X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=dsa-nagios-checks%2Fchecks%2Fdsa-check-libs;h=b75fcef3887cbe63e3539d753489e6687a9a7611;hb=db75b8d6f96b7f61a11501690a54bb277021995b;hp=5d4985593159c4c208d1d05d1a0a23796baff654;hpb=5296d97a3107ac926030a24a1e5216da59403ee5;p=mirror%2Fdsa-nagios.git diff --git a/dsa-nagios-checks/checks/dsa-check-libs b/dsa-nagios-checks/checks/dsa-check-libs index 5d49855..b75fcef 100755 --- a/dsa-nagios-checks/checks/dsa-check-libs +++ b/dsa-nagios-checks/checks/dsa-check-libs @@ -49,18 +49,21 @@ sub dief { } if (!GetOptions ( - '--help' => \$params->{'help'}, - '--version' => \$params->{'version'}, - '--quiet' => \$params->{'quiet'}, - '--verbose' => \$params->{'verbose'}, - '--config=s' => \$params->{'config'}, + '--help' => \$params->{'help'}, + '--version' => \$params->{'version'}, + '--quiet' => \$params->{'quiet'}, + '--ignore-pid-namespaces' => \$params->{'ignore_pid_namespaces'}, + '--verbose' => \$params->{'verbose'}, + '-v' => \$params->{'verbose'}, + '--config=s' => \$params->{'config'}, )) { - dief ("$PROGRAM_NAME: Usage: $PROGRAM_NAME [--help|--version] [--verbose] [--quiet] [--config=]\n"); + dief ("$PROGRAM_NAME: Usage: $PROGRAM_NAME [--help|--version] [--ignore-pid-namespaces] [--verbose] [--quiet] [--config=]\n"); }; if ($params->{'help'}) { - print "$PROGRAM_NAME: Usage: $PROGRAM_NAME [--help|--version] [--verbose] [--quiet] [--config=]\n"; + print "$PROGRAM_NAME: Usage: $PROGRAM_NAME [--help|--version] [--ignore-pid-namespaces] [--verbose] [--quiet] [--config=]\n"; print "Reports processes that are linked against libraries that no longer exist.\n"; print "The optional config file can specify ignore rules - see the sample config file.\n"; + print "Can optionally ignore processes from other PID namespaces.\n"; exit (0); }; if ($params->{'version'}) { @@ -141,8 +144,14 @@ sub inVserver() { my $INVSERVER = inVserver(); +my $PID_NS_SUPPORT = (-f '/proc/self/ns/pid'); +my $PID_NS; +if ($PID_NS_SUPPORT and $params->{'ignore_pid_namespaces'}) { + $PID_NS = readlink('/proc/self/ns/pid'); +} + print STDERR "Running $LSOF -n\n" if $params->{'verbose'}; -open (LSOF, "$LSOF -n|") or dief ("Cannot run $LSOF -n: $!\n"); +open (LSOF, "$LSOF -n 2>/dev/null|") or dief ("Cannot run $LSOF -n: $!\n"); my @lsof=; close LSOF; if ($CHILD_ERROR) { # program failed @@ -155,10 +164,15 @@ LINE: for my $line (@lsof) { my %fields = map { m/^(.)(.*)$/ ; $1 => $2 } grep { defined $_ and length $_ >1} split /\0/, $line; $process = $fields{c}; $pid = $fields{p}; - $user = $fields{L}; + $user = $fields{L} || ''; next; } + if ($PID_NS_SUPPORT and $params->{'ignore_pid_namespaces'}) { + my $pidns = readlink('/proc/'.$pid.'/ns/pid'); + next if (defined $pidns and $PID_NS ne $pidns); + } + unless ( $line =~ /^f/ ) { dief("UNKNOWN strange line read from lsof\n"); # don't print it because it contains NULL characters... @@ -170,8 +184,9 @@ LINE: for my $line (@lsof) { my $inode = $fields{i}; my $path = $fields{n}; if ($path =~ m/\.dpkg-/ || $path =~ m/\(deleted\)/ || $path =~ /path inode=/ || $path =~ m#/\.nfs# || $fd eq 'DEL') { - my $deleted_in_path = ($path =~ m/\(deleted\)/); + my $deleted_in_path = ($path =~ m/\(deleted\)/ || $path =~ m/\.nfs/); next if ($deleted_in_path && $fd =~ /^[0-9]*$/); # Ignore deleted files that are open via normal file handles. + next if ($deleted_in_path && $fd eq 'cwd'); # Ignore deleted directories that we happen to be in. $path =~ s/^\(deleted\)//; # in some cases "(deleted)" is at the beginning of the string for my $i (@{$config->{'ignorelist'}}) {