From b9ae4d1009affb3fee3938e861b8a8ed44145959 Mon Sep 17 00:00:00 2001 From: "Joshua M. Boniface" Date: Fri, 1 Sep 2023 15:42:27 -0400 Subject: [PATCH] Adjust headers and add LOM check --- .../usr/lib/check_mk_agent/plugins/backup | 2 +- .../files/usr/lib/check_mk_agent/plugins/dpkg | 2 +- .../usr/lib/check_mk_agent/plugins/entropy | 2 +- .../usr/lib/check_mk_agent/plugins/freshness | 2 +- .../files/usr/lib/check_mk_agent/plugins/ipmi | 47 +++++++++++++++++++ .../usr/lib/check_mk_agent/plugins/ownership | 18 ++++--- 6 files changed, 59 insertions(+), 14 deletions(-) create mode 100755 roles/base/files/usr/lib/check_mk_agent/plugins/ipmi diff --git a/roles/base/files/usr/lib/check_mk_agent/plugins/backup b/roles/base/files/usr/lib/check_mk_agent/plugins/backup index 878ed7c..bdd44d8 100755 --- a/roles/base/files/usr/lib/check_mk_agent/plugins/backup +++ b/roles/base/files/usr/lib/check_mk_agent/plugins/backup @@ -1,7 +1,7 @@ #!/bin/bash # Backup check for Check_MK -# Installed by BLSE 2.0 ansible +# Installed by PVC ansible SHARELIST=( $( cat /var/backups/shares ) ) diff --git a/roles/base/files/usr/lib/check_mk_agent/plugins/dpkg b/roles/base/files/usr/lib/check_mk_agent/plugins/dpkg index ead76d0..caba2b2 100755 --- a/roles/base/files/usr/lib/check_mk_agent/plugins/dpkg +++ b/roles/base/files/usr/lib/check_mk_agent/plugins/dpkg @@ -1,7 +1,7 @@ #!/bin/bash # Apt and dpkg status check for Check_MK -# Installed by BLSE 2.0 ansible +# Installed by PVC ansible TMP_DPKG="$( COLUMNS=200 dpkg --list )" TMP_AWK="$( awk ' diff --git a/roles/base/files/usr/lib/check_mk_agent/plugins/entropy b/roles/base/files/usr/lib/check_mk_agent/plugins/entropy index 35a5965..f52a9f4 100755 --- a/roles/base/files/usr/lib/check_mk_agent/plugins/entropy +++ b/roles/base/files/usr/lib/check_mk_agent/plugins/entropy @@ -1,7 +1,7 @@ #!/bin/bash # Entropy availability check for Check_MK -# Installed by BLSE 2.0 ansible +# Installed by PVC ansible if [ -e /proc/sys/kernel/random/entropy_avail ]; then diff --git a/roles/base/files/usr/lib/check_mk_agent/plugins/freshness b/roles/base/files/usr/lib/check_mk_agent/plugins/freshness index 3cc7aab..3058289 100755 --- a/roles/base/files/usr/lib/check_mk_agent/plugins/freshness +++ b/roles/base/files/usr/lib/check_mk_agent/plugins/freshness @@ -1,7 +1,7 @@ #!/bin/bash # Open file handle freshness check for Check_MK -# Installed by BLSE 2.0 ansible +# Installed by PVC ansible OK=0 WARNING=1 diff --git a/roles/base/files/usr/lib/check_mk_agent/plugins/ipmi b/roles/base/files/usr/lib/check_mk_agent/plugins/ipmi new file mode 100755 index 0000000..4917979 --- /dev/null +++ b/roles/base/files/usr/lib/check_mk_agent/plugins/ipmi @@ -0,0 +1,47 @@ +#!/bin/bash + +# Lights-out management reachability check for Check_MK +# Installed by PVC ansible + +# We need a defined IPMI interface to continue +if [[ ! -f /etc/network/interfaces.d/ipmi ]]; then + exit +fi + +# We need ipmitool and fping to continue +if ! which ipmitool >/dev/null 2>&1 || ! which fping >/dev/null 2>&1 ; then + exit +fi + +echo "<<>>" + +# Grab IPMI IP from interfaces file +IPMIIP_INTERFACES=$(grep 'ipmitool' /etc/network/interfaces.d/ipmi | grep -v 'defgw' | grep 'ipaddr' | awk '{ print $NF }') +if [[ -z ${IPMIIP_INTERFACES} ]]; then + echo "No IPMI IP defined in interfaces file" + exit +fi + +# Grab IPMI IP from ipmitool +IPMIIP_IPMITOOL="$( ipmitool lan print 2>/dev/null | grep 'IP Address' | grep -v 'Source' | awk '{ print $NF }' )" + +if [[ -z ${IPMIIP_IPMITOOL} ]]; then + echo "No IPMI IP returned by ipmitool" + exit +fi +if [[ ${IPMIIP_INTERFACES} != ${IPMIIP_IPMITOOL} ]]; then + echo "IPMI IP defined in interfaces file (${IPMIIP_INTERFACES}) is different from ipmitool (${IPMIIP_IPMITOOL})" + exit +fi + +# Try pinging the IPMI IP; this should work and be quick +fping -q -t 200 ${IPMIIP_INTERFACES} +RESULT=$? + +if [[ ${RESULT} -eq 0 ]]; then + echo "IPMI IP (${IPMIIP_INTERFACES}) is correct and reachable" + exit +else + echo "IPMI IP (${IPMIIP_INTERFACES}) is unreachable" + exit +fi diff --git a/roles/base/files/usr/lib/check_mk_agent/plugins/ownership b/roles/base/files/usr/lib/check_mk_agent/plugins/ownership index f1e129c..eec3805 100755 --- a/roles/base/files/usr/lib/check_mk_agent/plugins/ownership +++ b/roles/base/files/usr/lib/check_mk_agent/plugins/ownership @@ -1,17 +1,17 @@ #!/bin/bash # File ownership check for Check_MK -# Installed by BLSE 2.0 ansible +# Installed by PVC ansible -UID_MAX=299 +UID_MAX=199 # http://www.debian.org/doc/debian-policy/ch-opersys.html # 0-99: Globally allocated by the Debian project -# 100-199: (BLSE) Dynamically allocated system users and groups -# 200-299: (BLSE) BLSE users and groups -# 300-499: (BLSE) reserved -# 500-599: (BLSE) system administrators -# 600-999: (BLSE) reserved -# 64045: (BLSE) ceph +# 100-199: (PVC) Dynamically allocated system users and groups +# 200-299: (PVC) provisioning users +# 300-499: (PVC) reserved +# 500-599: (PVC) system administrators +# 600-999: (PVC) reserved +# 64045: (PVC) ceph function is_element_of { local TO_FIND=$1 @@ -47,11 +47,9 @@ for FILESYSTEM in ${FILESYSTEMs[@]}; do -not \( -type d -a \( -path /media -o -path /mnt \) \) \ -not \( -name '.*.swp' -a -mtime -3 \) \ -not \( -path '*/.git' -o -path '*/.git/*' \) \ - -not \( -path '*.dirtrack.Storable' \) \ -not \( -path '/home/*' \) \ -not \( -path '/tmp/*' \) \ -not \( -path '/var/home/*' \) \ - -not \( -path '/var/log/gitlab/*' \) \ -print0 2>/dev/null ) done