ius/nagios/nagios-plugin-ldap-repl: comparison check_ldap

equal deleted inserted replaced

-:8ec2ac83a94c
+:1be7213b89b1
 	DEPENDENT => 4
 );
 my $ME      = basename $0;
 my $NAME    = "LDAPREPL";
-my $VERSION = "0.2";
+my $VERSION = "0.3";
+my $master_default = "ldap://ldap-master:389/";
+my $slave_default = "ldap://ldap-slave:389/";
+my $cn_default = "replcheck";
 my %opt = (
 	init	=> 0,
 	delete  => 0,
 	refresh => 0,
-	cn      => "replcheck",
+	cn      => $cn_default,
 	wait    => 1,
 	file    => "/etc/nagios/ius/plugins/config/check_ldap_repl.cfg",
-	master	=> "ldap://ldap-master:389/",
+	master	=> $master_default,
-	slave	=> "ldap://ldap-slave:389/"
+	slave	=> $slave_default
 );
 MAIN: {
 	Getopt::Long::Configure('bundling');
 	GetOptions(
 		"h|help"       => sub { pod2usage( -verbose => 1, -exitval => $ERRORS{OK} ) },
 		"m|man"        => sub { pod2usage( -verbose => 2, -exitval => $ERRORS{OK} ) },
 		"V|version"    => sub { version( $ME, $VERSION ); exit $ERRORS{OK}; }
 	) or pod2usage( -verbose => 1, -exitval => $ERRORS{CRITICAL} );
+	# init or delete the ldap object
 	if ($opt{init}) {
 		ldap_object("init");
 		print "new object successfully initialized\n";
 		exit $ERRORS{OK};
 	} elsif ($opt{delete}) {
 		ldap_object("delete");
 		print "object successfully deleted\n";
 		exit $ERRORS{OK};
 	}
+	# refresh our ldap object
 	ldap_object("refresh") if ($opt{refresh});
 	my ($master, $slave, $cn) = undef;
 	my @slaves = ();
 	my %results = ();
-	if (-r $opt{file}) {
+	# preparing for the comparison of ldap entries
-		(undef, undef, $master, $slave, $cn) = read_config();
+if (($opt{master} ne $master_default) || ($opt{slave} ne $slave_default) || ($opt{cn} ne $cn_default)) {
-		@slaves = split(/,/, $slave);
+$master = $opt{master};
-	} else {
+@slaves = split(/,/, $opt{slave});
-		$master = $opt{master};
+$cn = $opt{cn};
-		@slaves = split(/,/, $opt{slave});
+} elsif (-r $opt{file}) {
-		$cn = $opt{cn};
+(undef, undef, $master, $slave, $cn) = read_config();
-	}
+@slaves = split(/,/, $slave);
+} else {
+$master = $opt{master};
+@slaves = split(/,/, $opt{slave});
+$cn = $opt{cn};
+}
+	# get the values from the ldap
 	$results{$master}{'master'} = get_stamp($master, $cn);
 	sleep $opt{wait};
 	foreach (@slaves) {
 		$results{$_}{'slave'} = get_stamp($_, $cn);
 	}
+	# compare the time stamps and generate the output
 	compare_results(\%results);
 }
 sub compare_results(%) {
 	my @output = ();
 	my ($binddn, $password) = undef;
 	my $master = $opt{master};
 	my $cn = $opt{cn};
+	# ldap object init/delete is only allowed at the prompt
 	if ( ($type eq "init") || ($type eq "delete") ) {
 		$binddn = prompt('BindDN: ');
 		$password = prompt('Password: ', -e => '*');
-		if (-r $opt{file}) {
+		if (($opt{master} ne $master_default) || ($opt{cn} ne $cn_default)) {
-			(undef, undef, $master, undef, undef) = read_config();
+			$master = $opt{master};
+			$cn = $opt{cn};
+		} elsif ( -r $opt{file} ) {
+			(undef, undef, $master, undef, $cn) = read_config();
 		}
 	} else {
 		if ($opt{binddn} && $opt{password}) {
 			$binddn = $opt{binddn};
 			$password = $opt{password};
-		} elsif (-r $opt{file}) {
-			($binddn, $password, $master, undef, $cn) = read_config();
 		} else {
 			$binddn = prompt('BindDN: ');
 			$password = prompt('Password: ', -e => '*');
 		}
+		if (($opt{master} ne $master_default) || ($opt{cn} ne $cn_default)) {
+			$master = $opt{master};
+			$cn = $opt{cn};
+		} elsif ( -r $opt{file} ) {
+			(undef, undef, $master, undef, $cn) = read_config();
+		}
 	}
-	my $ldap = Net::LDAP->new( $master ) or die "$@";
+	my $ldap = Net::LDAP->new( $master );
+	if (!$ldap) {
+		print "$NAME CRITICAL: [$master] $!\n";
+		exit $ERRORS{CRITICAL};
+	}
 	my $mesg = $ldap->bind("$binddn", password => $password);
 	if ($mesg->code) {
 		$ldap->unbind() if ($ldap);
 		print "$NAME CRITICAL: " . $mesg->error . "\n";
 	# delete check object
 	$mesg = $ldap->delete("cn=$cn,$context") if ($type eq "delete");
 	if ($mesg->code && ($type eq "delete" || $type eq "init")) {
-		print "$NAME CRITICAL: " . $mesg->error . "\n";
+		print "$NAME WARNING: [ldapt] " . $mesg->error . "\n";
-		exit $ERRORS{CRITICAL};
+		exit $ERRORS{WARNING};
 	}
 	# refresh check object
 	$mesg = $ldap->modify(
 		"cn=$cn,$context",
 	return 0;
 }
 sub get_stamp($$) {
 	my ($server, $cn) = @_;
-	my $ldap = Net::LDAP->new( $server ) or die "$@";
+	my $ldap = Net::LDAP->new( $server );
+	if (!$ldap) {
+		print "$NAME CRITICAL: [$server] $!\n";
+		exit $ERRORS{CRITICAL};
+	}
 	my $mesg = $ldap->bind();
 	if ($mesg->code) {
 		$ldap->unbind() if ($ldap);
 		print "$NAME CRITICAL: " . $mesg->error . "\n";
 =item B<-i>|B<--init>
 Add the check object cn=replcheck,I<namingContext> to the master server if not exists. See also the B<--cn> option.
 You will ask for an B<binddn> and B<password>, if not given B<--binddn> and B<--password> options.
-Your B<binddn> must have write permission to the ldap master server.
+LDAP object initialisation is only allowed at the prompt. Your B<binddn> must have write permission to the ldap master server.
 =item B<-d>|B<--delete>
 Delete the check object from the ldap master server if exists. See also the B<--cn> option.
 You will ask for an B<binddn> and B<password>, if not given B<--binddn> and B<--password> options.
-Your B<binddn> must have write permission to the ldap master server.
+LDAP object deletion is only allowed at the prompt. Your B<binddn> must have write permission to the ldap master server.
 =item B<-r>|B<--refresh>
 Refresh the stamp attribute of the check attribute with current unix time.
 You will ask for an B<binddn> and B<password>, if not given B<--binddn> and B<--password> options. See also B<--file> option.
 This plugin checks if the ldap replication works correctly.
 =head1 VERSION
-This man page is current for version 0.2 of B<check_ldap_repl>.
+This man page is current for version 0.3 of B<check_ldap_repl>.
 =head1 AUTHOR
 Written by Christian Arnold L<arnold@schlittermann.de>

changeset 3	1be7213b89b1
parent 1	36f66a013838
child 4	fae19ea0292f