+++ /dev/null
-#!/usr/bin/perl -w
-
-# Copyright (C) 2005, 2006, 2007, 2008, 2012, 2015 Peter Palfrader <peter@palfrader.org>
-# 2012 Uli Martens <uli@youam.net>
-#
-# Permission is hereby granted, free of charge, to any person obtaining
-# a copy of this software and associated documentation files (the
-# "Software"), to deal in the Software without restriction, including
-# without limitation the rights to use, copy, modify, merge, publish,
-# distribute, sublicense, and/or sell copies of the Software, and to
-# permit persons to whom the Software is furnished to do so, subject to
-# the following conditions:
-#
-# The above copyright notice and this permission notice shall be
-# included in all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-use strict;
-use English;
-use Getopt::Long;
-
-$ENV{'PATH'} = '/bin:/sbin:/usr/bin:/usr/sbin';
-delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
-
-my $LSOF = '/usr/bin/lsof -F0';
-my $VERSION = '0.2015012901';
-
-# nagios exit codes
-my $OK = 0;
-my $WARNING = 1;
-my $CRITICAL = 2;
-my $UNKNOWN = 3;
-
-my $params;
-my $config;
-
-Getopt::Long::config('bundling');
-
-sub dief {
- print STDERR @_;
- exit $UNKNOWN;
-}
-
-if (!GetOptions (
- '--help' => \$params->{'help'},
- '--version' => \$params->{'version'},
- '--quiet' => \$params->{'quiet'},
- '--verbose' => \$params->{'verbose'},
- '-v' => \$params->{'verbose'},
- '--config=s' => \$params->{'config'},
- )) {
- dief ("$PROGRAM_NAME: Usage: $PROGRAM_NAME [--help|--version] [--verbose] [--quiet] [--config=<CONFIGFILE>]\n");
-};
-if ($params->{'help'}) {
- print "$PROGRAM_NAME: Usage: $PROGRAM_NAME [--help|--version] [--verbose] [--quiet] [--config=<CONFIGFILE>]\n";
- print "Reports processes that are linked against libraries that no longer exist.\n";
- print "The optional config file can specify ignore rules - see the sample config file.\n";
- exit (0);
-};
-if ($params->{'version'}) {
- print "nagios-check-libs $VERSION\n";
- print "nagios check for availability of debian (security) updates\n";
- print "Copyright (c) 2005, 2006, 2007, 2008, 2012 Peter Palfrader <peter\@palfrader.org>\n";
- exit (0);
-};
-
-if (! defined $params->{'config'}) {
- $params->{'config'} = '/etc/nagios/check-libs.conf';
-} elsif (! -e $params->{'config'}) {
- dief("Config file $params->{'config'} does not exist.\n");
-}
-
-if (-e $params->{'config'}) {
- eval "use YAML::Syck; 1" or dief "you need YAML::Syck (libyaml-syck-perl) to load a config file";
- open(my $fh, '<', $params->{'config'}) or dief "Cannot open config file $params->{'config'}: $!";
- $config = LoadFile($fh);
- close($fh);
- if (!(ref($config) eq "HASH")) {
- dief("Loaded config is not a hash!\n");
- }
-} else {
- $config = {
- 'ignorelist' => [
- '$path =~ m#^/proc/#',
- '$path =~ m#^/var/tmp/#',
- '$path =~ m#^/SYS#',
- '$path =~ m#^/drm$# # xserver stuff',
- '$path =~ m#^/dev/zero#',
- '$path =~ m#^/dev/shm/#',
- ]
- };
-}
-
-if (! exists $config->{'ignorelist'}) {
- $config->{'ignorelist'} = [];
-} elsif (! (ref($config->{'ignorelist'}) eq 'ARRAY')) {
- dief("Config->ignorelist is not an array!\n");
-}
-
-
-my %processes;
-
-sub getPIDs($$) {
- my ($user, $process) = @_;
- return join(', ', sort keys %{ $processes{$user}->{$process} });
-};
-sub getProcs($) {
- my ($user) = @_;
-
- return join(', ', map { $_.' ('.getPIDs($user, $_).')' } (sort {$a cmp $b} keys %{ $processes{$user} }));
-};
-sub getUsers() {
- return join('; ', (map { $_.': '.getProcs($_) } (sort {$a cmp $b} keys %processes)));
-};
-sub inVserver() {
- my ($f, $key);
- if (-e "/proc/self/vinfo" ) {
- $f = "/proc/self/vinfo";
- $key = "XID";
- } else {
- $f = "/proc/self/status";
- $key = "s_context";
- };
- open(F, "< $f") or return 0;
- while (<F>) {
- my ($k, $v) = split(/: */, $_, 2);
- if ($k eq $key) {
- close F;
- return ($v > 0);
- };
- };
- close F;
- return 0;
-}
-
-my $INVSERVER = inVserver();
-
-print STDERR "Running $LSOF -n\n" if $params->{'verbose'};
-open (LSOF, "$LSOF -n|") or dief ("Cannot run $LSOF -n: $!\n");
-my @lsof=<LSOF>;
-close LSOF;
-if ($CHILD_ERROR) { # program failed
- dief("$LSOF -n returned with non-zero exit code: ".($CHILD_ERROR / 256)."\n");
-};
-
-my ($process, $pid, $user);
-LINE: for my $line (@lsof) {
- if ( $line =~ /^p/ ) {
- my %fields = map { m/^(.)(.*)$/ ; $1 => $2 } grep { defined $_ and length $_ >1} split /\0/, $line;
- $process = $fields{c};
- $pid = $fields{p};
- $user = $fields{L};
- next;
- }
-
- unless ( $line =~ /^f/ ) {
- dief("UNKNOWN strange line read from lsof\n");
- # don't print it because it contains NULL characters...
- }
-
- my %fields = map { m/^(.)(.*)$/ ; $1 => $2 } grep { defined $_ and length $_ >1} split /\0/, $line;
-
- my $fd = $fields{f};
- my $inode = $fields{i};
- my $path = $fields{n};
- if ($path =~ m/\.dpkg-/ || $path =~ m/\(deleted\)/ || $path =~ /path inode=/ || $path =~ m#/\.nfs# || $fd eq 'DEL') {
- my $deleted_in_path = ($path =~ m/\(deleted\)/ || $path =~ m/\.nfs/);
- next if ($deleted_in_path && $fd =~ /^[0-9]*$/); # Ignore deleted files that are open via normal file handles.
- next if ($deleted_in_path && $fd eq 'cwd'); # Ignore deleted directories that we happen to be in.
-
- $path =~ s/^\(deleted\)//; # in some cases "(deleted)" is at the beginning of the string
- for my $i (@{$config->{'ignorelist'}}) {
- my $ignore = eval($i);
- next LINE if $ignore;
- }
- next if ($INVSERVER && ($process eq 'init') && ($pid == 1) && ($user eq 'root'));
- if ( $params->{'verbose'} ) {
- print STDERR "adding $process($pid) because of [$path]:\n";
- print STDERR $line;
- }
- $processes{$user}->{$process}->{$pid} = 1;
- };
-};
-
-
-
-my $message='';
-my $exit = $OK;
-if (keys %processes) {
- $exit = $WARNING;
- $message = 'The following processes have libs linked that were upgraded: '. getUsers()."\n";
-} else {
- $message = "No upgraded libs linked in running processes\n" unless $params->{'quiet'};
-};
-
-print $message;
-exit $exit;
projects / mirror / dsa-puppet.git / commitdiff