rpm/monitoring-plugins
SHA256
1
0
Fork 0
forked from pool/monitoring-plugins
Code Pull Requests Activity

Accepting request 1130995 from home:lrupp:branches:server:monitoring

Browse Source 
- update to 2.3.5
  FIXES
  * Include maxfd.h in lib Makefile
  included in 2.3.4
  ENHANCEMENTS
  * check_curl: added --cookie-jar and doing proper cleanup of libcurl
  * check_curl: Include all IPs from getaddrinfo() in curl DNS cache
  * check_dhcp: Add dhcp rogue detection
  * check_disk: add ignore-missing option to return OK for missing fs
  * check_disk_smb: allow checking 0-sized resource (ex. IPC$)
  * check_disk: The options to include or exclude specific file 
    systems now allow the usage of regex(7)
  * check_icmp: Add support to Jitter, MOS and Score
  * check_mysql: Detect running mysqldump and handle it 
    more gracefully
  * check_procs: Implement --exclude-process to exclude 
    specific processes
  * check_smtp: add new longoption --tls
  * check_smtp: Add option to prefix PROXY header
  * check_smtp: Add support for SMTP over TLS
  * check_smtp: Add support for SNI
  * check_snmp: Implement option to ignore mib file parsing errors
  * check_users: prefer systemd-logind over utmp
  FIXES
  * check_disk: Display SI units correctly
  * check_ircd: use pack_sockaddr_in rather than hand-rolled
  * check_log/check_oracle/check_sensors: fixed the outputs of the 
    help functionality
  * check_mysql: Add mysql_close to avoid spamming the server logs
  * check_smtp: add missing -r option in usage

OBS-URL: https://build.opensuse.org/request/show/1130995
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/monitoring-plugins?expand=0&rev=115
This commit is contained in:
Lars Vogdt 2023-12-05 15:44:03 +00:00 committed by Git OBS Bridge
parent e2ae5d8965
commit 7e20b26c28
13 changed files with 83 additions and 747 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

320
monitoring-plugins-2.3.3-check_dhcp_-_detect_rogue_dhcp_servers.patch
View File

@ -1,320 +0,0 @@
Index: monitoring-plugins-2.3.3/plugins-root/check_dhcp.c
===================================================================
--- monitoring-plugins-2.3.3.orig/plugins-root/check_dhcp.c
+++ monitoring-plugins-2.3.3/plugins-root/check_dhcp.c
@@ -156,6 +156,7 @@ typedef struct dhcp_offer_struct{
u_int32_t lease_time; /* lease time in seconds */
u_int32_t renewal_time; /* renewal time in seconds */
u_int32_t rebinding_time; /* rebinding time in seconds */
+ u_int8_t desired; /* is this offer desired (necessary in exclusive mode) */
struct dhcp_offer_struct *next;
}dhcp_offer;
@@ -199,6 +200,7 @@ typedef struct requested_server_struct{
#define ETHERNET_HARDWARE_ADDRESS_LENGTH 6 /* length of Ethernet hardware addresses */
u_int8_t unicast = 0; /* unicast mode: mimic a DHCP relay */
+u_int8_t exclusive = 0; /* exclusive mode aka "rogue DHCP server detection" */
struct in_addr my_ip; /* our address (required for relay) */
struct in_addr dhcp_ip; /* server to query (if in unicast mode) */
unsigned char client_hardware_address[MAX_DHCP_CHADDR_LENGTH]="";
@@ -229,7 +231,7 @@ struct in_addr requested_address;
int process_arguments(int, char **);
int call_getopt(int, char **);
-int validate_arguments(int, int);
+int validate_arguments(void);
void print_usage(void);
void print_help(void);
@@ -323,8 +325,7 @@ int get_hardware_address(int sock,char *
#elif defined(__bsd__)
/* King 2004 see ACKNOWLEDGEMENTS */
- size_t len;
- int mib[6];
+ int mib[6], len;
char *buf;
unsigned char *ptr;
struct if_msghdr *ifm;
@@ -464,9 +465,10 @@ int send_dhcp_discover(int sock){
discover_packet.hlen=ETHERNET_HARDWARE_ADDRESS_LENGTH;
/*
- * transaction ID is supposed to be random.
+ * transaction ID is supposed to be random. We won't use the address so
+ * we don't care about high entropy here. time(2) is good enough.
*/
- srand(time(NULL)^getpid());
+ srand(time(NULL));
packet_xid=random();
discover_packet.xid=htonl(packet_xid);
@@ -692,11 +694,17 @@ int receive_dhcp_packet(void *buffer, in
}
else{
+
+ /* why do we need to peek first? i don't know, its a hack. without it, the source address of the first packet received was
+ not being interpreted correctly. sigh... */
bzero(&source_address,sizeof(source_address));
address_size=sizeof(source_address);
+ recv_result=recvfrom(sock,(char *)buffer,buffer_size,MSG_PEEK,(struct sockaddr *)&source_address,&address_size);
+ if(verbose)
+ printf("recv_result_1: %d\n",recv_result);
recv_result=recvfrom(sock,(char *)buffer,buffer_size,0,(struct sockaddr *)&source_address,&address_size);
if(verbose)
- printf("recv_result: %d\n",recv_result);
+ printf("recv_result_2: %d\n",recv_result);
if(recv_result==-1){
if(verbose){
@@ -904,6 +912,7 @@ int add_dhcp_offer(struct in_addr source
new_offer->lease_time=dhcp_lease_time;
new_offer->renewal_time=dhcp_renewal_time;
new_offer->rebinding_time=dhcp_rebinding_time;
+ new_offer->desired=FALSE; /* exclusive mode: we'll check that in get_results */
if(verbose){
@@ -949,7 +958,7 @@ int free_requested_server_list(void){
/* gets state and plugin output to return */
int get_results(void){
- dhcp_offer *temp_offer;
+ dhcp_offer *temp_offer, *undesired_offer=NULL;
requested_server *temp_server;
int result;
u_int32_t max_lease_time=0;
@@ -980,16 +989,24 @@ int get_results(void){
if(temp_server->answered)
printf(_(" (duplicate)"));
printf(_("\n"));
- }
+ }
if(temp_server->answered == FALSE){
requested_responses++;
temp_server->answered=TRUE;
- }
- }
- }
- }
-
- }
+ temp_offer->desired=TRUE;
+ }
+ }
+ }
+ }
+
+ /* exclusive mode: check for undesired offers */
+ for(temp_offer=dhcp_offer_list;temp_offer!=NULL;temp_offer=temp_offer->next) {
+ if (temp_offer->desired == FALSE) {
+ undesired_offer=temp_offer; /* Checks only for the first undesired offer */
+ break; /* no further checks needed */
+ }
+ }
+ }
/* else check and see if we got our requested address from any server */
else{
@@ -1003,8 +1020,8 @@ int get_results(void){
/* see if we got the address we requested */
if(!memcmp(&requested_address,&temp_offer->offered_address,sizeof(requested_address)))
received_requested_address=TRUE;
- }
- }
+ }
+ }
result=STATE_OK;
if(valid_responses==0)
@@ -1016,6 +1033,9 @@ int get_results(void){
else if(request_specific_address==TRUE && received_requested_address==FALSE)
result=STATE_WARNING;
+ if(exclusive && undesired_offer)
+ result=STATE_CRITICAL;
+
if(result==0) /* garrett honeycutt 2005 */
printf("OK: ");
else if(result==1)
@@ -1033,6 +1053,13 @@ int get_results(void){
printf(_("Received %d DHCPOFFER(s)"),valid_responses);
+
+ if(exclusive && undesired_offer){
+ printf(_(", Rogue DHCP Server detected! Server %s"),inet_ntoa(undesired_offer->server_address));
+ printf(_(" offered %s \n"),inet_ntoa(undesired_offer->offered_address));
+ return result;
+ }
+
if(requested_servers>0)
printf(_(", %s%d of %d requested servers responded"),((requested_responses<requested_servers) && requested_responses>0)?"only ":"",requested_responses,requested_servers);
@@ -1053,19 +1080,29 @@ int get_results(void){
/* process command-line arguments */
int process_arguments(int argc, char **argv){
- int arg_index;
+ int c;
if(argc<1)
return ERROR;
- arg_index = call_getopt(argc,argv);
- return validate_arguments(argc,arg_index);
+ c=0;
+ while((c+=(call_getopt(argc-c,&argv[c])))<argc){
+
+ /*
+ if(is_option(argv[c]))
+ continue;
+ */
+ }
+
+ return validate_arguments();
}
int call_getopt(int argc, char **argv){
- extern int optind;
+ int c=0;
+ int i=0;
+
int option_index = 0;
static struct option long_options[] =
{
@@ -1075,6 +1112,7 @@ int call_getopt(int argc, char **argv){
{"interface", required_argument,0,'i'},
{"mac", required_argument,0,'m'},
{"unicast", no_argument, 0,'u'},
+ {"exclusive", no_argument, 0,'x'},
{"verbose", no_argument, 0,'v'},
{"version", no_argument, 0,'V'},
{"help", no_argument, 0,'h'},
@@ -1082,14 +1120,25 @@ int call_getopt(int argc, char **argv){
};
while(1){
- int c=0;
+ c=getopt_long(argc,argv,"+hVvxt:s:r:t:i:m:u",long_options,&option_index);
- c=getopt_long(argc,argv,"+hVvt:s:r:t:i:m:u",long_options,&option_index);
+ i++;
if(c==-1||c==EOF||c==1)
break;
switch(c){
+ case 'w':
+ case 'r':
+ case 't':
+ case 'i':
+ i++;
+ break;
+ default:
+ break;
+ }
+
+ switch(c){
case 's': /* DHCP server address */
resolve_host(optarg,&dhcp_ip);
@@ -1133,6 +1182,9 @@ int call_getopt(int argc, char **argv){
case 'u': /* unicast testing */
unicast=1;
break;
+ case 'x': /* exclusive testing aka "rogue DHCP server detection" */
+ exclusive=1;
+ break;
case 'V': /* version */
print_revision(progname, NP_VERSION);
@@ -1146,22 +1198,16 @@ int call_getopt(int argc, char **argv){
verbose=1;
break;
- case '?': /* help */
- usage5 ();
- break;
-
default:
break;
}
}
- return optind;
- }
+ return i;
+ }
-int validate_arguments(int argc, int arg_index){
- if(argc-optind > 0)
- usage(_("Got unexpected non-option argument"));
+int validate_arguments(void){
return OK;
}
@@ -1361,7 +1407,7 @@ void print_help(void){
printf("%s\n", _("This plugin tests the availability of DHCP servers on a network."));
- printf ("\n\n");
+ printf ("\n\n");
print_usage();
@@ -1371,19 +1417,21 @@ void print_help(void){
printf (UT_VERBOSE);
printf (" %s\n", "-s, --serverip=IPADDRESS");
- printf (" %s\n", _("IP address of DHCP server that we must hear from"));
- printf (" %s\n", "-r, --requestedip=IPADDRESS");
- printf (" %s\n", _("IP address that should be offered by at least one DHCP server"));
- printf (" %s\n", "-t, --timeout=INTEGER");
- printf (" %s\n", _("Seconds to wait for DHCPOFFER before timeout occurs"));
- printf (" %s\n", "-i, --interface=STRING");
- printf (" %s\n", _("Interface to to use for listening (i.e. eth0)"));
- printf (" %s\n", "-m, --mac=STRING");
- printf (" %s\n", _("MAC address to use in the DHCP request"));
- printf (" %s\n", "-u, --unicast");
- printf (" %s\n", _("Unicast testing: mimic a DHCP relay, requires -s"));
+ printf (" %s\n", _("IP address of DHCP server that we must hear from"));
+ printf (" %s\n", "-r, --requestedip=IPADDRESS");
+ printf (" %s\n", _("IP address that should be offered by at least one DHCP server"));
+ printf (" %s\n", "-t, --timeout=INTEGER");
+ printf (" %s\n", _("Seconds to wait for DHCPOFFER before timeout occurs"));
+ printf (" %s\n", "-i, --interface=STRING");
+ printf (" %s\n", _("Interface to to use for listening (i.e. eth0)"));
+ printf (" %s\n", "-m, --mac=STRING");
+ printf (" %s\n", _("MAC address to use in the DHCP request"));
+ printf (" %s\n", "-u, --unicast");
+ printf (" %s\n", _("Unicast testing: mimic a DHCP relay, requires -s"));
+ printf (" %s\n", "-x, --exclusive");
+ printf (" %s\n", _("Only requested DHCP server may response (rogue DHCP server detection), requires -s"));
- printf (UT_SUPPORT);
+ printf (UT_SUPPORT);
return;
}
@@ -1391,12 +1439,10 @@ void print_help(void){
void
print_usage(void){
- printf ("%s\n", _("Usage:"));
- printf (" %s [-v] [-u] [-s serverip] [-r requestedip] [-t timeout]\n",progname);
- printf (" [-i interface] [-m mac]\n");
+ printf ("%s\n", _("Usage:"));
+ printf (" %s [-v] [-u] [-x] [-s serverip] [-r requestedip] [-t timeout]\n",progname);
+ printf (" [-i interface] [-m mac]\n");
return;
}
-
-

169
monitoring-plugins-2.3.3-check_http-proxy.patch
View File

@ -1,169 +0,0 @@
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 8dda046f..2ab6a7a3 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -126,6 +126,9 @@ int sd;
int min_page_len = 0;
int max_page_len = 0;
int redir_depth = 0;
+bool ssl_proxy = false;
+char *proxy_server_address;
+int proxy_server_port;
int max_depth = DEFAULT_MAX_REDIRS;
char *http_method;
char *http_method_proxy;
@@ -139,6 +142,7 @@ char *client_privkey = NULL;
bool process_arguments (int, char **);
int check_http (void);
void redir (char *pos, char *status_line);
+const char *find_uri_path (const char *url);
bool server_type_check(const char *type);
int server_port_check(int ssl_flag);
char *perfd_time (double microsec);
@@ -608,6 +612,17 @@ bool process_arguments (int argc, char **argv)
if (virtual_port == 0)
virtual_port = server_port;
+ /* if we are called with the -I option, the -j method is CONNECT and */
+ /* we received -S for SSL, then we tunnel the request through a proxy*/
+ /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
+
+ ssl_proxy = server_address != NULL && strcmp(http_method, "CONNECT") == 0
+ && host_name != NULL && use_ssl == true;
+ if (ssl_proxy) {
+ proxy_server_address = strdup(server_address);
+ proxy_server_port = server_port;
+ }
+
return true;
}
@@ -939,18 +954,18 @@ check_http (void)
/* try to connect to the host at the given port number */
gettimeofday (&tv_temp, NULL);
- if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
+ result = ssl_proxy ?
+ my_tcp_connect (proxy_server_address, proxy_server_port, &sd) :
+ my_tcp_connect (server_address, server_port, &sd);
+ if (result != STATE_OK)
die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
microsec_connect = deltime (tv_temp);
- /* if we are called with the -I option, the -j method is CONNECT and */
- /* we received -S for SSL, then we tunnel the request through a proxy*/
- /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
+ /* handle connection via SSL proxy */
+ if (ssl_proxy) {
- if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
- && host_name != NULL && use_ssl == true) {
-
- if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT);
+ if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n",
+ proxy_server_address, proxy_server_port, host_name, HTTPS_PORT);
asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent);
if (strlen(proxy_auth)) {
base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth);
@@ -985,7 +1000,7 @@ check_http (void)
if (use_ssl == true) {
gettimeofday (&tv_temp, NULL);
result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey);
- if (verbose) printf ("SSL initialized\n");
+ if (verbose) printf ("SSL initialization %s\n", result == STATE_OK ? "successful" : "failed");
if (result != STATE_OK)
die (STATE_CRITICAL, NULL);
microsec_ssl = deltime (tv_temp);
@@ -1001,9 +1016,8 @@ check_http (void)
}
#endif /* HAVE_SSL */
- if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
- && host_name != NULL && use_ssl == true)
- asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
+ if (ssl_proxy)
+ asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, find_uri_path(server_url), host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
else
asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
@@ -1032,8 +1046,7 @@ check_http (void)
*/
if ((use_ssl == false && virtual_port == HTTP_PORT) ||
(use_ssl == true && virtual_port == HTTPS_PORT) ||
- (server_address != NULL && strcmp(http_method, "CONNECT") == 0
- && host_name != NULL && use_ssl == true))
+ ssl_proxy)
xasprintf (&buf, "%sHost: %s\r\n", buf, host_name);
else
xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
@@ -1137,10 +1150,17 @@ check_http (void)
/* leave full_page untouched so we can free it later */
page = full_page;
- if (verbose)
- printf ("%s://%s:%d%s is %d characters\n",
- use_ssl ? "https" : "http", server_address,
- server_port, server_url, (int)pagesize);
+ if (verbose) {
+ if (ssl_proxy) {
+ printf ("[via proxy %s://%s:%d] %s returned %d bytes\n",
+ use_ssl ? "https" : "http", proxy_server_address, proxy_server_port,
+ server_url, (int)pagesize);
+ } else {
+ printf ("%s://%s:%d%s returned %d bytes\n",
+ use_ssl ? "https" : "http", server_address,
+ server_port, server_url, (int)pagesize);
+ }
+ }
/* find status line and null-terminate it */
status_line = page;
@@ -1300,7 +1320,12 @@ check_http (void)
bcopy("...", &output_string_search[sizeof(output_string_search) - 4],
4);
}
- xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
+ if (ssl_proxy) {
+ xasprintf (&msg, _("%sstring '%s' not found on '%s', "), msg, output_string_search, server_url);
+ } else {
+ xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search,
+ use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
+ }
result = STATE_CRITICAL;
}
}
@@ -1642,6 +1667,25 @@ redir (char *pos, char *status_line)
check_http ();
}
+// Locate the URI path inside a complete URL. If we fail, just return the original URL.
+const char *
+find_uri_path (const char *url)
+{
+ const char *s = url;
+
+ if (strncmp(s, "http://", 7) == 0)
+ s += 7;
+ else if (strncmp(s, "https://", 8) == 0)
+ s += 8;
+ else
+ return url;
+ while (*s != '\0') {
+ if (strchr("/?#", *s) != NULL)
+ return s;
+ s++;
+ }
+ return url;
+}
bool
server_type_check (const char *type)
@@ -1861,7 +1905,7 @@ print_help (void)
printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned."));
printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days"));
-
+ printf ("\n");
printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: ");
printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com "));
printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>"));

12
monitoring-plugins-2.3.3-check_icmp.patch
View File

@ -1,12 +0,0 @@
Index: monitoring-plugins-2.3.3/plugins-root/check_icmp.c
===================================================================
--- monitoring-plugins-2.3.3.orig/plugins-root/check_icmp.c
+++ monitoring-plugins-2.3.3/plugins-root/check_icmp.c
@@ -1446,6 +1446,7 @@ get_ip_address(const char *ifname)
#else
errno = 0;
crash("Cannot get interface IP address on this platform.");
+ return INADDR_NONE;
#endif
}

33
monitoring-plugins-2.3.3-check_log_-_quoting.patch
View File

@ -1,33 +0,0 @@
Index: monitoring-plugins-2.3.3/plugins-scripts/check_log.sh
===================================================================
--- monitoring-plugins-2.3.3.orig/plugins-scripts/check_log.sh
+++ monitoring-plugins-2.3.3/plugins-scripts/check_log.sh
@@ -112,23 +112,23 @@ while test -n "$1"; do
exit "$STATE_OK"
;;
-F | --filename)
- logfile=$2
+ logfile="$2"
shift 2
;;
-O | --oldlog)
- oldlog=$2
+ oldlog="$2"
shift 2
;;
-q | --query)
- query=$2
+ query="$2"
shift 2
;;
--exclude)
- exclude=$2
+ exclude="$2"
shift 2
;;
-x | --exitstatus)
- exitstatus=$2
+ exitstatus="$2"
shift 2
;;
-e | --extended-regex)

13
monitoring-plugins-2.3.3-check_snmp.arrayaddress.patch
View File

@ -1,13 +0,0 @@
Index: monitoring-plugins-2.3.3/plugins/check_snmp.c
===================================================================
--- monitoring-plugins-2.3.3.orig/plugins/check_snmp.c
+++ monitoring-plugins-2.3.3/plugins/check_snmp.c
@@ -594,7 +594,7 @@ main (int argc, char **argv)
len = sizeof(perfstr)-strlen(perfstr)-1;
strncat(perfstr, show, len>ptr-show ? ptr-show : len);
- if (type)
+ if (type[0])
strncat(perfstr, type, sizeof(perfstr)-strlen(perfstr)-1);
if (warning_thresholds) {

95
monitoring-plugins-2.3.3-mariadb_102_build_fix.patch
View File

@ -1,95 +0,0 @@
From d6bd787123aa9ccd96edec8286ec22dd0442c620 Mon Sep 17 00:00:00 2001
From: Michael Orlitzky <michael@orlitzky.com>
Date: Fri, 27 Oct 2017 07:58:43 -0400
Subject: [PATCH] plugins/check_mysql*.c: define our own default MySQL port.
The MYSQL_PORT constant used to be defined in mysql.h, and was used as
the default port in the two plugins check_mysql and check_mysql_query.
Now that mysql.h no longer defines that constant, our plugins fail to
build against newer versions of MySQL and MariaDB.
Since MYSQL_PORT used the "default port" on the local system, it
actually was not the best choice as the default for the check plugins:
when monitoring remote MySQL servers, the usual default of 3306 is
more likely to be correct than whatever the local server happens to be
listening on.
As a result, we fix the issue by defining our own constant, called
CHECK_PORT_DEFAULT, as "3306" at the top of both check_mysql.c and
check_mysql_query.c. The existing uses of MYSQL_PORT have been changed
to use the new CHECK_PORT_DEFAULT.
This change is backwards-incompatible: any users who compiled in a
MYSQL_PORT other than 3306 and who were running their checks on the
same server as the database will now need to specify that port
explicitly.
Closes: https://github.com/monitoring-plugins/monitoring-plugins/issues/1508
---
plugins/check_mysql.c | 8 ++++++--
plugins/check_mysql_query.c | 8 ++++++--
2 files changed, 12 insertions(+), 4 deletions(-)
Index: monitoring-plugins-2.3.3/plugins/check_mysql.c
===================================================================
--- monitoring-plugins-2.3.3.orig/plugins/check_mysql.c
+++ monitoring-plugins-2.3.3/plugins/check_mysql.c
@@ -35,6 +35,8 @@ const char *copyright = "1999-2011";
const char *email = "devel@monitoring-plugins.org";
#define SLAVERESULTSIZE 70
+/* The default port that MySQL servers listen on. */
+#define CHECK_PORT_DEFAULT 3306
#include "common.h"
#include "utils.h"
@@ -58,7 +60,7 @@ char *ciphers = NULL;
bool ssl = false;
char *opt_file = NULL;
char *opt_group = NULL;
-unsigned int db_port = MYSQL_PORT;
+unsigned int db_port = CHECK_PORT_DEFAULT;
int check_slave = 0, warn_sec = 0, crit_sec = 0;
int ignore_auth = 0;
int verbose = 0;
@@ -508,7 +510,7 @@ void
print_help (void)
{
char *myport;
- xasprintf (&myport, "%d", MYSQL_PORT);
+ xasprintf (&myport, "%d", CHECK_PORT_DEFAULT);
print_revision (progname, NP_VERSION);
Index: monitoring-plugins-2.3.3/plugins/check_mysql_query.c
===================================================================
--- monitoring-plugins-2.3.3.orig/plugins/check_mysql_query.c
+++ monitoring-plugins-2.3.3/plugins/check_mysql_query.c
@@ -33,6 +33,9 @@ const char *progname = "check_mysql_quer
const char *copyright = "1999-2007";
const char *email = "devel@monitoring-plugins.org";
+/* The default port that MySQL servers listen on. */
+#define CHECK_PORT_DEFAULT 3306
+
#include "common.h"
#include "utils.h"
#include "utils_base.h"
@@ -48,7 +51,7 @@ char *db_pass = NULL;
char *db = NULL;
char *opt_file = NULL;
char *opt_group = NULL;
-unsigned int db_port = MYSQL_PORT;
+unsigned int db_port = CHECK_PORT_DEFAULT;
int process_arguments (int, char **);
int validate_arguments (void);
@@ -299,7 +302,7 @@ void
print_help (void)
{
char *myport;
- xasprintf (&myport, "%d", MYSQL_PORT);
+ xasprintf (&myport, "%d", CHECK_PORT_DEFAULT);
print_revision (progname, NP_VERSION);

3
monitoring-plugins-2.3.3.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7023b1dc17626c5115b061e7ce02e06f006e35af92abf473334dffe7ff3c2d6d
size 2620192

1
monitoring-plugins-2.3.3.tar.gz.sha1
View File

@ -1 +0,0 @@
4424d4ed0bfffa42b215ae4702a70adea968ad6d *monitoring-plugins-2.3.3.tar.gz

BIN
monitoring-plugins-2.3.5.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

1
monitoring-plugins-2.3.5.tar.gz.sha1 Normal file
View File

@ -0,0 +1 @@
fcbe2068cb55aeaca3ebe67b619cb345a6705184 *monitoring-plugins-2.3.5.tar.gz

55
monitoring-plugins.changes
View File

@ -1,3 +1,58 @@
-------------------------------------------------------------------
Tue Dec 5 11:46:24 UTC 2023 - Lars Vogdt <lars@linux-schulserver.de> - 2.3.5
- update to 2.3.5
FIXES
* Include maxfd.h in lib Makefile
included in 2.3.4
ENHANCEMENTS
* check_curl: added --cookie-jar and doing proper cleanup of libcurl
* check_curl: Include all IPs from getaddrinfo() in curl DNS cache
* check_dhcp: Add dhcp rogue detection
* check_disk: add ignore-missing option to return OK for missing fs
* check_disk_smb: allow checking 0-sized resource (ex. IPC$)
* check_disk: The options to include or exclude specific file
systems now allow the usage of regex(7)
* check_icmp: Add support to Jitter, MOS and Score
* check_mysql: Detect running mysqldump and handle it
more gracefully
* check_procs: Implement --exclude-process to exclude
specific processes
* check_smtp: add new longoption --tls
* check_smtp: Add option to prefix PROXY header
* check_smtp: Add support for SMTP over TLS
* check_smtp: Add support for SNI
* check_snmp: Implement option to ignore mib file parsing errors
* check_users: prefer systemd-logind over utmp
FIXES
* check_disk: Display SI units correctly
* check_ircd: use pack_sockaddr_in rather than hand-rolled
* check_log/check_oracle/check_sensors: fixed the outputs of the
help functionality
* check_mysql: Add mysql_close to avoid spamming the server logs
* check_smtp: add missing -r option in usage
* check_snmp: disable multiplier when unused
* check_wave: Use compile time determined path to snmpget
GENERAL
* Sync with the Gnulib code 668c0b8ffa
* Set autoconf prerequisite version to 2.64
* Remove sha1 and use sha256 in some parts of the plugin structure
* A lot of compiler warnings were fixed
* Some code was refactored a little bit
- removed the following patches:
+ monitoring-plugins-2.3.3-check_log_-_quoting.patch (upstream)
+ monitoring-plugins-2.3.3-check_snmp.arrayaddress.patch (upstream)
+ monitoring-plugins-2.3.3-mariadb_102_build_fix.patch
+ monitoring-plugins-2.3.3-check_dhcp_-_detect_rogue_dhcp_servers.patch
+ monitoring-plugins-2.3.3-check_http-proxy.patch
+ monitoring-plugins-2.3.3-check_icmp.patch
+ systemd-not-utmp.patch
- new check: check_mssql
This plugin runs a query against a MS-SQL server or Sybase server
and returns the first row.
Recommended in monitoring-plugins-all and monitoring-plugins-extra
-------------------------------------------------------------------
Thu Nov 16 14:04:40 CET 2023 - ro@suse.de

47
monitoring-plugins.spec
View File

@ -17,7 +17,7 @@
Name: monitoring-plugins
Version: 2.3.3
Version: 2.3.5
Release: 0
Summary: The Monitoring Plug-Ins
License: GPL-2.0-or-later AND GPL-3.0-only
@ -61,14 +61,8 @@ Source57: nrpe-check_users
Source58: nrpe-check_zombie_procs
Source59: nrpe-check_mysql
Source60: nrpe-check_ups
# PATCH-FIX-UPSTREAM Quote the options comming in from users (path names might contain whitespaces)
Patch1: %{name}-2.3.3-check_log_-_quoting.patch
# PATH-FIX-openSUSE - do not use/run chown in Makefile: we use RPM for this
Patch6: %{name}-2.3.3-root-plugins-Makefile_-_no_chown.patch
# PATCH-FIX-UPSTREAM Use correct pointer
Patch11: %{name}-2.3.3-check_snmp.arrayaddress.patch
# PATCH-FIX-UPSTREAM kstreitova@suse.com -- fix build with MariaDB 10.2
Patch119: %{name}-2.3.3-mariadb_102_build_fix.patch
# PATCH-FIX-UPSTREAM see https://bugzilla.redhat.com/512559
Patch121: %{name}-2.3.3-wrong_percent_in_check_swap.patch
# PATCH-FIX-UPSTREAM - return ntp offset absolute (as positive value) in performance data since warn and crit are also positive values
@ -76,18 +70,9 @@ Patch122: %{name}-2.3.3-check_ntp_perf_absolute.patch
# PATCH-FIX-UPSTREAM - see https://github.com/monitoring-plugins/monitoring-plugins/pull/1322
Patch125: monitoring-plugins-2.3.3-check_ssh.patch
Patch126: monitoring-plugins-2.3.3-check_ssh.t_-_improve_testing.patch
# PATCH-FIX-UPSTREAM - see https://github.com/monitoring-plugins/monitoring-plugins/issues/1375
Patch127: monitoring-plugins-2.3.3-check_dhcp_-_detect_rogue_dhcp_servers.patch
Patch128: monitoring-plugins-2.3.3-check_disk_on_btrfs.patch
# PATCH-FIX-UPSTREAM - see https://github.com/monitoring-plugins/monitoring-plugins/pull/1774
Patch129: monitoring-plugins-2.3.3-check_by_ssh.patch
#
# PATCH-FIX-UPSTREAM - see https://github.com/monitoring-plugins/monitoring-plugins/pull/1862
Patch130: monitoring-plugins-2.3.3-check_http-proxy.patch
# PATCH-FIX-UPSTREAM - simple fix for compiler error regarding no return value in function get_ip_address
Patch131: monitoring-plugins-2.3.3-check_icmp.patch
# PATCH-FEATURE-SLE - Use systemd-logind instead of utmp (jsc#PED-3144)
Patch132: systemd-not-utmp.patch
BuildRequires: bind-utils
BuildRequires: dhcp-devel
BuildRequires: fping
@ -214,6 +199,7 @@ Requires: %{name}-common = %{version}
Recommends: %{name}-fping
Recommends: %{name}-hpjd
Recommends: %{name}-ldap
Recommends: %{name}-mssql
Recommends: %{name}-mysql
Recommends: %{name}-pgsql
Recommends: %{name}-snmp
@ -273,6 +259,7 @@ Recommends: %{name}-maintenance
Recommends: %{name}-mem
Recommends: %{name}-mrtg
Recommends: %{name}-mrtgtraf
Recommends: %{name}-mssql
Recommends: %{name}-mysql
Recommends: %{name}-mysql_health
Recommends: %{name}-nagios
@ -755,6 +742,21 @@ incoming or outgoing rates exceed the <icl> or <ocl> thresholds (in
Bytes/sec), a CRITICAL status results. If either of the rates exceed
the <iwl> or <owl> thresholds (in Bytes/sec), a WARNING status results.
%package mssql
Summary: MS-SQL server or Sybase server query check
Group: System/Monitoring
Requires: perl(DBI)
Requires: perl(DBD::Sybase)
Requires: perl(Getopt::Long)
Requires: perl(FindBin)
Requires: perl
%description mssql
This plugin runs a query against a MS-SQL server or Sybase server and returns
the first row. It returns an error if no responses are running. Row is passed
to perfdata in semicolon delimited format.
A simple sql statement like \"select getdate()\" verifies server responsiveness.
%package mysql
Summary: Test a MySQL DBMS
Group: System/Monitoring
@ -1135,22 +1137,15 @@ with the libdbi driver for $extension.
EOF
done
%patch1 -p1
%patch6 -p1
%patch11 -p1
# Debian patches
%patch119 -p1
%patch121 -p1
%patch122 -p1
# Github patches
%patch125 -p1
%patch126 -p1
%patch127 -p1
%patch128 -p1
%patch129 -p1
%patch130 -p1
%patch131 -p1
%patch132 -p1
find -type f -exec chmod 644 {} +
%build
@ -1527,6 +1522,12 @@ fi
%dir %{nagios_plugindir}
%{nagios_plugindir}/check_mrtgtraf
%files mssql
%defattr(0755,root,root)
%dir %{nagios_plugindir}
%{nagios_plugindir}/check_mssql
%files mysql
%defattr(0755,root,root)
%dir %{nagios_plugindir}

78
systemd-not-utmp.patch
View File

@ -1,78 +0,0 @@
--- monitoring-plugins-2.3.3.old/configure.ac 2023-02-01 14:40:55.000000000 +0100
+++ monitoring-plugins-2.3.3/configure.ac 2023-06-15 16:21:19.637049416 +0200
@@ -328,6 +328,25 @@
LIBS="$_SAVEDLIBS"
])
+
+AC_ARG_WITH([systemd], [AS_HELP_STRING([--without-systemd], [Skips systemd support])])
+
+dnl Check for libsystemd
+AS_IF([test "x$with_systemd" != "xno"], [
+ _SAVEDLIBS="$LIBS"
+ AC_CHECK_LIB(systemd,sd_get_sessions,,,-lsystemd)
+ if test "$ac_cv_lib_systemd_sd_get_sessions" = "yes"; then
+ SYSTEMDLIBS="-lsystemd"
+ SYSTEMDINCLUDE=""
+ AC_SUBST(SYSTEMDLIBS)
+ AC_SUBST(SYSTEMDINCLUDE)
+ else
+ AC_MSG_WARN([Skipping systemd support])
+ fi
+ LIBS="$_SAVEDLIBS"
+])
+
+
dnl Check for headers used by check_ide_smart
case $host in
*linux*)
diff -wur monitoring-plugins-2.3.3.old/plugins/check_users.c monitoring-plugins-2.3.3/plugins/check_users.c
--- monitoring-plugins-2.3.3.old/plugins/check_users.c 2023-02-01 14:40:55.000000000 +0100
+++ monitoring-plugins-2.3.3/plugins/check_users.c 2023-06-15 16:16:34.879700400 +0200
@@ -48,6 +48,11 @@
# include "popen.h"
#endif
+#ifdef HAVE_LIBSYSTEMD
+#include <systemd/sd-daemon.h>
+#include <systemd/sd-login.h>
+#endif
+
#define possibly_set(a,b) ((a) == 0 ? (b) : 0)
int process_arguments (int, char **);
@@ -115,6 +120,11 @@
WTSFreeMemory(wtsinfo);
#elif HAVE_UTMPX_H
+#ifdef HAVE_LIBSYSTEMD
+ if (sd_booted () > 0)
+ users = sd_get_sessions (NULL);
+ else {
+#endif
/* get currently logged users from utmpx */
setutxent ();
@@ -123,6 +133,9 @@
users++;
endutxent ();
+#ifdef HAVE_LIBSYSTEMD
+ }
+#endif
#else
/* run the command */
child_process = spopen (WHO_COMMAND);
Nur in monitoring-plugins-2.3.3/plugins: check_users.c~.
diff -wur monitoring-plugins-2.3.3.old/plugins/Makefile.am monitoring-plugins-2.3.3/plugins/Makefile.am
--- monitoring-plugins-2.3.3.old/plugins/Makefile.am 2023-02-01 14:40:55.000000000 +0100
+++ monitoring-plugins-2.3.3/plugins/Makefile.am 2023-06-15 16:23:36.925699810 +0200
@@ -112,7 +112,7 @@
check_time_LDADD = $(NETLIBS)
check_ntp_time_LDADD = $(NETLIBS) $(MATHLIBS)
check_ups_LDADD = $(NETLIBS)
-check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS)
+check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS) $(SYSTEMDLIBS)
check_by_ssh_LDADD = $(NETLIBS)
check_ide_smart_LDADD = $(BASEOBJS)
negate_LDADD = $(BASEOBJS)