From 08275064a9658cc5efde9976917f897c1a775cb1 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sun, 8 Nov 2009 12:42:40 +0100 Subject: [PATCH] dsa-check-dabackup-server: Handle wildcard entries Handle wildcard entries (via the new ssh wrapper) in the authorized_keys files. Such entries accept all backup-manager entries for their host, but they do not require one. As such we can just put all the hosts in the authkeys file regardless of whether we actually have backups configured for them. --- dsa-nagios-checks/checks/dsa-check-dabackup-server | 6 +++++- dsa-nagios-checks/debian/changelog | 7 ++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/dsa-nagios-checks/checks/dsa-check-dabackup-server b/dsa-nagios-checks/checks/dsa-check-dabackup-server index c4e4884..8dba0c0 100755 --- a/dsa-nagios-checks/checks/dsa-check-dabackup-server +++ b/dsa-nagios-checks/checks/dsa-check-dabackup-server @@ -70,9 +70,13 @@ trap "rm -f '$rsync_targets' '$backup_manager_sources'" 0 1 2 5 15 cat /root/.ssh/authorized_keys | grep '^command=' | sed -e 's/",no-por.*//' -e 's/.*--ignore-errors . //' -e 's#/org/backup.debian.org/staging/##' | + grep -v 'command="/usr/lib/da-backup/da-backup-ssh-wrap ' | sort > "$rsync_targets" -grep -h source /etc/da-backup-manager/* | + +wildcard_hosts=`cat /root/.ssh/authorized_keys | grep 'command="/usr/lib/da-backup/da-backup-ssh-wrap ' | sed -e 's/.*da-backup-ssh-wrap \([a-z0-9.]*\)".*/\1/' | tr '\n' '|' | sed 's/|$//'` +grep -h source /etc/da-backup-manager/* | sed -e 's/source=//' | + egrep -v "^($wildcard_hosts)/" | sort > "$backup_manager_sources" if ! diff "$rsync_targets" "$backup_manager_sources" > /dev/null; then log warn diff --git a/dsa-nagios-checks/debian/changelog b/dsa-nagios-checks/debian/changelog index c323893..a485840 100644 --- a/dsa-nagios-checks/debian/changelog +++ b/dsa-nagios-checks/debian/changelog @@ -3,8 +3,13 @@ dsa-nagios-checks (8X) Xtable; urgency=low * dsa-check-mirrorsync: Handle case where we cannot parse a tracefile better (do not reference undefined values, properly exit with UNKNOWN). * dsa-check-mirrorsync: Fix counting of out-of-date mirrors. + * dsa-check-dabackup-server: Handle wildcard entries (via the new ssh + wrapper) in the authorized_keys files. Such entries accept all + backup-manager entries for their host, but they do not require one. + As such we can just put all the hosts in the authkeys file regardless of + whether we actually have backups configured for them. - -- Peter Palfrader Mon, 02 Nov 2009 15:49:28 +0100 + -- Peter Palfrader Sun, 08 Nov 2009 12:41:29 +0100 dsa-nagios-checks (83) stable; urgency=low -- 2.20.1