From noreply at sourceforge.net Mon Jan 12 23:51:43 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 12 Jan 2009 22:51:43 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-2343438 ] SNMPv3 fixes for perl plugins Message-ID: Bugs item #2343438, was opened at 2008-11-25 05:32 Message generated for change (Comment added) made by mkania You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2343438&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Argument proccessing Group: Release (specify) Status: Open Resolution: None Priority: 5 Private: No Submitted By: Robin Schroeder (r_schroeder) Assigned to: Nobody/Anonymous (nobody) Summary: SNMPv3 fixes for perl plugins Initial Comment: When calling check_ifoperstatus or check_ifstatus with the following arguments, I get errors: ./check_ifoperstatus -v3 -H hostname -U user -L authPriv -a MD5 --privpass YYYYYYYY --authpass XXXXXXXX -d eth0 UNKNOWN: Invalid argument '-authpass => XXXXXXXX' ./check_ifstatus -v3 -H hostname -U user -L authPriv -a MD5 --privpass YYYYYYYY --authpass XXXXXXXX Missing arguments! check_ifoperstatus and check_ifstatus generate the "-authpass => ..." parameter in a way, Net::SNMP->session doesn't understand. check_ifstatus doesn't recognize "-L authPriv". The attached patch fixes all problems for me. Some details about my environment: Plugin Version (-V output): check_ifoperstatus v1642 (nagios-plugins 1.4.13) Plugin Version (-V output): check_ifstatus v884 (nagios-plugins 1.4.13) Plugin Name: check_ifoperstatus, check_ifstatus Plugin Commandline showing issues: ./check_ifoperstatus -v3 -H hostname -U user -L authPriv -a MD5 --privpass YYYYYYYY --authpass XXXXXXXX -d eth0 ./check_ifstatus -v3 -H hostname -U user -L authPriv -a MD5 --privpass YYYYYYYY --authpass XXXXXXXX Operating System: Debian GNU/Linux etch (4.0) Architecture: i686 Compiler: perl -V Summary of my perl5 (revision 5 version 8 subversion 8) configuration: Platform: osname=linux, osvers=2.6.24.4, archname=i486-linux-gnu-thread-multi uname='linux ninsei 2.6.24.4 #1 smp preempt fri apr 18 15:36:09 pdt 2008 i686 gnulinux ' config_args='-Dusethreads -Duselargefiles -Dccflags=-DDEBIAN -Dcccdlflags=-fPIC -Darchname=i486-linux-gnu -Dprefix=/usr -Dprivlib=/usr/share/perl/5.8 -Darchlib=/usr/lib/perl/5.8 -Dvendorprefix=/usr -Dvendorlib=/usr/share/perl5 -Dvendorarch=/usr/lib/perl5 -Dsiteprefix=/usr/local -Dsitelib=/usr/local/share/perl/5.8.8 -Dsitearch=/usr/local/lib/perl/5.8.8 -Dman1dir=/usr/share/man/man1 -Dman3dir=/usr/share/man/man3 -Dsiteman1dir=/usr/local/man/man1 -Dsiteman3dir=/usr/local/man/man3 -Dman1ext=1 -Dman3ext=3perl -Dpager=/usr/bin/sensible-pager -Uafs -Ud_csh -Uusesfio -Uusenm -Duseshrplib -Dlibperl=libperl.so.5.8.8 -Dd_dosuid -des' hint=recommended, useposix=true, d_sigaction=define usethreads=define use5005threads=undef useithreads=define usemultiplicity=define useperlio=define d_sfio=undef uselargefiles=define usesocks=undef use64bitint=undef use64bitall=undef uselongdouble=undef usemymalloc=n, bincompat5005=undef Compiler: cc='cc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -DDEBIAN -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64', optimize='-O2', cppflags='-D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -DDEBIAN -fno-strict-aliasing -pipe -I/usr/local/include' ccversion='', gccversion='4.1.2 20061115 (prerelease) (Debian 4.1.1-21)', gccosandvers='' intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234 d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12 ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8 alignbytes=4, prototype=define Linker and Libraries: ld='cc', ldflags =' -L/usr/local/lib' libpth=/usr/local/lib /lib /usr/lib libs=-lgdbm -lgdbm_compat -ldb -ldl -lm -lpthread -lc -lcrypt perllibs=-ldl -lm -lpthread -lc -lcrypt libc=/lib/libc-2.3.6.so, so=so, useshrplib=true, libperl=libperl.so.5.8.8 gnulibc_version='2.3.6' Dynamic Linking: dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E' cccdlflags='-fPIC', lddlflags='-shared -L/usr/local/lib' Characteristics of this binary (from libperl): Compile-time options: MULTIPLICITY PERL_IMPLICIT_CONTEXT PERL_MALLOC_WRAP THREADS_HAVE_PIDS USE_ITHREADS USE_LARGE_FILES USE_PERLIO USE_REENTRANT_API Built under linux Compiled at Apr 25 2008 20:23:05 @INC: /etc/perl /usr/local/lib/perl/5.8.8 /usr/local/share/perl/5.8.8 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.8 /usr/share/perl/5.8 /usr/local/lib/site_perl . ---------------------------------------------------------------------- Comment By: Michael Kania (mkania) Date: 2009-01-12 14:51 Message: The patches for check_ifoperstatus worked great. ---------------------------------------------------------------------- Comment By: Robin Schroeder (r_schroeder) Date: 2008-12-29 13:24 Message: Nobody using these plugins except me? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2343438&group_id=29880 From noreply at sourceforge.net Wed Jan 14 13:18:10 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Wed, 14 Jan 2009 12:18:10 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Patches-2506958 ] check_disk ignore non-matched regexp Message-ID: Patches item #2506958, was opened at 2009-01-14 12:14 Message generated for change (Comment added) made by paulhaldane You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397599&aid=2506958&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Enhancement Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Paul Haldane (paulhaldane) Assigned to: Nobody/Anonymous (nobody) Summary: check_disk ignore non-matched regexp Initial Comment: Patch against Plugin Version (-V output): check_disk v2025 (nagios-plugins 1.4.13) Plugin Name: check_disk Example Plugin Commandline: check_disk -w 10% -c 5% -e -L -A -C -w 6% -c 3% -r '.*sapdata.*' -X tmpfs Tested on operating system: Solaris 10 Tested on architecture: Tested with compiler: gcc 3.3.2 Patch adds a new option (-n) which tells check_disk not to exit with error if we use -R/-r and the supplied regular expression doesn't match any filesystems. We find this useful as we have some filesystems that we run with less free space than others (because the usage will only increase with explicit administrator action) and so want to set tighter thresholds in nrpe.conf. However if we use the same check_disk options on all hosts, machines which don't have any matching filesystems will flag up an error. The -n option needs to appear before -R/-r if it's used. ---------------------------------------------------------------------- >Comment By: Paul Haldane (paulhaldane) Date: 2009-01-14 12:18 Message: Example commmand line should be $ ~/check_disk+ -w 10% -c 5% -e -L -A -C -w 6% -c 4% -n -r '.*sapdata.*' -X tmpfs which gives output like DISK OK| /=2210MB;35454;37424;0;39394 /dev=2210MB;35454;37424;0;39394 /sapmnt/NUI=1268MB;3629;3831;0;4033 /usr/local/iss=815MB;35454;37424;0;39394 /usr/sap/NUI=788MB;3629;3831;0;4033 /var/home=815MB;35454;37424;0;39394 /var/home/sap=2460MB;5444;5746;0;6049 Without the -n we get $ ~/check_disk+ -w 10% -c 5% -e -L -A -C -w 6% -c 4% -r '.*sapdata.*' -X tmpfs DISK UNKNOWN: Regular expression did not match any path or disk - .*sapdata.* ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397599&aid=2506958&group_id=29880 From noreply at sourceforge.net Wed Jan 14 13:14:26 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Wed, 14 Jan 2009 12:14:26 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Patches-2506958 ] check_disk ignore non-matched regexp Message-ID: Patches item #2506958, was opened at 2009-01-14 12:14 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397599&aid=2506958&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Enhancement Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Paul Haldane (paulhaldane) Assigned to: Nobody/Anonymous (nobody) Summary: check_disk ignore non-matched regexp Initial Comment: Patch against Plugin Version (-V output): check_disk v2025 (nagios-plugins 1.4.13) Plugin Name: check_disk Example Plugin Commandline: check_disk -w 10% -c 5% -e -L -A -C -w 6% -c 3% -r '.*sapdata.*' -X tmpfs Tested on operating system: Solaris 10 Tested on architecture: Tested with compiler: gcc 3.3.2 Patch adds a new option (-n) which tells check_disk not to exit with error if we use -R/-r and the supplied regular expression doesn't match any filesystems. We find this useful as we have some filesystems that we run with less free space than others (because the usage will only increase with explicit administrator action) and so want to set tighter thresholds in nrpe.conf. However if we use the same check_disk options on all hosts, machines which don't have any matching filesystems will flag up an error. The -n option needs to appear before -R/-r if it's used. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397599&aid=2506958&group_id=29880 From dermoth at aei.ca Thu Jan 15 06:54:39 2009 From: dermoth at aei.ca (Thomas Guyot-Sionnest) Date: Thu, 15 Jan 2009 00:54:39 -0500 Subject: [Nagiosplug-devel] First TAP tests on our HP-UX tinderbox ever! Message-ID: <496ECF9F.9000605@aei.ca> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I finally got it! All our tinderbox servers are now running the C tests with libtap! Log excerpt from ratatosk HP-UX B.11.23: > test_utils.....ok > 1484 > test_disk......dubious > 1485 > Test returned status 3 (wstat 768, 0x300) > 1486 > DIED. FAILED tests 15, 17, 19 > 1487 > NEXT > Failed 3/33 tests, 90.91% okay > 1488 > test_tcp.......ok > 1489 > test_cmd.......ok > 1490 > test_base64....ok > 1491 > test_ini.......skipped > 1492 > all skipped: ./test_ini not compiled - please install tap library and/or enable parse-ini to test > 1493 > test_opts......skipped > 1494 > all skipped: ./test_opts not compiled - please install tap library and/or enable parse-ini to test > 1495 > NEXT > Failed Test Stat Wstat Total Fail Failed List of Failed > 1496 > ------------------------------------------------------------------------------- > 1497 > test_disk.t 3 768 33 3 9.09% 15 17 19 > 1498 > 2 tests skipped. ... and test_disk fails. Back to hacking now :) BTW we should likely look into putting all tests in a single directory/Makefile as right now if the C tests fails we're not running the plugins tests at all. AFAIK using "make -i" wouldn't help neither as it looks like tinderbox is using make's return code to determine if tests passed. - -- Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJbs+e6dZ+Kt5BchYRAlgSAJwPBblBxWFy/l/Xd4Zxzil6wEh4vACgi7iz MX+Ti6cUVeeTHm/mon6KJwY= =W2+s -----END PGP SIGNATURE----- From dermoth at aei.ca Thu Jan 15 09:58:20 2009 From: dermoth at aei.ca (Thomas Guyot-Sionnest) Date: Thu, 15 Jan 2009 03:58:20 -0500 Subject: [Nagiosplug-devel] First TAP tests on our HP-UX tinderbox ever! In-Reply-To: <496ECF9F.9000605@aei.ca> References: <496ECF9F.9000605@aei.ca> Message-ID: <496EFAAC.6040108@aei.ca> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 15/01/09 12:54 AM, Thomas Guyot-Sionnest wrote: > I finally got it! All our tinderbox servers are now running the C tests > with libtap! > > Log excerpt from ratatosk HP-UX B.11.23: > > [...] > >> Failed Test Stat Wstat Total Fail Failed List of Failed >> 1496 >> ------------------------------------------------------------------------------- >> 1497 >> test_disk.t 3 768 33 3 9.09% 15 17 19 >> 1498 >> 2 tests skipped. > > ... and test_disk fails. Back to hacking now :) Looks like it fails on the case-insensitive regexps in test_disk's path selection test code. Possibly a Gnulib bug... I will try syncing with the latest Gnulib and will follow up on their ML if we're still having problems. - -- Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJbvqs6dZ+Kt5BchYRAiC3AJ9rnmt+Qfot63KaKXLwNNuhCY5Y2ACeLoDP kwK6B+ccY7mT+kIqF1kAQFw= =BPBQ -----END PGP SIGNATURE----- From ton.voon at opsera.com Thu Jan 15 10:08:30 2009 From: ton.voon at opsera.com (Ton Voon) Date: Thu, 15 Jan 2009 09:08:30 +0000 Subject: [Nagiosplug-devel] First TAP tests on our HP-UX tinderbox ever! In-Reply-To: <496ECF9F.9000605@aei.ca> References: <496ECF9F.9000605@aei.ca> Message-ID: <19A99A47-BE2D-4610-9F5D-94C1E40E1645@opsera.com> On 15 Jan 2009, at 05:54, Thomas Guyot-Sionnest wrote: > > I finally got it! All our tinderbox servers are now running the C > tests > with libtap! > > Log excerpt from ratatosk HP-UX B.11.23: > >> 1496 >> >> ------------------------------------------------------------------------------- >> 1497 >> test_disk.t 3 768 33 3 9.09% 15 17 19 >> 1498 >> 2 tests skipped. > > ... and test_disk fails. Back to hacking now :) Brilliant! Thanks for all your work on this Thomas. And another request for more Tinderbox build servers. Anyone? > BTW we should likely look into putting all tests in a single > directory/Makefile as right now if the C tests fails we're not running > the plugins tests at all. AFAIK using "make -i" wouldn't help > neither as > it looks like tinderbox is using make's return code to determine if > tests passed. I think there is a bit of a reorg around the testing because there are 4 types of testing at the moment: - plugin perl tests with internal services with input variables (check_disk) - plugin perl tests with external internet services (check_ntp, some check_http) - libtap tests (utils_*.c) - controlled perl tests (check_http) There needs to be a bit of consolidation around this., though I'm not entirely clear on what that is yet. Ton From dermoth at aei.ca Fri Jan 16 11:10:51 2009 From: dermoth at aei.ca (Thomas Guyot-Sionnest) Date: Fri, 16 Jan 2009 05:10:51 -0500 Subject: [Nagiosplug-devel] First TAP tests on our HP-UX tinderbox ever! In-Reply-To: <496EFAAC.6040108@aei.ca> References: <496ECF9F.9000605@aei.ca> <496EFAAC.6040108@aei.ca> Message-ID: <49705D2B.1080502@aei.ca> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 15/01/09 03:58 AM, Thomas Guyot-Sionnest wrote: > On 15/01/09 12:54 AM, Thomas Guyot-Sionnest wrote: >> I finally got it! All our tinderbox servers are now running the C tests >> with libtap! > >> Log excerpt from ratatosk HP-UX B.11.23: > >> [...] > >>> Failed Test Stat Wstat Total Fail Failed List of Failed >>> 1496 >>> ------------------------------------------------------------------------------- >>> 1497 >>> test_disk.t 3 768 33 3 9.09% 15 17 19 >>> 1498 >>> 2 tests skipped. >> ... and test_disk fails. Back to hacking now :) > > Looks like it fails on the case-insensitive regexps in test_disk's path > selection test code. > > Possibly a Gnulib bug... I will try syncing with the latest Gnulib and > will follow up on their ML if we're still having problems. > gnulib update fixed HP-UX 11.23... and broke IRIX 6.5! I sent an email about the issue on their mailing list, but it's not easy to pinpoint the issue without access to an IRIX server (all I know is it's about undeclared mbstate_t type). Waiting for their feedback... - -- Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJcF0r6dZ+Kt5BchYRAtSzAJ42KcPJxAnQqUrZEyOMAV3Tz1HeRQCfT9zq PhnXnpDUxUXiBaA2ns0Awoc= =TdR7 -----END PGP SIGNATURE----- From ton.voon at opsera.com Fri Jan 16 14:00:54 2009 From: ton.voon at opsera.com (Ton Voon) Date: Fri, 16 Jan 2009 13:00:54 +0000 Subject: [Nagiosplug-devel] First TAP tests on our HP-UX tinderbox ever! In-Reply-To: <49705D2B.1080502@aei.ca> References: <496ECF9F.9000605@aei.ca> <496EFAAC.6040108@aei.ca> <49705D2B.1080502@aei.ca> Message-ID: On 16 Jan 2009, at 10:10, Thomas Guyot-Sionnest wrote: > gnulib update fixed HP-UX 11.23... and broke IRIX 6.5! > > I sent an email about the issue on their mailing list, but it's not > easy > to pinpoint the issue without access to an IRIX server (all I know is > it's about undeclared mbstate_t type). > > Waiting for their feedback... I thought they fixed this. Here's the thread: http://lists.gnu.org/archive/html/bug-gnulib/2008-03/msg00194.html Is this in their latest code? Ton From dermoth at aei.ca Fri Jan 16 14:14:35 2009 From: dermoth at aei.ca (Thomas Guyot-Sionnest) Date: Fri, 16 Jan 2009 08:14:35 -0500 Subject: [Nagiosplug-devel] First TAP tests on our HP-UX tinderbox ever! In-Reply-To: References: <496ECF9F.9000605@aei.ca> <496EFAAC.6040108@aei.ca> <49705D2B.1080502@aei.ca> Message-ID: <4970883B.7020100@aei.ca> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 16/01/09 08:00 AM, Ton Voon wrote: > On 16 Jan 2009, at 10:10, Thomas Guyot-Sionnest wrote: > >> gnulib update fixed HP-UX 11.23... and broke IRIX 6.5! >> >> I sent an email about the issue on their mailing list, but it's not >> easy >> to pinpoint the issue without access to an IRIX server (all I know is >> it's about undeclared mbstate_t type). >> >> Waiting for their feedback... > > I thought they fixed this. Here's the thread: > > http://lists.gnu.org/archive/html/bug-gnulib/2008-03/msg00194.html > > Is this in their latest code? Yes, checked out one hour or two before the commit. - -- Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJcIg76dZ+Kt5BchYRAvjpAKDCip922gCc2kJtLRkDgBAwxCwstQCfXIyi QWZX7+CgvVo2F7PXKWITi+s= =pk97 -----END PGP SIGNATURE----- From dermoth at aei.ca Fri Jan 16 17:37:27 2009 From: dermoth at aei.ca (Thomas Guyot-Sionnest) Date: Fri, 16 Jan 2009 11:37:27 -0500 Subject: [Nagiosplug-devel] First TAP tests on our HP-UX tinderbox ever! In-Reply-To: <4970883B.7020100@aei.ca> References: <496ECF9F.9000605@aei.ca> <496EFAAC.6040108@aei.ca> <49705D2B.1080502@aei.ca> <4970883B.7020100@aei.ca> Message-ID: <4970B7C7.30304@aei.ca> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thomas Guyot-Sionnest wrote: > On 16/01/09 08:00 AM, Ton Voon wrote: >> On 16 Jan 2009, at 10:10, Thomas Guyot-Sionnest wrote: > >>> gnulib update fixed HP-UX 11.23... and broke IRIX 6.5! >>> >>> I sent an email about the issue on their mailing list, but it's not >>> easy >>> to pinpoint the issue without access to an IRIX server (all I know is >>> it's about undeclared mbstate_t type). >>> >>> Waiting for their feedback... >> I thought they fixed this. Here's the thread: > >> http://lists.gnu.org/archive/html/bug-gnulib/2008-03/msg00194.html > >> Is this in their latest code? > > Yes, checked out one hour or two before the commit. Hum, I though you meant did I use their latest code.... Yes, the HP-UX fix is in and compiles fine, It's IRIX that is broken compiling printf-args.c See: http://article.gmane.org/gmane.comp.lib.gnulib.bugs/16322 - -- Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJcLfH6dZ+Kt5BchYRAlG/AKCP1zx+eCvNGiHequY3WbUihPS9ZQCfXBAG n4wJWQVVV95jUvbKcrXDRzY= =Cahx -----END PGP SIGNATURE----- From dermoth at aei.ca Sun Jan 18 21:27:43 2009 From: dermoth at aei.ca (Thomas Guyot-Sionnest) Date: Sun, 18 Jan 2009 15:27:43 -0500 Subject: [Nagiosplug-devel] CLEANUP - Any of these files can go away (in /tools/)? Message-ID: <497390BF.8080509@aei.ca> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm deleting tools/snapshots since is appears to have been replaced by sfsnapshot a long time ago and is unmaintained. What about these? mail_error - what is it for?? > $ git log -1 mail_error > commit 82ffcf87b6b9cd84f98ac8543d8e466ce5af95ba > Author: Ton Voon > Date: Wed Oct 15 19:27:56 2003 +0000 > > Need to export PATH for sfsnapshot to get correct GNU toolchain > > > git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk at 747 f882894a-f735-0410-b71e-b25c423dba1c mini_epn.c/p1.pl - IIRC there's already two mini-epn's in the Nagios source tree. If this one is one of them it should stick with Nagios only. If it's a third one and is useful it should go in the Nagios tree anyway. > $ git log -2 mini_epn.c > commit 6fbd14fea5c111a23d9074d25499991cbfa58f79 > Author: Thomas Guyot-Sionnest > Date: Sun Nov 23 05:38:47 2008 +0000 > > Removing CVS/SVN tags and replacing with git-based versioning > For contrib/, full tags have been imported from subversion > > > git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk at 2091 f882894a-f735-0410-b71e-b25c423dba1c > > commit bbcaeb1db1666c606a3578d3d24f1618f8c9947c > Author: Subhendu Ghosh > Date: Thu May 2 16:22:13 2002 +0000 > > updated mini_epn and p1.pl added to plugins distribution > > > git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk at 20 f882894a-f735-0410-b71e-b25c423dba1c oneliners - If these are still useful, could they include comments as to what they do and possibly why do we need them? > $ git log -1 tango > commit 44a321cb8a42d6c0ea2d96a1086a17f2134c89cc > Author: Ethan Galstad > Date: Thu Feb 28 06:42:51 2002 +0000 > > Initial revision > > > git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk at 2 f882894a-f735-0410-b71e-b25c423dba1c p1.pl - Used only by mini-epn right? README - I don't think we should delete it, but it's missing information about a few files in the directory tango - what is it for?? > $ git log -1 tango > commit 44a321cb8a42d6c0ea2d96a1086a17f2134c89cc > Author: Ethan Galstad > Date: Thu Feb 28 06:42:51 2002 +0000 > > Initial revision > > > git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk at 2 f882894a-f735-0410-b71e-b25c423dba1c - -- Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJc5C/6dZ+Kt5BchYRAjsiAJwMAPk3qD7P7wiSFtmpwuKyNGFkLACfXbsf U9xSlAuUEM6lO0JjfHSfzYk= =1226 -----END PGP SIGNATURE----- From dermoth at aei.ca Sun Jan 18 21:32:09 2009 From: dermoth at aei.ca (Thomas Guyot-Sionnest) Date: Sun, 18 Jan 2009 15:32:09 -0500 Subject: [Nagiosplug-devel] CLEANUP - Any of these files can go away (in /tools/)? In-Reply-To: <497390BF.8080509@aei.ca> References: <497390BF.8080509@aei.ca> Message-ID: <497391C9.4000607@aei.ca> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 18/01/09 03:27 PM, Thomas Guyot-Sionnest wrote: > I'm deleting tools/snapshots since is appears to have been replaced by > sfsnapshot a long time ago and is unmaintained. What about these? > > mail_error - what is it for?? > >> $ git log -1 mail_error >> commit 82ffcf87b6b9cd84f98ac8543d8e466ce5af95ba >> Author: Ton Voon >> Date: Wed Oct 15 19:27:56 2003 +0000 > >> Need to export PATH for sfsnapshot to get correct GNU toolchain I think I got the answer for this one :) from sfsnapshot: > # Install in cron with something like: > # 47 * * * * $HOME/bin/mail_error -o $HOME/sfsnapshot.out -m tonvoon at users.sf.net sfsnapshot r1_3_0 - -- Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJc5HJ6dZ+Kt5BchYRAtfyAJ45oimvIyfMxL4rX3/+HE/ksicrKwCePoBY 2Y4HD+Jqoveyf/0Xnl/Rrvo= =vciO -----END PGP SIGNATURE----- From dermoth at aei.ca Thu Jan 22 07:56:52 2009 From: dermoth at aei.ca (Thomas Guyot-Sionnest) Date: Thu, 22 Jan 2009 01:56:52 -0500 Subject: [Nagiosplug-devel] [RFC] Handling of default ini config in Nagios::Plugin Message-ID: <497818B4.6010101@aei.ca> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi I just realized the C plugin's extra-opts was totally silent if it couldn't find the default files, even though it dies (UNKNOWN) on section not found. I looked at Nagios::Plugin as a reference and this one used croak() which returned a status of 2 (CRITICAL). In my latest commit here I made it return UNKNOWN, though I'm wondering if there is a better way to do it: http://solaris.beaubien.net/cgi-bin/gitweb.cgi?p=Nagios-Plugin-dermoth.git;a=summary While we're at it, shall we debate on whenever the plugins should die or ignore when they can't find their file/section? If we don't, should it apply only on implicit files/sections (--extra-opts without arguments) or even if section/file is specified explicitely? Note that it's not possible to add empty sections neither - -- Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJeBi06dZ+Kt5BchYRAhVOAJwNbwVx59QvI8+OAyNFv8DFBbLmtACgzyXz vcwkeHO9bIWRj2D+tRngavY= =5tvW -----END PGP SIGNATURE----- From noreply at sourceforge.net Sat Jan 24 00:13:16 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Fri, 23 Jan 2009 23:13:16 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-2531905 ] check_mysql does not properly handle passwords in from file. Message-ID: Bugs item #2531905, was opened at 2009-01-23 18:13 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2531905&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Argument proccessing Group: Release (specify) Status: Open Resolution: None Priority: 5 Private: No Submitted By: Ben Timby (btimby) Assigned to: Nobody/Anonymous (nobody) Summary: check_mysql does not properly handle passwords in from file. Initial Comment: ----------------- PROBLEM ----------------- The mysql client can use a password from a configuration file. This feature is nice as it keeps the password off of the command line. The check_mysql function does not allow for this. Even though the program informs you via a warning that passing the password on the command line is insecure. It does not allow for the best alternative. According to mysql, the mysql_connect() and mysql_real_connect() both allow a value of NULL to be given for the password. http://dev.mysql.com/doc/refman/5.1/en/mysql-real-connect.html In this case, if a password was read from the option file, it will be used for authentication. The constant "" is used in the case of NO password. Right now, check_mysql, in the validate_arguments() function sets the value of db_pass to "" if it was not provided on the command line. This prevents the password configured in the option file from being used. ----------------- TEST CASE ----------------- # vi $HOME/.my.cnf [client] password=foo # ./check_mysql Access denied for user 'root'@'localhost' (using password: NO) ----------------- PATCH ----------------- The attached patch remedies this. It uses the same method as the mysql client to determine if NULL or "" should be used. If -p is provided, without a value, then "" is used. If -p is omitted, then NULL is used. If -p is provided WITH a password, that password is used. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2531905&group_id=29880 From noreply at sourceforge.net Sat Jan 24 01:03:45 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Sat, 24 Jan 2009 00:03:45 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-2531905 ] check_mysql does not properly handle passwords in from file. Message-ID: Bugs item #2531905, was opened at 2009-01-23 18:13 Message generated for change (Comment added) made by dermoth You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2531905&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Argument proccessing Group: Release (specify) Status: Open Resolution: None Priority: 5 Private: No Submitted By: Ben Timby (btimby) Assigned to: Nobody/Anonymous (nobody) Summary: check_mysql does not properly handle passwords in from file. Initial Comment: ----------------- PROBLEM ----------------- The mysql client can use a password from a configuration file. This feature is nice as it keeps the password off of the command line. The check_mysql function does not allow for this. Even though the program informs you via a warning that passing the password on the command line is insecure. It does not allow for the best alternative. According to mysql, the mysql_connect() and mysql_real_connect() both allow a value of NULL to be given for the password. http://dev.mysql.com/doc/refman/5.1/en/mysql-real-connect.html In this case, if a password was read from the option file, it will be used for authentication. The constant "" is used in the case of NO password. Right now, check_mysql, in the validate_arguments() function sets the value of db_pass to "" if it was not provided on the command line. This prevents the password configured in the option file from being used. ----------------- TEST CASE ----------------- # vi $HOME/.my.cnf [client] password=foo # ./check_mysql Access denied for user 'root'@'localhost' (using password: NO) ----------------- PATCH ----------------- The attached patch remedies this. It uses the same method as the mysql client to determine if NULL or "" should be used. If -p is provided, without a value, then "" is used. If -p is omitted, then NULL is used. If -p is provided WITH a password, that password is used. ---------------------------------------------------------------------- >Comment By: Thomas Guyot-Sionnest (dermoth) Date: 2009-01-23 19:03 Message: Thanks for your patch. There's one thing though that I don't understand, since it already sets db_pass to "" when null (last hunk of your patch does it), why do you need to do this using -p? Can you explain the difference between db_pass=NULL, ="" and =, or point me to the right place in the libmysql documentation? You should also be aware that you can also use the extra-opts feature to use a file for the password argument (you need to enable it with configure; I know some packages enable it by default), although I highly suggest to use the latest snapshot until the 1.4.14 release as there have been some important fixes since 1.4.13. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2531905&group_id=29880 From ton.voon at opsera.com Mon Jan 26 16:35:57 2009 From: ton.voon at opsera.com (Ton Voon) Date: Mon, 26 Jan 2009 15:35:57 +0000 Subject: [Nagiosplug-devel] [RFC] Handling of default ini config in Nagios::Plugin In-Reply-To: <497818B4.6010101@aei.ca> References: <497818B4.6010101@aei.ca> Message-ID: <4183B98E-6F1D-4AAB-A628-AF1BEC304F90@opsera.com> On 22 Jan 2009, at 06:56, Thomas Guyot-Sionnest wrote: > I just realized the C plugin's extra-opts was totally silent if it > couldn't find the default files, even though it dies (UNKNOWN) on > section not found. > > I looked at Nagios::Plugin as a reference and this one used croak() > which returned a status of 2 (CRITICAL). > > In my latest commit here I made it return UNKNOWN, though I'm > wondering > if there is a better way to do it: > > http://solaris.beaubien.net/cgi-bin/gitweb.cgi?p=Nagios-Plugin-dermoth.git;a=summary I think UNKNOWN for any failure relating to the ini files makes sense - these shouldn't be CRITICAL errors. > While we're at it, shall we debate on whenever the plugins should > die or > ignore when they can't find their file/section? If we don't, should it > apply only on implicit files/sections (--extra-opts without arguments) > or even if section/file is specified explicitely? > > Note that it's not possible to add empty sections neither I'm undecided. Any other opinions? Ton -------------- next part -------------- An HTML attachment was scrubbed... URL: From noreply at sourceforge.net Wed Jan 28 08:42:45 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Wed, 28 Jan 2009 07:42:45 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Feature Requests-2542428 ] check_versions via NRPE Message-ID: Feature Requests item #2542428, was opened at 2009-01-28 08:42 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397600&aid=2542428&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Priority: 5 Private: No Submitted By: Wilfried Brunken (df7be) Assigned to: Nobody/Anonymous (nobody) Summary: check_versions via NRPE Initial Comment: Hello, wie habe written 3 simple Plugins vor Version checks. The User can modify it to its own use. copy this scripts to /usr/local/nagios/libexec and set executable permission by chmod 755 ... 1.) check_version_plugins In utils.sh the function "print_revision" prints out the version of the installed Nagios Plugins: ./check_version_plugins Nagios Plugins 1.4.13 Calling vi NRPE, the Version was send to the Nagios Server. Entry in nrpe.cfg command[check_version_plugins]=/usr/local/nagios/libexec/check_version_plugins In the same Matter, all the 2 next scripts are good examples for checking versions 2.) check_version_tcp checks the version of the Plugin check_tcp by calling it with the --version Option. Only the Line with the Version was printed. 3.) check_version_perl check the Version of the Perl-Interpreter, the Version was printed by perl in the second line. Write another script for what you need (gcc, make, ...) 73 de DF7BE ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397600&aid=2542428&group_id=29880 From noreply at sourceforge.net Wed Jan 28 08:53:12 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Wed, 28 Jan 2009 07:53:12 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-1984240 ] check_tcp Segmentation fault on HP-UX 11.23 Message-ID: Bugs item #1984240, was opened at 2008-06-04 10:19 Message generated for change (Comment added) made by df7be You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1984240&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Wilfried Brunken (df7be) Assigned to: Nobody/Anonymous (nobody) Summary: check_tcp Segmentation fault on HP-UX 11.23 Initial Comment: Hello, compiled Plugins Version 1.4.12 with gcc (GCC) 4.1.1 the check_tcp cored at call (with no or any options) here comes the GDB Backtrace, i hope ths helps. 73 de DF7BE /usr/local/nagios/libexec> gdb check_tcp core HP gdb 3.1 for PA-RISC 1.1 or 2.0 (narrow), HP-UX 11.00. Copyright 1986 - 2001 Free Software Foundation, Inc. Hewlett-Packard Wildebeest 3.1 (based on GDB) is covered by the GNU General Public License. Type "show copying" to see the conditions to change it and/or distribute copies. Type "show warranty" for warranty/support. .. Core was generated by `check_tcp'. Program terminated with signal 11, Segmentation fault. warning: The shared libraries were not privately mapped; setting a breakpoint in a shared library will not work until you rerun the program. Process ID is greater than 65535. #0 0xc06ba404 in pthread_mutex_lock+0x64 () from /usr/lib/libcma.2 (gdb) bt #0 0xc06ba404 in pthread_mutex_lock+0x64 () from /usr/lib/libcma.2 Cannot access memory at address 0xc06ba390 (gdb) ---------------------------------------------------------------------- >Comment By: Wilfried Brunken (df7be) Date: 2009-01-28 08:53 Message: Hello, The problem seems to be fixed. kompiled Plugins v 1.4.13 and add System Patch bundle, it works: ./check_tcp -H localhost -p 5666 TCP OK - 0.004 second response time on port 5666|time=0.003778s;;;0.000000;10.000000 the gcc has the same version swlist | grep -i patch BUNDLE B.11.23 Patch Bundle BUNDLE11i B.11.23.0409.3 Required Patch Bundle for HP-UX 11i v2 (B.11.23), September 2004 FEATURE11i B.11.23.0603.040 Feature Enablement Patches for HP-UX 11i v2, March 2006 HWEnable11i B.11.23.0603.040a Hardware Enablement Patches for HP-UX 11i v2, March 2006 SecPatchCk B.02.02 HP-UX Security Patch Check Tool ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1984240&group_id=29880 From noreply at sourceforge.net Fri Jan 30 21:36:18 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Fri, 30 Jan 2009 20:36:18 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-2550208 ] Patch to check_http redirect behaviour Message-ID: Bugs item #2550208, was opened at 2009-01-30 21:36 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2550208&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: Release (specify) Status: Open Resolution: None Priority: 5 Private: No Submitted By: Jan Wagner (cyco_dd) Assigned to: Nobody/Anonymous (nobody) Summary: Patch to check_http redirect behaviour Initial Comment: The following Bugreport we got against our debian package: If told to follow redirects, check_http follows exactly disregarding any supplied IP address. Of course this might be what you want. The included patch adds another option to the -f|--on-redirect switch which will follow but still connect to the same host. It might be considered a bug that even if an IP address is NOT given, the same host will be connected to. --- check_http.c~ 2008-05-07 11:02:42.000000000 +0100 +++ check_http.c 2008-10-17 09:45:38.000000000 +0100 @@ -110,6 +110,7 @@ char **http_opt_headers; int http_opt_headers_count = 0; int onredirect = STATE_OK; +int follow_same_ip = FALSE; int use_ssl = FALSE; int verbose = FALSE; int sd; @@ -302,6 +303,11 @@ server_port = HTTPS_PORT; break; case 'f': /* onredirect */ + if (!strcmp (optarg, "follow-same-ip")) + { + onredirect = STATE_DEPENDENT; + follow_same_ip = TRUE; + } if (!strcmp (optarg, "follow")) onredirect = STATE_DEPENDENT; if (!strcmp (optarg, "unknown")) @@ -1151,8 +1158,11 @@ free (host_name); host_name = strdup (addr); - free (server_address); - server_address = strdup (addr); + if (!follow_same_ip) + { + free (server_address); + server_address = strdup (addr); + } free (server_url); if ((url[0] == '/')) @@ -1169,8 +1179,12 @@ display_html ? "" : ""); if (verbose) - printf (_("Redirection to %s://%s:%d%s\n"), server_type, - host_name ? host_name : server_address, server_port, server_url); + { + printf (_("Redirection to %s://%s:%d%s\n"), server_type, + host_name ? host_name : server_address, server_port, server_url); + if (!host_name) + printf (_("Connecting to %s.\n"), server_address); + } check_http (); } @@ -1292,7 +1306,7 @@ printf (" %s\n", _(" Any other tags to be sent in http header. Use multiple times for additional headers")); printf (" %s\n", "-L, --link"); printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); - printf (" %s\n", "-f, --onredirect="); + printf (" %s\n", "-f, --onredirect="); printf (" %s\n", _("How to handle redirected pages")); printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)")); @@ -1346,7 +1360,7 @@ printf (_("Usage:")); printf (" %s -H | -I [-u ] [-p ]\n",progname); printf (" [-w ] [-c ] [-t ] [-L]\n"); - printf (" [-a auth] [-f ] [-e ]\n"); + printf (" [-a auth] [-f ] [-e ]\n"); printf (" [-s string] [-l] [-r | -R ] [-P string]\n"); printf (" [-m :] [-4|-6] [-N] [-M ] [-A string]\n"); printf (" [-k string] [-S] [-C ] [-T ]\n"); You can track the bugreport via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502529 ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2550208&group_id=29880 From noreply at sourceforge.net Fri Jan 30 21:40:51 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Fri, 30 Jan 2009 20:40:51 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-2550224 ] check_ntp: wrong output for host with both A and AAAA record Message-ID: Bugs item #2550224, was opened at 2009-01-30 21:40 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2550224&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: CVS Status: Open Resolution: None Priority: 5 Private: No Submitted By: Jan Wagner (cyco_dd) Assigned to: Nobody/Anonymous (nobody) Summary: check_ntp: wrong output for host with both A and AAAA record Initial Comment: The following Bugreport we got against our debian package: Please consider this: $ host -t any lipton.aai.niif.hu lipton.aai.niif.hu A 193.225.14.195 lipton.aai.niif.hu AAAA 2001:738:0:701:80:C1E1:EC3:0 $ /usr/lib/nagios/plugins/check_ntp -H lipton.aai.niif.hu -v sending request to peer 0 sending request to peer 1 response from peer 1: offset -2.680183388e-05 sending request to peer 1 response from peer 1: offset -1.871510176e-05 sending request to peer 1 response from peer 1: offset 3.834080417e-06 sending request to peer 1 response from peer 1: offset -3.614556044e-05 re-sending request to peer 0 re-sending request to peer 0 re-sending request to peer 0 re-sending request to peer 0 re-sending request to peer 0 re-sending request to peer 0 overall average offset: nan NTP OK: Offset nan secs|offset=nan This isn't serious, since one uses IP addresses anyway, but still a bug. Sure the client doesn't respond to IPv6 packets, but its offset isn't NaN. You can track the bugreport via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=509589 ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2550224&group_id=29880 From noreply at sourceforge.net Fri Jan 30 21:50:01 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Fri, 30 Jan 2009 20:50:01 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-2550243 ] check_file_age should optional ignore missing files Message-ID: Bugs item #2550243, was opened at 2009-01-30 21:49 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2550243&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Jan Wagner (cyco_dd) Assigned to: Nobody/Anonymous (nobody) Summary: check_file_age should optional ignore missing files Initial Comment: The following Bugreport we got against our debian package: Hi, the check at /usr/lib/nagios/plugins/check_file_age should, when enabled via a switch, treat a missing not as a failure. I want to use this to monitor lockfiles that should, during normal operation, be not present or not old. Thanks, Joachim You can track the bugreport via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496307 Thanks and kind regards, Jan. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2550243&group_id=29880 From noreply at sourceforge.net Fri Jan 30 21:54:08 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Fri, 30 Jan 2009 20:54:08 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-2550254 ] check_ldap with starttls requires hostname to match cert nam Message-ID: Bugs item #2550254, was opened at 2009-01-30 21:54 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2550254&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: Release (specify) Status: Open Resolution: None Priority: 5 Private: No Submitted By: Jan Wagner (cyco_dd) Assigned to: Nobody/Anonymous (nobody) Summary: check_ldap with starttls requires hostname to match cert nam Initial Comment: Version: 1.4.10-1 The following Bugreport we got against our debian package: Serverside: slapd 2.4.7-3 with TLS (not ldaps) enabled. It's running on a VM with a hostname of 'utilserver.domain.org', and its SSL cert has a CN of 'utilserver', since usually only internal users interact with it. $ /usr/lib/nagios/plugins/check_ldap -T -H utilserver -b `grep BASE /etc/ldap/ldap.conf| awk '{print $2}'` LDAP OK - 0.041 seconds response time|time=0.040605s;;;0.000000 $ host utilserver utilserver.domain.org has address 192.168.20.20 $ /usr/lib/nagios/plugins/check_ldap -T -H 192.168.20.20 -b `grep BASE /etc/ldap/ldap.conf| awk '{print $2}'` Could not init startTLS at port 389! $ /usr/lib/nagios/plugins/check_ldap -T -H utilserver.domain.org -b `grep BASE /etc/ldap/ldap.conf| awk '{print $2}'` Could not init startTLS at port 389! It appears (though I haven't confirmed since my C-fu is weak) that the -T flag co-opts the hostname as specified in the -H and uses that in its TLS handshake. But that overload is not always good: my nagios checks, which use the FQDN, fail. Suggestion: -T is currently a boolean flag. How about -T [optional hostname for certificate handshake if -H isn't good enough]? I can't think of anything else you might want after -T, myself. Thanks! You can track the bugreport via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463355 Thanks and kind regards, Jan. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2550254&group_id=29880 From noreply at sourceforge.net Fri Jan 30 22:45:27 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Fri, 30 Jan 2009 21:45:27 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-1985246 ] ssh_disk dont interpret -C with single quotes correct Message-ID: Bugs item #1985246, was opened at 2008-06-05 11:16 Message generated for change (Settings changed) made by cyco_dd You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1985246&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Argument proccessing Group: None Status: Open Resolution: None >Priority: 7 Private: No Submitted By: Jan Wagner (cyco_dd) Assigned to: Nobody/Anonymous (nobody) Summary: ssh_disk dont interpret -C with single quotes correct Initial Comment: The following Bugreport we got against our debian package: By default, the ssh_disk configuration has the following command line... /usr/lib/nagios/plugins/check_by_ssh -H $HOSTADDRESS$ -C '/usr/lib/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$' This creates the following error when trying to check a remote system... [1179694002] SERVICE ALERT: tagboard;/dev/hda1 Free Space;UNKNOWN;SOFT;1;Could not open pipe: /usr/bin/ssh 172.24.32.1 '/usr/lib/nagios/plugins/check_disk -w 5% -c 3% -p "/dev/hda1"' Changing the single quotes to be double quotes in the config resolves this problem. You can track the bugreport via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=425312 Thanks and kind regards, Jan. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1985246&group_id=29880 From noreply at sourceforge.net Fri Jan 30 22:45:39 2009 From: noreply at sourceforge.net (SourceForge.net) Date: Fri, 30 Jan 2009 21:45:39 +0000 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-1985230 ] check_snmp does not allow " chars in cmdline Message-ID: Bugs item #1985230, was opened at 2008-06-05 10:46 Message generated for change (Settings changed) made by cyco_dd You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1985230&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Argument proccessing Group: CVS Status: Open Resolution: None >Priority: 7 Private: No Submitted By: Jan Wagner (cyco_dd) Assigned to: Nobody/Anonymous (nobody) Summary: check_snmp does not allow " chars in cmdline Initial Comment: The following Bugreport we got against our debian package: snmpd can be queried for customized "extend"s. A configured extend like extend avail_mem /usr/local/bin/check_avail_mem.pl can be queried as snmpget -c public -v1 ds9 'nsExtendOutput1Line."avail_mem"' NET-SNMP-EXTEND-MIB::nsExtendOutput1Line."avail_mem" = STRING: 749764 If you try to query this with check_snmp like check_snmp -H $HOSTADDRESS$ -C public -o 'nsExtendOutput1Line."syslog-idletime"' this results into Could not open pipe: /usr/bin/snmpget -t 1 -r 5 -m ALL -v 1 -c public ds9:161 nsExtendOutput1Line."syslog-idletime" Unfortuantely, check_snmp contains code in popen.c that does not allow any " chars in the command line and bails out with above error. I fixed this by commenting out the follwing block: --- popen.c.old 2008-01-12 14:16:39.000000000 +0100 +++ popen.c 2008-01-12 14:16:54.000000000 +0100 @@ -133,8 +133,10 @@ strcpy (cmd, cmdstring); /* This is not a shell, so we don't handle "???" */ +/* if (strstr (cmdstring, "\"")) return NULL; +*/ /* allow single quotes, but only if non-whitesapce doesn't occur on both sides */ if (strstr (cmdstring, " ' ") || strstr (cmdstring, "'''")) You can track the bugreport via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=460405 Thanks and kind regards, Jan. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1985230&group_id=29880