--- /dev/null
+#!/bin/bash
+
+# Checks if any of the *.crt files in a directory on disk will expire soon
+
+# Copyright 2009,2016 Peter Palfrader
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+sn="$0"
+if [ "${sn%/*}" = "$sn" ]; then
+ CERT_CHECK=dsa-check-cert-expire
+else
+ CERT_CHECK="${sn%/*}/dsa-check-cert-expire"
+fi
+
+if [ "$#" != 1 ] ; then
+ echo >&2 "Usage: $0 <directory>"
+ exit 1
+fi
+
+DIR="$1"
+
+if ! [ -d "$DIR" ]; then
+ echo "Not a directory: $DIR"
+ exit 1
+fi
+
+OK=""
+WARN=""
+CRIT=""
+UNKNOWN=""
+cOK=0
+cWARN=0
+cCRIT=0
+cUNKNOWN=0
+
+t=$(tempfile)
+trap "rm -f '$t'" EXIT
+
+for i in "$DIR"/*.crt; do
+ d="${i%.crt}"
+ d="${d##*/}"
+ echo -n "$d: " >> "$t"
+ "$CERT_CHECK" "$i" >> "$t" 2>&1
+ rc=$?
+ if [ "$rc" = 0 ]; then
+ OK="$OK $d"
+ cOK=$(( cOK + 1 ))
+ elif [ "$rc" = 1 ]; then
+ WARN="$WARN $d"
+ cWARN=$(( cWARN + 1 ))
+ elif [ "$rc" = 2 ]; then
+ CRIT="$CRIT $d"
+ cCRIT=$(( cCRIT + 1 ))
+ else
+ UNKNOWN="$UNKNOWN $d"
+ cUNKNOWN=$(( cUNKNOWN + 1 ))
+ fi
+done
+
+if [ -n "$CRIT" ]; then rc=2;
+elif [ -n "$WARN" ]; then rc=1;
+elif [ -n "$UNKNOWN" ]; then rc=3;
+else rc=0;
+fi
+
+[ -n "$CRIT" ] && echo "CRITICAL ($cCRIT):$CRIT, "
+[ -n "$WARN" ] && echo "WARN ($cWARN):$WARN, "
+[ -n "$UNKNOWN" ] && echo "UNKNOWN ($cUNKNOWN):$UNKNOWN, "
+[ -n "$OK" ] && echo "OK ($cOK):$OK."
+cat "$t"
+exit $rc
* dsa-check-drbd: Add --ok-no-devices option.
* dsa-check-backuppg: allow specifying which timeline we expect a database
to be on.
+ * dsa-check-cert-expire-dir: add
[ Tollef Fog Heen ]
* dsa-update-unowned-file-status: ignore fdescfs, used for /dev/fd on
* Add dsa-check-hpssacli, replaces hpacucli for new hosts.
* dsa-check-hpssacli: accept 12.0Gbps as transfer speed for SAS
- -- Peter Palfrader <weasel@debian.org> Sun, 17 Jan 2016 18:47:12 +0100
+ -- Peter Palfrader <weasel@debian.org> Tue, 02 Feb 2016 07:58:55 +0100
dsa-nagios-checks (108) unstable; urgency=medium