--- a/check_exec.pl Tue Dec 28 16:49:16 2010 +0100
+++ b/check_exec.pl Tue Dec 28 23:27:54 2010 +0100
@@ -1,4 +1,4 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
# Copyright (C) 2010 Christian Arnold
#
@@ -19,6 +19,7 @@
use 5.010;
use strict;
+use warnings;
use File::Basename;
use Pod::Usage;
use Getopt::Long;
@@ -26,6 +27,7 @@
use HTTP::Status;
use File::Path;
use File::Temp;
+use if $ENV{DEBUG} => "Smart::Comments";
use lib "/usr/lib/nagios/plugins";
use utils qw (%ERRORS);
@@ -35,15 +37,14 @@
my $ME = basename $0;
my $VERSION = "0.3";
-sub download($$);
-sub verify($$);
-sub cleanup($);
+sub download($);
+sub verify($);
sub execute($);
sub version($$);
my $opt = {
url => undef,
- path => "/var/tmp/nagios",
+ dir => "/var/tmp/nagios/check_exec",
binary => "/usr/bin/gpg"
};
@@ -52,7 +53,7 @@
GetOptions(
"u|url=s" => \$opt->{url},
"b|binary=s" => \$opt->{binary},
- "p|path=s" => \$opt->{path},
+ "d|dir=s" => \$opt->{dir},
"h|help" => sub { pod2usage(-verbose => 1, -exitval => $ERRORS{OK}) },
"m|man" => sub { pod2usage(-verbose => 2, -exitval => $ERRORS{OK}) },
"V|version" => sub { version($ME, $VERSION); exit $ERRORS{OK}; }
@@ -60,86 +61,75 @@
$opt->{url} // pod2usage(-verbose => 1, -exitval => $ERRORS{CRITICAL});
- my $tmp = File::Temp->new();
- my $file = download($opt->{url}, $opt->{path});
- my $run_file = verify($file => $tmp);
+ # prepare the nest
+ {
+ my $err;
+ mkpath($opt->{dir}, { mode => 0700, error => \$err });
+ if (@$err) {
+ for my $diag (@$err) {
+ my ($directory, $message) = %$diag;
+ say
+ "EXEC CRITICAL: Can't create directory $directory: $message";
+ }
+ exit $ERRORS{CRITICAL};
+ }
- warn "<< $run_file >>\n";
- die `cat $run_file`;
+ # files older than 1 hour can be removed
+ unlink grep { -M > 1 / 24 } glob("$opt->{dir}/*");
+ }
+
+ # these two functions return File::Temp Objects!
+ my $local = download($opt->{url});
+ my $exe = verify($local->filename);
+ execute($exe->filename);
}
sub execute($) {
my $run_file = shift;
- chmod 0755, $run_file or do {
- print "EXEC CRITICAL: Can't chmod $run_file ($!)\n";
- cleanup($run_file);
+ chmod 0500, $run_file or do {
+ say "EXEC CRITICAL: Can't chmod $run_file ($!)";
exit $ERRORS{CRITICAL};
};
- my @cmd = ($run_file);
-
- exec(@cmd) or print "EXEC CRITICAL: Couldn't exec $run_file ($!)";
-}
-
-sub cleanup($) {
- my $file = shift;
-
- if (-f $file) {
- unlink $file or do {
- print "EXEC WARNING: Can't remove $file ($!)\n";
- exit $ERRORS{WARNING};
- }
- }
+ { exec $run_file $ME };
+ say "EXEC CRITICAL: Couldn't exec $run_file ($!)";
+ exit $ERRORS{CRITICAL};
}
-sub download($$) {
- my $url = shift;
- my $path = shift;
-
- my $file = basename $url;
+sub download($) {
+ my $url = shift;
+ my $local = File::Temp->new(DIR => $opt->{dir});
- unless (-d $path) {
- mkpath($path, { mode => 0700, error => \my $err });
- for my $diag (@$err) {
- my ($directory, $message) = %$diag;
- print
- "EXEC CRITICAL: Can't create directory $directory: $message\n";
- }
- exit $ERRORS{CRITICAL} if defined $err;
- }
-
- $file = "$path/$file";
-
- my $rc = getstore($url, $file);
+ my $rc = getstore($url, $local->filename);
if (is_error($rc)) {
- unlink $file;
if ($rc == 404) {
- print "EXEC OK: $url ", status_message($rc), "\n";
+ say "EXEC OK: $url ", status_message($rc);
exit $ERRORS{OK};
}
- print "EXEC CRITICAL: $url ", status_message($rc), "\n";
+ say "EXEC CRITICAL: $url ", status_message($rc);
exit $ERRORS{CRITICAL};
}
- return $file;
+ return $local;
}
-sub verify($$) {
- my ($file, $tmp) = @_;
- my $dir = dirname($file);
- my $home_dir = (getpwuid($>))[7];
+sub verify($) {
+ my $local = shift;
- my $dc =
- "$opt->{binary} --output $tmp --homedir $home_dir/.gnupg --batch --yes";
- my @r = qx($dc $file 2>&1);
+ my $home = (getpwuid($>))[7];
+ my $verified = File::Temp->new(DIR => $opt->{dir});
+
+ my @r = qx($opt->{binary} --homedir $home/.gnupg --batch --yes --output $verified $local 2>&1);
+
if ($?) {
print "EXEC CRITICAL: @r";
exit $ERRORS{CRITICAL};
}
- return $tmp->filename;
+ $verified->close(); # if not closed, it stays busy
+ return $verified;
}
sub version($$) {
@@ -156,6 +146,8 @@
_VERSION
}
+__END__
+
=head1 NAME
check_exec - nagios plugin to download/verify/execute a program file
@@ -164,27 +156,25 @@
check_exec -u|--url
[-b|--binary path]
- [-p|--path path]
+ [-d|--dir dir]
check_exec [-h|--help]
-
check_exec [-m|--man]
-
check_exec [-v|--version]
=head1 OPTIONS
=over
-=item B<-u>|B<--url> url
+=item B<-u>|B<--url> I<url>
Download url for generic script.
-=item B<-b>|B<--binary> path
+=item B<-b>|B<--binary> I<path>
Path to gpg binary program (default: /usr/bin/gpg)
-=item B<-p>|B<--path> path
+=item B<-d>|B<--dir> I<dir>
Location for store download script (default: /var/tmp/nagios)
@@ -213,7 +203,7 @@
=head1 AUTHOR
-Written by Christian Arnold <arnold@schlittermann.de>
+Written by Christian Arnold L<arnold@schlittermann.de>
=head1 COPYRIGHT