diff -r 8ec2ac83a94c -r 1be7213b89b1 check_ldap_repl.pl --- a/check_ldap_repl.pl Thu Nov 29 13:58:02 2012 +0100 +++ b/check_ldap_repl.pl Fri Nov 30 10:58:06 2012 +0100 @@ -43,17 +43,21 @@ my $ME = basename $0; my $NAME = "LDAPREPL"; -my $VERSION = "0.2"; +my $VERSION = "0.3"; + +my $master_default = "ldap://ldap-master:389/"; +my $slave_default = "ldap://ldap-slave:389/"; +my $cn_default = "replcheck"; my %opt = ( init => 0, delete => 0, refresh => 0, - cn => "replcheck", + cn => $cn_default, wait => 1, file => "/etc/nagios/ius/plugins/config/check_ldap_repl.cfg", - master => "ldap://ldap-master:389/", - slave => "ldap://ldap-slave:389/" + master => $master_default, + slave => $slave_default ); MAIN: { @@ -74,6 +78,7 @@ "V|version" => sub { version( $ME, $VERSION ); exit $ERRORS{OK}; } ) or pod2usage( -verbose => 1, -exitval => $ERRORS{CRITICAL} ); + # init or delete the ldap object if ($opt{init}) { ldap_object("init"); print "new object successfully initialized\n"; @@ -84,27 +89,35 @@ exit $ERRORS{OK}; } + # refresh our ldap object ldap_object("refresh") if ($opt{refresh}); my ($master, $slave, $cn) = undef; my @slaves = (); my %results = (); - if (-r $opt{file}) { - (undef, undef, $master, $slave, $cn) = read_config(); - @slaves = split(/,/, $slave); - } else { - $master = $opt{master}; - @slaves = split(/,/, $opt{slave}); - $cn = $opt{cn}; - } + # preparing for the comparison of ldap entries + if (($opt{master} ne $master_default) || ($opt{slave} ne $slave_default) || ($opt{cn} ne $cn_default)) { + $master = $opt{master}; + @slaves = split(/,/, $opt{slave}); + $cn = $opt{cn}; + } elsif (-r $opt{file}) { + (undef, undef, $master, $slave, $cn) = read_config(); + @slaves = split(/,/, $slave); + } else { + $master = $opt{master}; + @slaves = split(/,/, $opt{slave}); + $cn = $opt{cn}; + } + # get the values from the ldap $results{$master}{'master'} = get_stamp($master, $cn); sleep $opt{wait}; foreach (@slaves) { $results{$_}{'slave'} = get_stamp($_, $cn); } + # compare the time stamps and generate the output compare_results(\%results); } @@ -148,25 +161,39 @@ my $master = $opt{master}; my $cn = $opt{cn}; + # ldap object init/delete is only allowed at the prompt if ( ($type eq "init") || ($type eq "delete") ) { $binddn = prompt('BindDN: '); $password = prompt('Password: ', -e => '*'); - if (-r $opt{file}) { - (undef, undef, $master, undef, undef) = read_config(); + if (($opt{master} ne $master_default) || ($opt{cn} ne $cn_default)) { + $master = $opt{master}; + $cn = $opt{cn}; + } elsif ( -r $opt{file} ) { + (undef, undef, $master, undef, $cn) = read_config(); } } else { if ($opt{binddn} && $opt{password}) { $binddn = $opt{binddn}; $password = $opt{password}; - } elsif (-r $opt{file}) { - ($binddn, $password, $master, undef, $cn) = read_config(); } else { $binddn = prompt('BindDN: '); $password = prompt('Password: ', -e => '*'); } + + if (($opt{master} ne $master_default) || ($opt{cn} ne $cn_default)) { + $master = $opt{master}; + $cn = $opt{cn}; + } elsif ( -r $opt{file} ) { + (undef, undef, $master, undef, $cn) = read_config(); + } } - my $ldap = Net::LDAP->new( $master ) or die "$@"; + my $ldap = Net::LDAP->new( $master ); + + if (!$ldap) { + print "$NAME CRITICAL: [$master] $!\n"; + exit $ERRORS{CRITICAL}; + } my $mesg = $ldap->bind("$binddn", password => $password); if ($mesg->code) { @@ -204,8 +231,8 @@ $mesg = $ldap->delete("cn=$cn,$context") if ($type eq "delete"); if ($mesg->code && ($type eq "delete" || $type eq "init")) { - print "$NAME CRITICAL: " . $mesg->error . "\n"; - exit $ERRORS{CRITICAL}; + print "$NAME WARNING: [ldapt] " . $mesg->error . "\n"; + exit $ERRORS{WARNING}; } # refresh check object @@ -222,7 +249,13 @@ sub get_stamp($$) { my ($server, $cn) = @_; - my $ldap = Net::LDAP->new( $server ) or die "$@"; + + my $ldap = Net::LDAP->new( $server ); + if (!$ldap) { + print "$NAME CRITICAL: [$server] $!\n"; + exit $ERRORS{CRITICAL}; + } + my $mesg = $ldap->bind(); if ($mesg->code) { @@ -308,13 +341,13 @@ Add the check object cn=replcheck,I to the master server if not exists. See also the B<--cn> option. You will ask for an B and B, if not given B<--binddn> and B<--password> options. -Your B must have write permission to the ldap master server. +LDAP object initialisation is only allowed at the prompt. Your B must have write permission to the ldap master server. =item B<-d>|B<--delete> Delete the check object from the ldap master server if exists. See also the B<--cn> option. You will ask for an B and B, if not given B<--binddn> and B<--password> options. -Your B must have write permission to the ldap master server. +LDAP object deletion is only allowed at the prompt. Your B must have write permission to the ldap master server. =item B<-r>|B<--refresh> @@ -384,7 +417,7 @@ =head1 VERSION -This man page is current for version 0.2 of B. +This man page is current for version 0.3 of B. =head1 AUTHOR