X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=dsa-nagios-checks%2Fchecks%2Fdsa-check-running-kernel;h=452c8c1e82c10d63c4790cb1c856d5ce579e4f26;hb=f79acba81afea4a50183dd6754d7aeb064e0e4e1;hp=757459b00f3f40f2a08edf5b6c64ed7ef03927af;hpb=fcd62c0f907d6ae4fc8b4c971cfec80ece5921f5;p=mirror%2Fdsa-nagios.git diff --git a/dsa-nagios-checks/checks/dsa-check-running-kernel b/dsa-nagios-checks/checks/dsa-check-running-kernel index 757459b..452c8c1 100755 --- a/dsa-nagios-checks/checks/dsa-check-running-kernel +++ b/dsa-nagios-checks/checks/dsa-check-running-kernel @@ -3,8 +3,9 @@ # Check if the running kernel has the same version string as the on-disk # kernel image. -# Copyright 2008 Peter Palfrader +# Copyright 2008,2009 Peter Palfrader # Copyright 2009 Stephen Gran +# Copyright 2010 Uli Martens # # Permission is hereby granted, free of charge, to any person obtaining # a copy of this software and associated documentation files (the @@ -44,13 +45,12 @@ get_offset() { print $i,"\n"' < "$file" } -get_avail() { +get_avail_linux() { # This is wrong, but leaves room for when we have to care for machines running # myfirstunix-image-0.1-dsa-arm local prefix=linux local kervers=$(uname -r) - local kernelversion=$(apt-cache policy ${prefix}-image-${kervers} 2>/dev/null | grep '^ Installed:' | awk '{print $2}') local metavers='' @@ -62,6 +62,11 @@ get_avail() { metavers=$(echo $kervers | sed -r -e 's/^2\.(4|6)\.[0-9]+-[A-Za-z0-9\.]+-(.*)/2.\1-\2/') fi + # Attempt to track back to a metapackage failed. bail + if [ "$metavers" = "$kervers" ]; then + return 2 + fi + # We're just going to give up if we can't find a matching metapackage # I tried being strict once, and it just caused a lot of headaches. We'll see how # being lax does for us @@ -77,24 +82,33 @@ get_avail() { return 2 fi - local last=0 - for vers in $(apt-cache --no-all-versions depends ${prefix}-image-${metavers} | grep Depends | awk '{print $2}' | sort -u); do - if dpkg --compare-versions $vers gt $last; then - last=$vers + if [ "$metaavailvers" != "$metainstavers" ] ; then + echo "${prefix}-image-${metavers} $metaavailvers available but $metainstavers installed" + return 1 + fi + + local imagename=0 + # --no-all-versions show shows only the candidate + for vers in $(apt-cache --no-all-versions show ${prefix}-image-${metavers} | sed -n 's/^Depends: //p' | tr ',' '\n' | tr -d ' ' | grep ${prefix}-image | awk '{print $1}' | sort -u); do + if dpkg --compare-versions $vers gt $imagename; then + imagename=$vers fi done - local imagename=$last if [ -z "$imagename" ] || [ "$imagename" = 0 ]; then return 2 fi - if [ "$imagename" != "${prefix}-image-${kervers}" ]; then - echo "$imagename" != "${prefix}-image-${kervers}" + if [ "$imagename" != "${prefix}-image-${kervers}" ]; then + if dpkg --compare-versions "$imagename" lt "${prefix}-image-${kervers}"; then + return 2 + fi + echo "$imagename" != "${prefix}-image-${kervers}" return 1 fi local availvrs=$(apt-cache policy ${imagename} 2>/dev/null | grep '^ Candidate' | awk '{print $2}') + local kernelversion=$(apt-cache policy ${prefix}-image-${kervers} 2>/dev/null | grep '^ Installed:' | awk '{print $2}') if [ "$availvrs" = "$kernelversion" ]; then return 0 @@ -104,14 +118,14 @@ get_avail() { return 1 } - -get_image() { - local image GZHDR1 GZHDR2 off +get_image_linux() { + local image GZHDR1 GZHDR2 LZHDR off image="$1" GZHDR1="\x1f\x8b\x08\x00" GZHDR2="\x1f\x8b\x08\x08" + LZHDR="\x00\x00\x00\x02\xff" off=`get_offset "$image" $GZHDR1` [ "$?" != "0" ] && off="-1" @@ -127,6 +141,13 @@ get_image() { return fi + off=`get_offset "$image" $LZHDR` + [ "$?" != "0" ] && off="-1" + if [ "$off" -ne "-1" ]; then + (dd ibs="$[off-1]" skip=1 count=0 && dd bs=512k) < "$image" 2>/dev/null | lzcat 2>/dev/null + return + fi + echo "ERROR: Unable to extract kernel image." 2>&1 exit 1 } @@ -134,16 +155,25 @@ get_image() { searched="" for on_disk in \ "/boot/vmlinuz-`uname -r`"\ - "/boot/vmlinux-`uname -r`"; do + "/boot/vmlinux-`uname -r`"\ + "/boot/kfreebsd-`uname -r`.gz"; do if [ -e "$on_disk" ]; then - on_disk_version="`get_image "$on_disk" | strings | grep 'Linux version' | head -n1`" - [ -z "$on_disk_version" ] || break - on_disk_version="`cat "$on_disk" | strings | grep 'Linux version' | head -n1`" - [ -z "$on_disk_version" ] || break - - echo "UNKNOWN: Failed to get a version string from image $on_disk" - exit $UNKNOWN + if [ ! -x "$(which strings)" ]; then + echo "UNKNOWN: 'strings' command missing, perhaps install binutils?" + exit $UNKNOWN + fi + if [ "${on_disk/vmlinu}" != "$on_disk" ]; then + on_disk_version="`get_image_linux "$on_disk" | strings | grep 'Linux version' | head -n1`" + [ -z "$on_disk_version" ] || break + on_disk_version="`cat "$on_disk" | strings | grep 'Linux version' | head -n1`" + [ -z "$on_disk_version" ] || break + + echo "UNKNOWN: Failed to get a version string from image $on_disk" + exit $UNKNOWN + else + on_disk_version="$(zcat $on_disk | strings | grep Debian | head -n 1 | sed -e 's/Debian [[:alnum:]]\+ (\(.*\))/\1/')" + fi fi searched="$searched $on_disk" done @@ -153,22 +183,26 @@ if ! [ -e "$on_disk" ]; then exit $WARNING fi +if [ "$(uname -s)" = "Linux" ]; then + running_version="`cat /proc/version`" + if [ -z "$running_version" ] ; then + echo "UNKNOWN: Failed to get a version string from running system" + exit $UNKNOWN + fi -running_version="`cat /proc/version`" -if [ -z "$running_version" ] ; then - echo "UNKNOWN: Failed to get a version string from running system" - exit $UNKNOWN -fi - -if [ "$running_version" != "$on_disk_version" ]; then - echo "WARNING: Running kernel does not match on-disk kernel image: [$running_version != $on_disk_version]" - exit $WARNING -fi + if [ "$running_version" != "$on_disk_version" ]; then + echo "WARNING: Running kernel does not match on-disk kernel image: [$running_version != $on_disk_version]" + exit $WARNING + fi -ret="$(get_avail)" -if [ $? = 1 ]; then - echo "WARNING: Kernel needs upgrade [$ret]" - exit $WARNING + ret="$(get_avail_linux)" + if [ $? = 1 ]; then + echo "WARNING: Kernel needs upgrade [$ret]" + exit $WARNING + fi +else + echo "No support for FreeBSD yet" + exit $OK fi echo "OK: Running kernel matches on disk image: [$running_version]"