[project @ peter@palfrader.org-20080926130328-ckyr2isd5w68fc4u]

Rename dsa-check-da-in-aliases to dsa-check-config.
dsa-check-config: check if ldap.conf is configured correctly.

diff --git a/dsa-nagios-nrpe-config/debian/changelog b/dsa-nagios-nrpe-config/debian/changelog
index ffa4b73..2c468c3 100644 (file)
--- a/dsa-nagios-nrpe-config/debian/changelog
+++ b/dsa-nagios-nrpe-config/debian/changelog
@@ -1,3 +1,10 @@
+dsa-nagios-nrpe-config (58) unstable; urgency=low
+
+  * Rename dsa-check-da-in-aliases to dsa-check-config.
+  * dsa-check-config: check if ldap.conf is configured correctly.
+
+ -- Peter Palfrader <weasel@debian.org>  Fri, 26 Sep 2008 15:02:53 +0200
+
 dsa-nagios-nrpe-config (57) unstable; urgency=low
 
   * dsa-check-hpacucli: Do not inspect drives in detail when they are

diff --git a/dsa-nagios-nrpe-config/dsa-check-config b/dsa-nagios-nrpe-config/dsa-check-config
new file mode 100755 (executable)
index 0000000..0d62402
--- /dev/null
+++ b/dsa-nagios-nrpe-config/dsa-check-config
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+# Check that debian-admin is in /etc/aliases for root.
+# Peter Palfrader, 2008
+
+#my %ERRORS = ( OK => 0, WARNING => 1, CRITICAL => 2, UNKNOWN => -1 );
+
+set -e
+err=0
+
+log() {
+       if [ "$0" == "ok" ] && [ "$err" == 0 ]; then
+               err=0
+       elif [ "$1" == "warn" ] && [ "$err" -lt 1 ]; then
+               err=1
+       elif [ "$1" == "critical" ] && [ "$err" -lt 2 ]; then
+               err=2
+       elif [ "$1" == "unknown" ] && [ "$err" == 0 ]; then
+               err=3
+       fi
+       if [ "`eval echo \\$$1`" = "" ]; then
+               eval $1="\"$2\""
+       else
+               eval $1="\"`eval echo \\$$1`; $2\""
+       fi
+}
+
+
+check_aliases() {
+       if ! [ -e /etc/aliases ]; then
+               log unknown "/etc/aliases not found"
+               return
+       fi
+
+       if egrep '^root:.*debian-admin@debian.org' /etc/aliases > /dev/null; then
+               log ok "debian-admin found in aliases"
+               return
+       fi
+
+       log warn "debian-admin not found in root entry in aliases"
+}
+
+check_ldap_conf() {
+       if ! [ -e /etc/ldap/ldap.conf ]; then
+               log unknown "/etc/ldap/ldap.conf not found"
+               return
+       fi
+
+       if egrep '^URI.*ldap://db.debian.org' /etc/ldap/ldap.conf > /dev/null &&
+          egrep '^BASE.*dc=debian,dc=org' /etc/ldap/ldap.conf > /dev/null &&
+          egrep '^TLS_CACERT.*/etc/ssl/certs/spi-cacert-2008.pem' /etc/ldap/ldap.conf > /dev/null &&
+          egrep '^TLS_REQCERT.*hard' /etc/ldap/ldap.conf > /dev/null ; then
+               log ok "ldap.conf configured properly"
+               return
+       fi
+
+       log warn "ldap.conf does not have URI, BASE, TLS_CACERT, TLS_REQCERT all configured correctly"
+}
+
+check_aliases
+check_ldap_conf
+
+[ "$critical" = "" ] || echo -n "Critical: $critical; "
+[ "$warn" = "" ] || echo -n "Warning: $warn; "
+[ "$unknown" = "" ] || echo -n "Unknown: $unknown; "
+[ "$ok" = "" ] || echo -n "OK: $ok"
+echo
+exit $err

diff --git a/dsa-nagios-nrpe-config/dsa-check-da-in-aliases b/dsa-nagios-nrpe-config/dsa-check-da-in-aliases
deleted file mode 100755 (executable)
index f760a99..0000000
--- a/dsa-nagios-nrpe-config/dsa-check-da-in-aliases
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/sh
-
-# Check that debian-admin is in /etc/aliases for root.
-# Peter Palfrader, 2008
-
-#my %ERRORS = ( OK => 0, WARNING => 1, CRITICAL => 2, UNKNOWN => -1 );
-
-set -e
-
-if ! [ -e /etc/aliases ]; then
-       echo "UNKNOWN: /etc/aliases not found"
-       exit 3
-fi
-
-if egrep '^root:.*debian-admin@debian.org' /etc/aliases > /dev/null; then
-       echo "OK: debian-admin found in aliases"
-       exit 0
-fi
-
-echo "WARNING: debian-admin not found in root entry in aliases"
-exit 1