X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=dsa-nagios-checks%2Fchecks%2Fdsa-check-config;h=2772994279e09af224ec7ac7e5e3233ce194a413;hb=0787b1bcf4334829dbfee2330c90dff38a11dadb;hp=ae5fa7452ebfecd53a00a76564fd2c30f666c1ae;hpb=c4cecc0ff10390d8fec0ffb29878050357c8ea1f;p=mirror%2Fdsa-nagios.git

diff --git a/dsa-nagios-checks/checks/dsa-check-config b/dsa-nagios-checks/checks/dsa-check-config
index ae5fa74..2772994 100755
--- a/dsa-nagios-checks/checks/dsa-check-config
+++ b/dsa-nagios-checks/checks/dsa-check-config
@@ -40,23 +40,6 @@ check_aliases() {
 	log warn "debian-admin not found in root entry in aliases"
 }
 
-check_ldap_conf() {
-	if ! [ -e /etc/ldap/ldap.conf ]; then
-		log unknown "/etc/ldap/ldap.conf not found"
-		return
-	fi
-
-	if egrep '^URI.*ldap://db.debian.org' /etc/ldap/ldap.conf > /dev/null &&
-	   egrep '^BASE.*dc=debian,dc=org' /etc/ldap/ldap.conf > /dev/null &&
-	   egrep '^TLS_CACERT.*/etc/ssl/servicecerts/db.debian.org.crt' /etc/ldap/ldap.conf > /dev/null &&
-	   egrep '^TLS_REQCERT.*hard' /etc/ldap/ldap.conf > /dev/null ; then
-		log ok "ldap.conf configured properly"
-		return
-	fi
-
-	log warn "ldap.conf does not have URI, BASE, TLS_CACERT, TLS_REQCERT all configured correctly"
-}
-
 check_ssh_hostkeys() {
 	if [ -e /etc/ssh/ssh_host_ed25519_key ] ; then
 		if ! [ -e /etc/ssh/ssh_host_ed25519_key.pub ]; then
@@ -71,15 +54,25 @@ check_ssh_hostkeys() {
 			return
 		fi
 	else
-		log ok "no ed25519 host key."
+		log ok "no ed25519 host key"
 		return
 	fi
 }
 
+check_ipv6_dad() {
+	if ip a | grep -q dadfailed; then
+		log warn "some configured ipv6 addresses failed DAD"
+	else
+		log ok "no DAD failures"
+	fi
+
+}
+
+
 
 check_aliases
-check_ldap_conf
 check_ssh_hostkeys
+check_ipv6_dad
 
 [ "$critical" = "" ] || echo -n "Critical: $critical; "
 [ "$warn" = "" ] || echo -n "Warning: $warn; "