - unlink $file; if ($rc == 404) { - print "EXEC OK: $url ", status_message($rc), "\n"; + say "EXEC OK: $url ", status_message($rc); exit $ERRORS{OK}; } - print "EXEC CRITICAL: $url ", status_message($rc), "\n"; + say "EXEC CRITICAL: $url ", status_message($rc); exit $ERRORS{CRITICAL}; } - return $file; + return $local; } -sub verify($$) { - my ($file, $tmp) = @_; - my $dir = dirname($file); - my $home_dir = (getpwuid($>))[7]; +sub verify($) { + my $local = shift; - my $dc = - "$opt->{binary} --output $tmp --homedir $home_dir/.gnupg --batch --yes"; - my @r = qx($dc $file 2>&1); + my $home = (getpwuid($>))[7]; + my $verified = File::Temp->new(DIR => $opt->{dir}); + + my @r = qx($opt->{binary} --homedir $home/.gnupg --batch --yes --output $verified $local 2>&1); + if ($?) { print "EXEC CRITICAL: @r"; exit $ERRORS{CRITICAL}; } - return $tmp->filename; + $verified->close(); # if not closed, it stays busy + return $verified; } sub version($$) { @@ -156,6 +146,8 @@ _VERSION } +__END__ + =head1 NAME check_exec - nagios plugin to download/verify/execute a program file @@ -164,27 +156,25 @@ check_exec -u|--url [-b|--binary path] - [-p|--path path] + [-d|--dir dir] check_exec [-h|--help] - check_exec [-m|--man] - check_exec [-v|--version] =head1 OPTIONS =over -=item B<-u>|B<--url> url +=item B<-u>|B<--url> I Download url for generic script. -=item B<-b>|B<--binary> path +=item B<-b>|B<--binary> I Path to gpg binary program (default: /usr/bin/gpg) -=item B<-p>|B<--path> path +=item B<-d>|B<--dir> I Location for store download script (default: /var/tmp/nagios) @@ -213,7 +203,7 @@ =head1 AUTHOR -Written by Christian Arnold +Written by Christian Arnold L =head1 COPYRIGHT