summaryrefslogtreecommitdiffstats
path: root/plugins/check_apt.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_apt.c')
-rw-r--r--plugins/check_apt.c683
1 files changed, 365 insertions, 318 deletions
diff --git a/plugins/check_apt.c b/plugins/check_apt.c
index 5c0f6e28..e840184b 100644
--- a/plugins/check_apt.c
+++ b/plugins/check_apt.c
@@ -1,55 +1,54 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2 *
3* Monitoring check_apt plugin 3 * Monitoring check_apt plugin
4* 4 *
5* License: GPL 5 * License: GPL
6* Copyright (c) 2006-2008 Monitoring Plugins Development Team 6 * Copyright (c) 2006-2024 Monitoring Plugins Development Team
7* 7 *
8* Original author: Sean Finney 8 * Original author: Sean Finney
9* 9 *
10* Description: 10 * Description:
11* 11 *
12* This file contains the check_apt plugin 12 * This file contains the check_apt plugin
13* 13 *
14* Check for available updates in apt package management systems 14 * Check for available updates in apt package management systems
15* 15 *
16* 16 *
17* This program is free software: you can redistribute it and/or modify 17 * This program is free software: you can redistribute it and/or modify
18* it under the terms of the GNU General Public License as published by 18 * it under the terms of the GNU General Public License as published by
19* the Free Software Foundation, either version 3 of the License, or 19 * the Free Software Foundation, either version 3 of the License, or
20* (at your option) any later version. 20 * (at your option) any later version.
21* 21 *
22* This program is distributed in the hope that it will be useful, 22 * This program is distributed in the hope that it will be useful,
23* but WITHOUT ANY WARRANTY; without even the implied warranty of 23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25* GNU General Public License for more details. 25 * GNU General Public License for more details.
26* 26 *
27* You should have received a copy of the GNU General Public License 27 * You should have received a copy of the GNU General Public License
28* along with this program. If not, see <http://www.gnu.org/licenses/>. 28 * along with this program. If not, see <http://www.gnu.org/licenses/>.
29* 29 *
30*****************************************************************************/ 30 *****************************************************************************/
31 31
32#include "states.h"
32const char *progname = "check_apt"; 33const char *progname = "check_apt";
33const char *copyright = "2006-2008"; 34const char *copyright = "2006-2024";
34const char *email = "devel@monitoring-plugins.org"; 35const char *email = "devel@monitoring-plugins.org";
35 36
36#include "common.h" 37#include "common.h"
37#include "runcmd.h" 38#include "runcmd.h"
38#include "utils.h" 39#include "utils.h"
39#include "regex.h" 40#include "regex.h"
40 41#include "check_apt.d/config.h"
41/* some constants */
42typedef enum { UPGRADE, DIST_UPGRADE, NO_UPGRADE } upgrade_type;
43 42
44/* Character for hidden input file option (for testing). */ 43/* Character for hidden input file option (for testing). */
45#define INPUT_FILE_OPT CHAR_MAX+1 44#define INPUT_FILE_OPT CHAR_MAX + 1
46/* the default opts can be overridden via the cmdline */ 45/* the default opts can be overridden via the cmdline */
47#define UPGRADE_DEFAULT_OPTS "-o 'Debug::NoLocking=true' -s -qq" 46#define UPGRADE_DEFAULT_OPTS "-o 'Debug::NoLocking=true' -s -qq"
48#define UPDATE_DEFAULT_OPTS "-q" 47#define UPDATE_DEFAULT_OPTS "-q"
49/* until i commit the configure.in patch which gets this, i'll define 48/* until i commit the configure.in patch which gets this, i'll define
50 * it here as well */ 49 * it here as well */
51#ifndef PATH_TO_APTGET 50#ifndef PATH_TO_APTGET
52# define PATH_TO_APTGET "/usr/bin/apt-get" 51# define PATH_TO_APTGET "/usr/bin/apt-get"
53#endif /* PATH_TO_APTGET */ 52#endif /* PATH_TO_APTGET */
54/* String found at the beginning of the apt output lines we're interested in */ 53/* String found at the beginning of the apt output lines we're interested in */
55#define PKGINST_PREFIX "Inst " 54#define PKGINST_PREFIX "Inst "
@@ -57,97 +56,106 @@ typedef enum { UPGRADE, DIST_UPGRADE, NO_UPGRADE } upgrade_type;
57#define SECURITY_RE "^[^\\(]*\\(.* (Debian-Security:|Ubuntu:[^/]*/[^-]*-security)" 56#define SECURITY_RE "^[^\\(]*\\(.* (Debian-Security:|Ubuntu:[^/]*/[^-]*-security)"
58 57
59/* some standard functions */ 58/* some standard functions */
60int process_arguments(int, char **); 59typedef struct {
61void print_help(void); 60 int errorcode;
61 check_apt_config config;
62} check_apt_config_wrapper;
63static check_apt_config_wrapper process_arguments(int /*argc*/, char ** /*argv*/);
64static void print_help(void);
62void print_usage(void); 65void print_usage(void);
63 66
64/* construct the appropriate apt-get cmdline */ 67/* construct the appropriate apt-get cmdline */
65char* construct_cmdline(upgrade_type u, const char *opts); 68static char *construct_cmdline(upgrade_type /*u*/, const char * /*opts*/);
66/* run an apt-get update */ 69/* run an apt-get update */
67int run_update(void); 70static int run_update(char * /*update_opts*/);
71
72typedef struct {
73 int errorcode;
74 int package_count;
75 int security_package_count;
76 char **packages_list;
77 char **secpackages_list;
78} run_upgrade_result;
79
68/* run an apt-get upgrade */ 80/* run an apt-get upgrade */
69int run_upgrade(int *pkgcount, int *secpkgcount, char ***pkglist, char ***secpkglist); 81run_upgrade_result run_upgrade(upgrade_type upgrade, const char *do_include, const char *do_exclude, const char *do_critical,
82 const char *upgrade_opts, const char *input_filename);
83
70/* add another clause to a regexp */ 84/* add another clause to a regexp */
71char* add_to_regexp(char *expr, const char *next); 85static char *add_to_regexp(char * /*expr*/, const char * /*next*/);
72/* extract package name from Inst line */ 86/* extract package name from Inst line */
73char* pkg_name(char *line); 87static char *pkg_name(char * /*line*/);
74/* string comparison function for qsort */ 88/* string comparison function for qsort */
75int cmpstringp(const void *p1, const void *p2); 89static int cmpstringp(const void * /*p1*/, const void * /*p2*/);
76 90
77/* configuration variables */ 91/* configuration variables */
78static int verbose = 0; /* -v */ 92static int verbose = 0; /* -v */
79static bool list = false; /* list packages available for upgrade */
80static bool do_update = false; /* whether to call apt-get update */
81static bool only_critical = false; /* whether to warn about non-critical updates */
82static upgrade_type upgrade = UPGRADE; /* which type of upgrade to do */
83static char *upgrade_opts = NULL; /* options to override defaults for upgrade */
84static char *update_opts = NULL; /* options to override defaults for update */
85static char *do_include = NULL; /* regexp to only include certain packages */
86static char *do_exclude = NULL; /* regexp to only exclude certain packages */
87static char *do_critical = NULL; /* regexp specifying critical packages */
88static char *input_filename = NULL; /* input filename for testing */
89/* number of packages available for upgrade to return WARNING status */
90static int packages_warning = 1;
91 93
92/* other global variables */ 94/* other global variables */
93static int stderr_warning = 0; /* if a cmd issued output on stderr */ 95static bool stderr_warning = false; /* if a cmd issued output on stderr */
94static int exec_warning = 0; /* if a cmd exited non-zero */ 96static bool exec_warning = false; /* if a cmd exited non-zero */
95
96int main (int argc, char **argv) {
97 int result=STATE_UNKNOWN, packages_available=0, sec_count=0;
98 char **packages_list=NULL, **secpackages_list=NULL;
99 97
98int main(int argc, char **argv) {
100 /* Parse extra opts if any */ 99 /* Parse extra opts if any */
101 argv=np_extra_opts(&argc, argv, progname); 100 argv = np_extra_opts(&argc, argv, progname);
102 101
103 if (process_arguments(argc, argv) == ERROR) 102 check_apt_config_wrapper tmp_config = process_arguments(argc, argv);
103
104 if (tmp_config.errorcode == ERROR) {
104 usage_va(_("Could not parse arguments")); 105 usage_va(_("Could not parse arguments"));
106 }
107
108 const check_apt_config config = tmp_config.config;
105 109
106 /* Set signal handling and alarm timeout */ 110 /* Set signal handling and alarm timeout */
107 if (signal (SIGALRM, timeout_alarm_handler) == SIG_ERR) { 111 if (signal(SIGALRM, timeout_alarm_handler) == SIG_ERR) {
108 usage_va(_("Cannot catch SIGALRM")); 112 usage_va(_("Cannot catch SIGALRM"));
109 } 113 }
110 114
111 /* handle timeouts gracefully... */ 115 /* handle timeouts gracefully... */
112 alarm (timeout_interval); 116 alarm(timeout_interval);
113 117
118 mp_state_enum result = STATE_UNKNOWN;
114 /* if they want to run apt-get update first... */ 119 /* if they want to run apt-get update first... */
115 if(do_update) result = run_update(); 120 if (config.do_update) {
121 result = run_update(config.update_opts);
122 }
116 123
117 /* apt-get upgrade */ 124 /* apt-get upgrade */
118 result = max_state(result, run_upgrade(&packages_available, &sec_count, &packages_list, &secpackages_list)); 125 run_upgrade_result upgrad_res =
126 run_upgrade(config.upgrade, config.do_include, config.do_exclude, config.do_critical, config.upgrade_opts, config.input_filename);
127
128 result = max_state(result, upgrad_res.errorcode);
129 int packages_available = upgrad_res.package_count;
130 int sec_count = upgrad_res.security_package_count;
131 char **packages_list = upgrad_res.packages_list;
132 char **secpackages_list = upgrad_res.secpackages_list;
119 133
120 if(sec_count > 0){ 134 if (sec_count > 0) {
121 result = max_state(result, STATE_CRITICAL); 135 result = max_state(result, STATE_CRITICAL);
122 } else if(packages_available >= packages_warning && only_critical == false){ 136 } else if (packages_available >= config.packages_warning && !config.only_critical) {
123 result = max_state(result, STATE_WARNING); 137 result = max_state(result, STATE_WARNING);
124 } else if(result > STATE_UNKNOWN){ 138 } else if (result > STATE_UNKNOWN) {
125 result = STATE_UNKNOWN; 139 result = STATE_UNKNOWN;
126 } 140 }
127 141
128 printf(_("APT %s: %d packages available for %s (%d critical updates). %s%s%s%s|available_upgrades=%d;;;0 critical_updates=%d;;;0\n"), 142 printf(_("APT %s: %d packages available for %s (%d critical updates). %s%s%s%s|available_upgrades=%d;;;0 critical_updates=%d;;;0\n"),
129 state_text(result), 143 state_text(result), packages_available, (config.upgrade == DIST_UPGRADE) ? "dist-upgrade" : "upgrade", sec_count,
130 packages_available, 144 (stderr_warning) ? " warnings detected" : "", (stderr_warning && exec_warning) ? "," : "",
131 (upgrade==DIST_UPGRADE)?"dist-upgrade":"upgrade", 145 (exec_warning) ? " errors detected" : "", (stderr_warning || exec_warning) ? "." : "", packages_available, sec_count);
132 sec_count, 146
133 (stderr_warning)?" warnings detected":"", 147 if (config.list) {
134 (stderr_warning && exec_warning)?",":"", 148 qsort(secpackages_list, sec_count, sizeof(char *), cmpstringp);
135 (exec_warning)?" errors detected":"", 149 qsort(packages_list, packages_available - sec_count, sizeof(char *), cmpstringp);
136 (stderr_warning||exec_warning)?".":"", 150
137 packages_available, 151 for (int i = 0; i < sec_count; i++) {
138 sec_count
139 );
140
141 if(list) {
142 qsort(secpackages_list, sec_count, sizeof(char*), cmpstringp);
143 qsort(packages_list, packages_available-sec_count, sizeof(char*), cmpstringp);
144
145 for(int i = 0; i < sec_count; i++)
146 printf("%s (security)\n", secpackages_list[i]); 152 printf("%s (security)\n", secpackages_list[i]);
153 }
147 154
148 if (only_critical == false) { 155 if (!config.only_critical) {
149 for(int i = 0; i < packages_available - sec_count; i++) 156 for (int i = 0; i < packages_available - sec_count; i++) {
150 printf("%s\n", packages_list[i]); 157 printf("%s\n", packages_list[i]);
158 }
151 } 159 }
152 } 160 }
153 161
@@ -155,34 +163,37 @@ int main (int argc, char **argv) {
155} 163}
156 164
157/* process command-line arguments */ 165/* process command-line arguments */
158int process_arguments (int argc, char **argv) { 166check_apt_config_wrapper process_arguments(int argc, char **argv) {
159 int c; 167 static struct option longopts[] = {{"version", no_argument, 0, 'V'},
160 168 {"help", no_argument, 0, 'h'},
161 static struct option longopts[] = { 169 {"verbose", no_argument, 0, 'v'},
162 {"version", no_argument, 0, 'V'}, 170 {"timeout", required_argument, 0, 't'},
163 {"help", no_argument, 0, 'h'}, 171 {"update", optional_argument, 0, 'u'},
164 {"verbose", no_argument, 0, 'v'}, 172 {"upgrade", optional_argument, 0, 'U'},
165 {"timeout", required_argument, 0, 't'}, 173 {"no-upgrade", no_argument, 0, 'n'},
166 {"update", optional_argument, 0, 'u'}, 174 {"dist-upgrade", optional_argument, 0, 'd'},
167 {"upgrade", optional_argument, 0, 'U'}, 175 {"list", no_argument, 0, 'l'},
168 {"no-upgrade", no_argument, 0, 'n'}, 176 {"include", required_argument, 0, 'i'},
169 {"dist-upgrade", optional_argument, 0, 'd'}, 177 {"exclude", required_argument, 0, 'e'},
170 {"list", no_argument, false, 'l'}, 178 {"critical", required_argument, 0, 'c'},
171 {"include", required_argument, 0, 'i'}, 179 {"only-critical", no_argument, 0, 'o'},
172 {"exclude", required_argument, 0, 'e'}, 180 {"input-file", required_argument, 0, INPUT_FILE_OPT},
173 {"critical", required_argument, 0, 'c'}, 181 {"packages-warning", required_argument, 0, 'w'},
174 {"only-critical", no_argument, 0, 'o'}, 182 {0, 0, 0, 0}};
175 {"input-file", required_argument, 0, INPUT_FILE_OPT}, 183
176 {"packages-warning", required_argument, 0, 'w'}, 184 check_apt_config_wrapper result = {
177 {0, 0, 0, 0} 185 .errorcode = OK,
186 .config = check_apt_config_init(),
178 }; 187 };
179 188
180 while(1) { 189 while (true) {
181 c = getopt_long(argc, argv, "hVvt:u::U::d::nli:e:c:ow:", longopts, NULL); 190 int option_char = getopt_long(argc, argv, "hVvt:u::U::d::nli:e:c:ow:", longopts, NULL);
182 191
183 if(c == -1 || c == EOF || c == 1) break; 192 if (option_char == -1 || option_char == EOF || option_char == 1) {
193 break;
194 }
184 195
185 switch(c) { 196 switch (option_char) {
186 case 'h': 197 case 'h':
187 print_help(); 198 print_help();
188 exit(STATE_UNKNOWN); 199 exit(STATE_UNKNOWN);
@@ -193,52 +204,58 @@ int process_arguments (int argc, char **argv) {
193 verbose++; 204 verbose++;
194 break; 205 break;
195 case 't': 206 case 't':
196 timeout_interval=atoi(optarg); 207 timeout_interval = atoi(optarg);
197 break; 208 break;
198 case 'd': 209 case 'd':
199 upgrade=DIST_UPGRADE; 210 result.config.upgrade = DIST_UPGRADE;
200 if(optarg!=NULL){ 211 if (optarg != NULL) {
201 upgrade_opts=strdup(optarg); 212 result.config.upgrade_opts = strdup(optarg);
202 if(upgrade_opts==NULL) die(STATE_UNKNOWN, "strdup failed"); 213 if (result.config.upgrade_opts == NULL) {
214 die(STATE_UNKNOWN, "strdup failed");
215 }
203 } 216 }
204 break; 217 break;
205 case 'U': 218 case 'U':
206 upgrade=UPGRADE; 219 result.config.upgrade = UPGRADE;
207 if(optarg!=NULL){ 220 if (optarg != NULL) {
208 upgrade_opts=strdup(optarg); 221 result.config.upgrade_opts = strdup(optarg);
209 if(upgrade_opts==NULL) die(STATE_UNKNOWN, "strdup failed"); 222 if (result.config.upgrade_opts == NULL) {
223 die(STATE_UNKNOWN, "strdup failed");
224 }
210 } 225 }
211 break; 226 break;
212 case 'n': 227 case 'n':
213 upgrade=NO_UPGRADE; 228 result.config.upgrade = NO_UPGRADE;
214 break; 229 break;
215 case 'u': 230 case 'u':
216 do_update=true; 231 result.config.do_update = true;
217 if(optarg!=NULL){ 232 if (optarg != NULL) {
218 update_opts=strdup(optarg); 233 result.config.update_opts = strdup(optarg);
219 if(update_opts==NULL) die(STATE_UNKNOWN, "strdup failed"); 234 if (result.config.update_opts == NULL) {
235 die(STATE_UNKNOWN, "strdup failed");
236 }
220 } 237 }
221 break; 238 break;
222 case 'l': 239 case 'l':
223 list=true; 240 result.config.list = true;
224 break; 241 break;
225 case 'i': 242 case 'i':
226 do_include=add_to_regexp(do_include, optarg); 243 result.config.do_include = add_to_regexp(result.config.do_include, optarg);
227 break; 244 break;
228 case 'e': 245 case 'e':
229 do_exclude=add_to_regexp(do_exclude, optarg); 246 result.config.do_exclude = add_to_regexp(result.config.do_exclude, optarg);
230 break; 247 break;
231 case 'c': 248 case 'c':
232 do_critical=add_to_regexp(do_critical, optarg); 249 result.config.do_critical = add_to_regexp(result.config.do_critical, optarg);
233 break; 250 break;
234 case 'o': 251 case 'o':
235 only_critical=true; 252 result.config.only_critical = true;
236 break; 253 break;
237 case INPUT_FILE_OPT: 254 case INPUT_FILE_OPT:
238 input_filename = optarg; 255 result.config.input_filename = optarg;
239 break; 256 break;
240 case 'w': 257 case 'w':
241 packages_warning = atoi(optarg); 258 result.config.packages_warning = atoi(optarg);
242 break; 259 break;
243 default: 260 default:
244 /* print short usage statement if args not parsable */ 261 /* print short usage statement if args not parsable */
@@ -246,71 +263,82 @@ int process_arguments (int argc, char **argv) {
246 } 263 }
247 } 264 }
248 265
249 return OK; 266 return result;
250} 267}
251 268
252
253/* run an apt-get upgrade */ 269/* run an apt-get upgrade */
254int run_upgrade(int *pkgcount, int *secpkgcount, char ***pkglist, char ***secpkglist){ 270run_upgrade_result run_upgrade(const upgrade_type upgrade, const char *do_include, const char *do_exclude, const char *do_critical,
255 int result=STATE_UNKNOWN, regres=0, pc=0, spc=0; 271 const char *upgrade_opts, const char *input_filename) {
256 struct output chld_out, chld_err; 272 regex_t ereg;
257 regex_t ireg, ereg, sreg;
258 char *cmdline=NULL, rerrbuf[64];
259
260 /* initialize ereg as it is possible it is printed while uninitialized */ 273 /* initialize ereg as it is possible it is printed while uninitialized */
261 memset(&ereg, '\0', sizeof(ereg.buffer)); 274 memset(&ereg, '\0', sizeof(ereg.buffer));
262 275
263 if(upgrade==NO_UPGRADE) return STATE_OK; 276 run_upgrade_result result = {
277 .errorcode = STATE_UNKNOWN,
278 };
279
280 if (upgrade == NO_UPGRADE) {
281 result.errorcode = STATE_OK;
282 return result;
283 }
264 284
285 int regres = 0;
286 regex_t ireg;
287 char rerrbuf[64];
265 /* compile the regexps */ 288 /* compile the regexps */
266 if (do_include != NULL) { 289 if (do_include != NULL) {
267 regres=regcomp(&ireg, do_include, REG_EXTENDED); 290 regres = regcomp(&ireg, do_include, REG_EXTENDED);
268 if (regres!=0) { 291 if (regres != 0) {
269 regerror(regres, &ireg, rerrbuf, 64); 292 regerror(regres, &ireg, rerrbuf, 64);
270 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf); 293 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
271 } 294 }
272 } 295 }
273 296
274 if(do_exclude!=NULL){ 297 if (do_exclude != NULL) {
275 regres=regcomp(&ereg, do_exclude, REG_EXTENDED); 298 regres = regcomp(&ereg, do_exclude, REG_EXTENDED);
276 if(regres!=0) { 299 if (regres != 0) {
277 regerror(regres, &ereg, rerrbuf, 64); 300 regerror(regres, &ereg, rerrbuf, 64);
278 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), 301 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
279 progname, rerrbuf);
280 } 302 }
281 } 303 }
282 304
305 regex_t sreg;
283 const char *crit_ptr = (do_critical != NULL) ? do_critical : SECURITY_RE; 306 const char *crit_ptr = (do_critical != NULL) ? do_critical : SECURITY_RE;
284 regres=regcomp(&sreg, crit_ptr, REG_EXTENDED); 307 regres = regcomp(&sreg, crit_ptr, REG_EXTENDED);
285 if(regres!=0) { 308 if (regres != 0) {
286 regerror(regres, &ereg, rerrbuf, 64); 309 regerror(regres, &ereg, rerrbuf, 64);
287 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), 310 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
288 progname, rerrbuf);
289 } 311 }
290 312
291 cmdline=construct_cmdline(upgrade, upgrade_opts); 313 struct output chld_out;
314 struct output chld_err;
315 char *cmdline = NULL;
316 cmdline = construct_cmdline(upgrade, upgrade_opts);
292 if (input_filename != NULL) { 317 if (input_filename != NULL) {
293 /* read input from a file for testing */ 318 /* read input from a file for testing */
294 result = cmd_file_read(input_filename, &chld_out, 0); 319 result.errorcode = cmd_file_read(input_filename, &chld_out, 0);
295 } else { 320 } else {
296 /* run the upgrade */ 321 /* run the upgrade */
297 result = np_runcmd(cmdline, &chld_out, &chld_err, 0); 322 result.errorcode = np_runcmd(cmdline, &chld_out, &chld_err, 0);
298 } 323 }
299 324
300 /* apt-get upgrade only changes exit status if there is an 325 /* apt-get upgrade only changes exit status if there is an
301 * internal error when run in dry-run mode. therefore we will 326 * internal error when run in dry-run mode. therefore we will
302 * treat such an error as UNKNOWN */ 327 * treat such an error as UNKNOWN */
303 if(result != 0){ 328 if (result.errorcode != STATE_OK) {
304 exec_warning=1; 329 exec_warning = 1;
305 result = STATE_UNKNOWN; 330 result.errorcode = STATE_UNKNOWN;
306 fprintf(stderr, _("'%s' exited with non-zero status.\n"), 331 fprintf(stderr, _("'%s' exited with non-zero status.\n"), cmdline);
307 cmdline);
308 } 332 }
309 333
310 *pkglist=malloc(sizeof(char *) * chld_out.lines); 334 char **pkglist = malloc(sizeof(char *) * chld_out.lines);
311 if(!pkglist) die(STATE_UNKNOWN, "malloc failed!\n"); 335 if (!pkglist) {
312 *secpkglist=malloc(sizeof(char *) * chld_out.lines); 336 die(STATE_UNKNOWN, "malloc failed!\n");
313 if(!secpkglist) die(STATE_UNKNOWN, "malloc failed!\n"); 337 }
338 char **secpkglist = malloc(sizeof(char *) * chld_out.lines);
339 if (!secpkglist) {
340 die(STATE_UNKNOWN, "malloc failed!\n");
341 }
314 342
315 /* parse the output, which should only consist of lines like 343 /* parse the output, which should only consist of lines like
316 * 344 *
@@ -321,82 +349,91 @@ int run_upgrade(int *pkgcount, int *secpkgcount, char ***pkglist, char ***secpkg
321 * we may need to switch to the --print-uris output format, 349 * we may need to switch to the --print-uris output format,
322 * in which case the logic here will slightly change. 350 * in which case the logic here will slightly change.
323 */ 351 */
324 for(size_t i = 0; i < chld_out.lines; i++) { 352 int package_counter = 0;
325 if(verbose){ 353 int security_package_counter = 0;
354 for (size_t i = 0; i < chld_out.lines; i++) {
355 if (verbose) {
326 printf("%s\n", chld_out.line[i]); 356 printf("%s\n", chld_out.line[i]);
327 } 357 }
328 /* if it is a package we care about */ 358 /* if it is a package we care about */
329 if (strncmp(PKGINST_PREFIX, chld_out.line[i], strlen(PKGINST_PREFIX)) == 0 && 359 if (strncmp(PKGINST_PREFIX, chld_out.line[i], strlen(PKGINST_PREFIX)) == 0 &&
330 (do_include == NULL || regexec(&ireg, chld_out.line[i], 0, NULL, 0) == 0)) { 360 (do_include == NULL || regexec(&ireg, chld_out.line[i], 0, NULL, 0) == 0)) {
331 /* if we're not excluding, or it's not in the 361 /* if we're not excluding, or it's not in the
332 * list of stuff to exclude */ 362 * list of stuff to exclude */
333 if(do_exclude==NULL || 363 if (do_exclude == NULL || regexec(&ereg, chld_out.line[i], 0, NULL, 0) != 0) {
334 regexec(&ereg, chld_out.line[i], 0, NULL, 0)!=0){ 364 package_counter++;
335 pc++; 365 if (regexec(&sreg, chld_out.line[i], 0, NULL, 0) == 0) {
336 if(regexec(&sreg, chld_out.line[i], 0, NULL, 0)==0){ 366 security_package_counter++;
337 spc++; 367 if (verbose) {
338 if(verbose) printf("*"); 368 printf("*");
339 (*secpkglist)[spc-1] = pkg_name(chld_out.line[i]); 369 }
370 (secpkglist)[security_package_counter - 1] = pkg_name(chld_out.line[i]);
340 } else { 371 } else {
341 (*pkglist)[pc-spc-1] = pkg_name(chld_out.line[i]); 372 (pkglist)[package_counter - security_package_counter - 1] = pkg_name(chld_out.line[i]);
342 } 373 }
343 if(verbose){ 374 if (verbose) {
344 printf("*%s\n", chld_out.line[i]); 375 printf("*%s\n", chld_out.line[i]);
345 } 376 }
346 } 377 }
347 } 378 }
348 } 379 }
349 *pkgcount=pc; 380 result.package_count = package_counter;
350 *secpkgcount=spc; 381 result.security_package_count = security_package_counter;
382 result.packages_list = pkglist;
383 result.secpackages_list = secpkglist;
351 384
352 /* If we get anything on stderr, at least set warning */ 385 /* If we get anything on stderr, at least set warning */
353 if (input_filename == NULL && chld_err.buflen) { 386 if (input_filename == NULL && chld_err.buflen) {
354 stderr_warning=1; 387 stderr_warning = true;
355 result = max_state(result, STATE_WARNING); 388 result.errorcode = max_state(result.errorcode, STATE_WARNING);
356 if(verbose){ 389 if (verbose) {
357 for(size_t i = 0; i < chld_err.lines; i++) { 390 for (size_t i = 0; i < chld_err.lines; i++) {
358 fprintf(stderr, "%s\n", chld_err.line[i]); 391 fprintf(stderr, "%s\n", chld_err.line[i]);
359 } 392 }
360 } 393 }
361 } 394 }
362 if (do_include != NULL) regfree(&ireg); 395 if (do_include != NULL) {
396 regfree(&ireg);
397 }
363 regfree(&sreg); 398 regfree(&sreg);
364 if(do_exclude!=NULL) regfree(&ereg); 399 if (do_exclude != NULL) {
400 regfree(&ereg);
401 }
365 free(cmdline); 402 free(cmdline);
366 return result; 403 return result;
367} 404}
368 405
369/* run an apt-get update (needs root) */ 406/* run an apt-get update (needs root) */
370int run_update(void){ 407int run_update(char *update_opts) {
371 int result=STATE_UNKNOWN; 408 int result = STATE_UNKNOWN;
372 struct output chld_out, chld_err;
373 char *cmdline; 409 char *cmdline;
374
375 /* run the update */ 410 /* run the update */
376 cmdline = construct_cmdline(NO_UPGRADE, update_opts); 411 cmdline = construct_cmdline(NO_UPGRADE, update_opts);
412
413 struct output chld_out;
414 struct output chld_err;
377 result = np_runcmd(cmdline, &chld_out, &chld_err, 0); 415 result = np_runcmd(cmdline, &chld_out, &chld_err, 0);
378 /* apt-get update changes exit status if it can't fetch packages. 416 /* apt-get update changes exit status if it can't fetch packages.
379 * since we were explicitly asked to do so, this is treated as 417 * since we were explicitly asked to do so, this is treated as
380 * a critical error. */ 418 * a critical error. */
381 if(result != 0){ 419 if (result != 0) {
382 exec_warning=1; 420 exec_warning = true;
383 result = STATE_CRITICAL; 421 result = STATE_CRITICAL;
384 fprintf(stderr, _("'%s' exited with non-zero status.\n"), 422 fprintf(stderr, _("'%s' exited with non-zero status.\n"), cmdline);
385 cmdline);
386 } 423 }
387 424
388 if(verbose){ 425 if (verbose) {
389 for(size_t i = 0; i < chld_out.lines; i++) { 426 for (size_t i = 0; i < chld_out.lines; i++) {
390 printf("%s\n", chld_out.line[i]); 427 printf("%s\n", chld_out.line[i]);
391 } 428 }
392 } 429 }
393 430
394 /* If we get anything on stderr, at least set warning */ 431 /* If we get anything on stderr, at least set warning */
395 if(chld_err.buflen){ 432 if (chld_err.buflen) {
396 stderr_warning=1; 433 stderr_warning = 1;
397 result = max_state(result, STATE_WARNING); 434 result = max_state(result, STATE_WARNING);
398 if(verbose){ 435 if (verbose) {
399 for(size_t i = 0; i < chld_err.lines; i++) { 436 for (size_t i = 0; i < chld_err.lines; i++) {
400 fprintf(stderr, "%s\n", chld_err.line[i]); 437 fprintf(stderr, "%s\n", chld_err.line[i]);
401 } 438 }
402 } 439 }
@@ -405,158 +442,168 @@ int run_update(void){
405 return result; 442 return result;
406} 443}
407 444
408char* pkg_name(char *line){ 445char *pkg_name(char *line) {
409 char *start=NULL, *space=NULL, *pkg=NULL; 446 char *start = line + strlen(PKGINST_PREFIX);
410 int len=0;
411 447
412 start = line + strlen(PKGINST_PREFIX); 448 size_t len = strlen(start);
413 len = strlen(start);
414 449
415 space = index(start, ' '); 450 char *space = index(start, ' ');
416 if(space!=NULL){ 451 if (space != NULL) {
417 len = space - start; 452 len = space - start;
418 } 453 }
419 454
420 pkg=malloc(sizeof(char)*(len+1)); 455 char *pkg = malloc(sizeof(char) * (len + 1));
421 if(!pkg) die(STATE_UNKNOWN, "malloc failed!\n"); 456 if (!pkg) {
457 die(STATE_UNKNOWN, "malloc failed!\n");
458 }
422 459
423 strncpy(pkg, start, len); 460 strncpy(pkg, start, len);
424 pkg[len]='\0'; 461 pkg[len] = '\0';
425 462
426 return pkg; 463 return pkg;
427} 464}
428 465
429int cmpstringp(const void *p1, const void *p2){ 466int cmpstringp(const void *left_string, const void *right_string) {
430 return strcmp(* (char * const *) p1, * (char * const *) p2); 467 return strcmp(*(char *const *)left_string, *(char *const *)right_string);
431} 468}
432 469
433char* add_to_regexp(char *expr, const char *next){ 470char *add_to_regexp(char *expr, const char *next) {
434 char *re=NULL; 471 char *regex_string = NULL;
435 472
436 if(expr==NULL){ 473 if (expr == NULL) {
437 re=malloc(sizeof(char)*(strlen("()")+strlen(next)+1)); 474 regex_string = malloc(sizeof(char) * (strlen("()") + strlen(next) + 1));
438 if(!re) die(STATE_UNKNOWN, "malloc failed!\n"); 475 if (!regex_string) {
439 sprintf(re, "(%s)", next); 476 die(STATE_UNKNOWN, "malloc failed!\n");
477 }
478 sprintf(regex_string, "(%s)", next);
440 } else { 479 } else {
441 /* resize it, adding an extra char for the new '|' separator */ 480 /* resize it, adding an extra char for the new '|' separator */
442 re=realloc(expr, sizeof(char)*(strlen(expr)+1+strlen(next)+1)); 481 regex_string = realloc(expr, sizeof(char) * (strlen(expr) + 1 + strlen(next) + 1));
443 if(!re) die(STATE_UNKNOWN, "realloc failed!\n"); 482 if (!regex_string) {
483 die(STATE_UNKNOWN, "realloc failed!\n");
484 }
444 /* append it starting at ')' in the old re */ 485 /* append it starting at ')' in the old re */
445 sprintf((char*)(re+strlen(re)-1), "|%s)", next); 486 sprintf((char *)(regex_string + strlen(regex_string) - 1), "|%s)", next);
446 } 487 }
447 488
448 return re; 489 return regex_string;
449} 490}
450 491
451char* construct_cmdline(upgrade_type u, const char *opts){ 492char *construct_cmdline(upgrade_type upgrade, const char *opts) {
452 int len=0; 493 const char *opts_ptr = NULL;
453 const char *opts_ptr=NULL, *aptcmd=NULL; 494 const char *aptcmd = NULL;
454 char *cmd=NULL;
455 495
456 switch(u){ 496 switch (upgrade) {
457 case UPGRADE: 497 case UPGRADE:
458 if(opts==NULL) opts_ptr=UPGRADE_DEFAULT_OPTS; 498 if (opts == NULL) {
459 else opts_ptr=opts; 499 opts_ptr = UPGRADE_DEFAULT_OPTS;
460 aptcmd="upgrade"; 500 } else {
501 opts_ptr = opts;
502 }
503 aptcmd = "upgrade";
461 break; 504 break;
462 case DIST_UPGRADE: 505 case DIST_UPGRADE:
463 if(opts==NULL) opts_ptr=UPGRADE_DEFAULT_OPTS; 506 if (opts == NULL) {
464 else opts_ptr=opts; 507 opts_ptr = UPGRADE_DEFAULT_OPTS;
465 aptcmd="dist-upgrade"; 508 } else {
509 opts_ptr = opts;
510 }
511 aptcmd = "dist-upgrade";
466 break; 512 break;
467 case NO_UPGRADE: 513 case NO_UPGRADE:
468 if(opts==NULL) opts_ptr=UPDATE_DEFAULT_OPTS; 514 if (opts == NULL) {
469 else opts_ptr=opts; 515 opts_ptr = UPDATE_DEFAULT_OPTS;
470 aptcmd="update"; 516 } else {
517 opts_ptr = opts;
518 }
519 aptcmd = "update";
471 break; 520 break;
472 } 521 }
473 522
474 len+=strlen(PATH_TO_APTGET)+1; /* "/usr/bin/apt-get " */ 523 int len = 0;
475 len+=strlen(opts_ptr)+1; /* "opts " */ 524 len += strlen(PATH_TO_APTGET) + 1; /* "/usr/bin/apt-get " */
476 len+=strlen(aptcmd)+1; /* "upgrade\0" */ 525 len += strlen(opts_ptr) + 1; /* "opts " */
526 len += strlen(aptcmd) + 1; /* "upgrade\0" */
477 527
478 cmd=(char*)malloc(sizeof(char)*len); 528 char *cmd = (char *)malloc(sizeof(char) * len);
479 if(cmd==NULL) die(STATE_UNKNOWN, "malloc failed"); 529 if (cmd == NULL) {
530 die(STATE_UNKNOWN, "malloc failed");
531 }
480 sprintf(cmd, "%s %s %s", PATH_TO_APTGET, opts_ptr, aptcmd); 532 sprintf(cmd, "%s %s %s", PATH_TO_APTGET, opts_ptr, aptcmd);
481 return cmd; 533 return cmd;
482} 534}
483 535
484/* informative help message */ 536/* informative help message */
485void 537void print_help(void) {
486print_help (void) 538 print_revision(progname, NP_VERSION);
487{ 539
488 print_revision(progname, NP_VERSION); 540 printf(_(COPYRIGHT), copyright, email);
489 541
490 printf(_(COPYRIGHT), copyright, email); 542 printf("%s\n", _("This plugin checks for software updates on systems that use"));
491 543 printf("%s\n", _("package management systems based on the apt-get(8) command"));
492 printf("%s\n", _("This plugin checks for software updates on systems that use")); 544 printf("%s\n", _("found in Debian GNU/Linux"));
493 printf("%s\n", _("package management systems based on the apt-get(8) command")); 545
494 printf("%s\n", _("found in Debian GNU/Linux")); 546 printf("\n\n");
495 547
496 printf ("\n\n"); 548 print_usage();
497 549
498 print_usage(); 550 printf(UT_HELP_VRSN);
499 551 printf(UT_EXTRA_OPTS);
500 printf(UT_HELP_VRSN); 552
501 printf(UT_EXTRA_OPTS); 553 printf(UT_PLUG_TIMEOUT, timeout_interval);
502 554
503 printf(UT_PLUG_TIMEOUT, timeout_interval); 555 printf(" %s\n", "-n, --no-upgrade");
504 556 printf(" %s\n", _("Do not run the upgrade. Probably not useful (without -u at least)."));
505 printf (" %s\n", "-n, --no-upgrade"); 557 printf(" %s\n", "-l, --list");
506 printf (" %s\n", _("Do not run the upgrade. Probably not useful (without -u at least).")); 558 printf(" %s\n", _("List packages available for upgrade. Packages are printed sorted by"));
507 printf (" %s\n", "-l, --list"); 559 printf(" %s\n", _("name with security packages listed first."));
508 printf (" %s\n", _("List packages available for upgrade. Packages are printed sorted by")); 560 printf(" %s\n", "-i, --include=REGEXP");
509 printf (" %s\n", _("name with security packages listed first.")); 561 printf(" %s\n", _("Include only packages matching REGEXP. Can be specified multiple times"));
510 printf (" %s\n", "-i, --include=REGEXP"); 562 printf(" %s\n", _("the values will be combined together. Any packages matching this list"));
511 printf (" %s\n", _("Include only packages matching REGEXP. Can be specified multiple times")); 563 printf(" %s\n", _("cause the plugin to return WARNING status. Others will be ignored."));
512 printf (" %s\n", _("the values will be combined together. Any packages matching this list")); 564 printf(" %s\n", _("Default is to include all packages."));
513 printf (" %s\n", _("cause the plugin to return WARNING status. Others will be ignored.")); 565 printf(" %s\n", "-e, --exclude=REGEXP");
514 printf (" %s\n", _("Default is to include all packages.")); 566 printf(" %s\n", _("Exclude packages matching REGEXP from the list of packages that would"));
515 printf (" %s\n", "-e, --exclude=REGEXP"); 567 printf(" %s\n", _("otherwise be included. Can be specified multiple times; the values"));
516 printf (" %s\n", _("Exclude packages matching REGEXP from the list of packages that would")); 568 printf(" %s\n", _("will be combined together. Default is to exclude no packages."));
517 printf (" %s\n", _("otherwise be included. Can be specified multiple times; the values")); 569 printf(" %s\n", "-c, --critical=REGEXP");
518 printf (" %s\n", _("will be combined together. Default is to exclude no packages.")); 570 printf(" %s\n", _("If the full package information of any of the upgradable packages match"));
519 printf (" %s\n", "-c, --critical=REGEXP"); 571 printf(" %s\n", _("this REGEXP, the plugin will return CRITICAL status. Can be specified"));
520 printf (" %s\n", _("If the full package information of any of the upgradable packages match")); 572 printf(" %s\n", _("multiple times like above. Default is a regexp matching security"));
521 printf (" %s\n", _("this REGEXP, the plugin will return CRITICAL status. Can be specified")); 573 printf(" %s\n", _("upgrades for Debian and Ubuntu:"));
522 printf (" %s\n", _("multiple times like above. Default is a regexp matching security")); 574 printf(" \t%s\n", SECURITY_RE);
523 printf (" %s\n", _("upgrades for Debian and Ubuntu:")); 575 printf(" %s\n", _("Note that the package must first match the include list before its"));
524 printf (" \t%s\n", SECURITY_RE); 576 printf(" %s\n", _("information is compared against the critical list."));
525 printf (" %s\n", _("Note that the package must first match the include list before its")); 577 printf(" %s\n", "-o, --only-critical");
526 printf (" %s\n", _("information is compared against the critical list.")); 578 printf(" %s\n", _("Only warn about upgrades matching the critical list. The total number"));
527 printf (" %s\n", "-o, --only-critical"); 579 printf(" %s\n", _("of upgrades will be printed, but any non-critical upgrades will not cause"));
528 printf (" %s\n", _("Only warn about upgrades matching the critical list. The total number")); 580 printf(" %s\n", _("the plugin to return WARNING status."));
529 printf (" %s\n", _("of upgrades will be printed, but any non-critical upgrades will not cause")); 581 printf(" %s\n", "-w, --packages-warning");
530 printf (" %s\n", _("the plugin to return WARNING status.")); 582 printf(" %s\n", _("Minimum number of packages available for upgrade to return WARNING status."));
531 printf (" %s\n", "-w, --packages-warning"); 583 printf(" %s\n\n", _("Default is 1 package."));
532 printf (" %s\n", _("Minimum number of packages available for upgrade to return WARNING status.")); 584
533 printf (" %s\n\n", _("Default is 1 package.")); 585 printf("%s\n\n", _("The following options require root privileges and should be used with care:"));
534 586 printf(" %s\n", "-u, --update=OPTS");
535 printf ("%s\n\n", _("The following options require root privileges and should be used with care:")); 587 printf(" %s\n", _("First perform an 'apt-get update'. An optional OPTS parameter overrides"));
536 printf (" %s\n", "-u, --update=OPTS"); 588 printf(" %s\n", _("the default options. Note: you may also need to adjust the global"));
537 printf (" %s\n", _("First perform an 'apt-get update'. An optional OPTS parameter overrides")); 589 printf(" %s\n", _("timeout (with -t) to prevent the plugin from timing out if apt-get"));
538 printf (" %s\n", _("the default options. Note: you may also need to adjust the global")); 590 printf(" %s\n", _("upgrade is expected to take longer than the default timeout."));
539 printf (" %s\n", _("timeout (with -t) to prevent the plugin from timing out if apt-get")); 591 printf(" %s\n", "-U, --upgrade=OPTS");
540 printf (" %s\n", _("upgrade is expected to take longer than the default timeout.")); 592 printf(" %s\n", _("Perform an upgrade. If an optional OPTS argument is provided,"));
541 printf (" %s\n", "-U, --upgrade=OPTS"); 593 printf(" %s\n", _("apt-get will be run with these command line options instead of the"));
542 printf (" %s\n", _("Perform an upgrade. If an optional OPTS argument is provided,")); 594 printf(" %s", _("default "));
543 printf (" %s\n", _("apt-get will be run with these command line options instead of the")); 595 printf("(%s).\n", UPGRADE_DEFAULT_OPTS);
544 printf (" %s", _("default ")); 596 printf(" %s\n", _("Note that you may be required to have root privileges if you do not use"));
545 printf ("(%s).\n", UPGRADE_DEFAULT_OPTS); 597 printf(" %s\n", _("the default options, which will only run a simulation and NOT perform the upgrade"));
546 printf (" %s\n", _("Note that you may be required to have root privileges if you do not use")); 598 printf(" %s\n", "-d, --dist-upgrade=OPTS");
547 printf (" %s\n", _("the default options, which will only run a simulation and NOT perform the upgrade")); 599 printf(" %s\n", _("Perform a dist-upgrade instead of normal upgrade. Like with -U OPTS"));
548 printf (" %s\n", "-d, --dist-upgrade=OPTS"); 600 printf(" %s\n", _("can be provided to override the default options."));
549 printf (" %s\n", _("Perform a dist-upgrade instead of normal upgrade. Like with -U OPTS")); 601
550 printf (" %s\n", _("can be provided to override the default options.")); 602 printf(UT_SUPPORT);
551
552 printf(UT_SUPPORT);
553} 603}
554 604
555
556/* simple usage heading */ 605/* simple usage heading */
557void 606void print_usage(void) {
558print_usage(void) 607 printf("%s\n", _("Usage:"));
559{ 608 printf("%s [[-d|-u|-U]opts] [-n] [-l] [-t timeout] [-w packages-warning]\n", progname);
560 printf ("%s\n", _("Usage:"));
561 printf ("%s [[-d|-u|-U]opts] [-n] [-l] [-t timeout] [-w packages-warning]\n", progname);
562} 609}