git.lirion.de

Of git, get, and gud

summaryrefslogtreecommitdiffstats
path: root/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums
diff options
context:
space:
mode:
Diffstat (limited to 'nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums')
-rw-r--r--nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/Makefile8
-rwxr-xr-xnagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/check_checksums110
-rw-r--r--nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/control5
-rw-r--r--nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/copyright15
-rw-r--r--nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/tests2
-rwxr-xr-xnagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/update_checksums47
6 files changed, 187 insertions, 0 deletions
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/Makefile b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/Makefile
new file mode 100644
index 0000000..6d064e3
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/Makefile
@@ -0,0 +1,8 @@
+PLUGIN := check_checksums
+
+include ../common.mk
+
+install::
+ install -d $(DESTDIR)/usr/lib/nagios
+ install -m 755 -o root -g root update_checksums $(DESTDIR)/usr/lib/nagios
+
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/check_checksums b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/check_checksums
new file mode 100755
index 0000000..74a97c2
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/check_checksums
@@ -0,0 +1,110 @@
+#!/bin/bash
+#
+# check_checksums - Nagios plugin to check file checksums
+# against (local, not 100% secure) lists.
+# Supports md5 sha1 sha224 sha256 sha384 sha512 checksums.
+#
+#
+# Copyright (C) 2013 Bernd Zeimetz <b.zeimetz@conova.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+umask 077
+
+if [ $# -gt 0 ]; then
+ case $1 in
+ -h|--help|help)
+ cat << __EOH__
+$0 - Nagios plugin to check file checksums
+------------------------------------------
+The plugin supports md5 sha1 sha224 sha256 sha384 sha512 checksums.
+As the lists are stored local it is not 100% secure.
+
+Usage:
+ For each file you want to monitor write the current checksum
+ into the stored file list. Use the checksum tool you prefer,
+ probably depending on your CPU power.
+
+ sha512sum /path/to/the/file >> /etc/nagios/check_checksums.sha512
+ sha384sum /path/to/the/file >> /etc/nagios/check_checksums.sha384
+ sha256sum /path/to/the/file >> /etc/nagios/check_checksums.sha256
+ sha224sum /path/to/the/file >> /etc/nagios/check_checksums.sha224
+ sha1sum /path/to/the/file >> /etc/nagios/check_checksums.sha1
+ md5sum /path/to/the/file >> /etc/nagios/check_checksums.md5
+
+ Set useful file permissions:
+ chown root:nagios /etc/nagios/check_checksums.*
+ chmod 0640 /etc/nagios/check_checksums.*
+
+ Run
+ $0
+ in nrpe or nagios to check if the checksums are still the same.
+ It will return UNKNOWN if there is no checksum file at all.
+
+ To update *ALL* stored checksums please run
+ /usr/lib/nagios/update_checksums
+ and all checksum files will be updated. A copy of the original file will
+ be stored in /etc/nagios.
+
+__EOH__
+ exit 3
+ ;;
+ esac
+fi
+
+if dpkg --compare-versions `dpkg-query -W coreutils | awk '{print $2}'` ge 8.13; then
+ STRICT="--strict"
+else
+ STRICT=""
+fi
+
+RET=3
+OUT="UNKNOWN"
+tmp_out=`mktemp`
+tmp_err=`mktemp`
+trap "rm -f ${tmp_out} ${tmp_err}" EXIT
+
+for t in md5 sha1 sha224 sha256 sha384 sha512; do
+ fname="/etc/nagios/check_checksums.${t}"
+ tool="${t}sum"
+ if [ -f ${fname} ]; then
+ if [ ${RET} -eq 3 ]; then
+ RET=0
+ OUT="OK"
+ fi
+ ${tool} --quiet ${STRICT} --check ${fname} 1>>${tmp_out} 2>>${tmp_err}
+ err=$?
+
+ if [ ${err} -gt 0 ]; then
+ RET=2
+ OUT="CRITICAL"
+ fi
+ fi
+done
+
+if [ $RET -eq 0 ]; then
+ echo "OK - all checksums verified | failed=0;1;1;0;"
+else
+ echo -n "${OUT} - "
+ sed 's,WARNING: ,,' ${tmp_err} | tr '\n' '/' | sed 's,/$,,'
+ echo
+ cat ${tmp_out}
+ count=`wc -l ${tmp_out} | awk '{print $1}'`
+ echo "| failed=${count};1;1;0;"
+ /usr/bin/logger -p user.err -t check_checksums -f ${tmp_out}
+fi
+rm -f ${tmp_out} ${tmp_err}
+
+exit ${RET}
+
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/control b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/control
new file mode 100644
index 0000000..73b015c
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/control
@@ -0,0 +1,5 @@
+Version: 20130611
+Uploaders: Bernd Zeimetz <bzed@debian.org>
+Description: plugin to verify file checksums
+ against (local, not 100% secure) lists.
+ Supports md5 sha1 sha224 sha256 sha384 sha512 checksums.
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/copyright b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/copyright
new file mode 100644
index 0000000..8faae12
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/copyright
@@ -0,0 +1,15 @@
+Copyright (C) 2013 Bernd Zeimetz <b.zeimetz@conova.com>
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
+
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/tests b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/tests
new file mode 100644
index 0000000..2c651c8
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/tests
@@ -0,0 +1,2 @@
+Test-Command: mkdir -p /etc/nagios/ && sha256sum /bin/true > /etc/nagios/check_checksums.sha256 && /usr/lib/nagios/plugins/check_checksums
+Restrictions: needs-root, breaks-testbed
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/update_checksums b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/update_checksums
new file mode 100755
index 0000000..2ef376b
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_checksums/update_checksums
@@ -0,0 +1,47 @@
+#!/bin/bash
+#
+# Tool to rebuild all checksums for check_checksums
+#
+#
+# Copyright (C) 2013 Bernd Zeimetz <b.zeimetz@conova.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+set -e
+umask 027
+
+for t in md5 sha1 sha224 sha256 sha384 sha512; do
+ fname="/etc/nagios/check_checksums.${t}"
+ tool="${t}sum"
+ if [ -f ${fname} ]; then
+ tmp=`mktemp`
+ chown root:nagios ${tmp}
+ chmod 640 ${tmp}
+
+ trap "rm -f ${tmp}" EXIT
+
+ sed 's,^[^ ]* ,,' ${fname} | while read f; do
+ if [ -f "${f}" ]; then
+ ${tool} "${f}" >> ${tmp}
+ else
+ echo "${f} went missing, ignoring!"
+ fi
+ done
+
+ ln "${fname}" "${fname}_`date '+%s'`"
+ mv "${tmp}" "${fname}"
+ fi
+done
+
+