From 2e8d440e73ac2b1875db5ecaf6df510fdcf6eb7a Mon Sep 17 00:00:00 2001
From: Jan Wagner <waja@cyconet.org>
Date: Tue, 1 Oct 2013 00:47:08 +0200
Subject: check_mysql: ignore authentication failure

This patch allows checking if MySQL server is running without providing valid
username and password. Similar to check_ssh plugin it returns MySQL server
version string and protocol number.

Example:
check_mysql -n -H aaa.bbb.ccc.ddd
MySQL OK - Version: 5.0.51a-24+lenny5 (protocol 10)

This is useful for monitoring servers where one does not have administrator
privileges or does not want to grant any privileges for the monitoring station.

To enable this functionality new option --ignore-auth (-n) is added to
check_mysql plugin.

Thanks to Julius Kriukas

Closes #1020
Closes #1178

diff --git a/THANKS.in b/THANKS.in
index 6738ae7..b732e78 100644
--- a/THANKS.in
+++ b/THANKS.in
@@ -325,3 +325,4 @@ Andy Brist
 Mikael Falkvidd
 Patric Wust
 Neil Prockter
+Julius Kriukas
diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c
index 4f09e5f..216626b 100644
--- a/plugins/check_mysql.c
+++ b/plugins/check_mysql.c
@@ -42,6 +42,7 @@ const char *email = "devel@monitoring-plugins.org";
 #include "netutils.h"
 
 #include <mysql.h>
+#include <mysqld_error.h>
 #include <errmsg.h>
 
 char *db_user = NULL;
@@ -59,6 +60,7 @@ char *opt_file = NULL;
 char *opt_group = NULL;
 unsigned int db_port = MYSQL_PORT;
 int check_slave = 0, warn_sec = 0, crit_sec = 0;
+int ignore_auth = 0;
 int verbose = 0;
 
 static double warning_time = 0;
@@ -136,7 +138,16 @@ main (int argc, char **argv)
 		mysql_ssl_set(&mysql,key,cert,ca_cert,ca_dir,ciphers);
 	/* establish a connection to the server and error checking */
 	if (!mysql_real_connect(&mysql,db_host,db_user,db_pass,db,db_port,db_socket,0)) {
-		if (mysql_errno (&mysql) == CR_UNKNOWN_HOST)
+		if (ignore_auth && mysql_errno (&mysql) == ER_ACCESS_DENIED_ERROR)
+		{
+			printf("MySQL OK - Version: %s (protocol %d)\n",
+				mysql_get_server_info(&mysql),
+				mysql_get_proto_info(&mysql)
+			);
+			mysql_close (&mysql);
+			return STATE_OK;
+		}
+		else if (mysql_errno (&mysql) == CR_UNKNOWN_HOST)
 			die (STATE_WARNING, "%s\n", mysql_error (&mysql));
 		else if (mysql_errno (&mysql) == CR_VERSION_ERROR)
 			die (STATE_WARNING, "%s\n", mysql_error (&mysql));
@@ -341,6 +352,7 @@ process_arguments (int argc, char **argv)
 		{"critical", required_argument, 0, 'c'},
 		{"warning", required_argument, 0, 'w'},
 		{"check-slave", no_argument, 0, 'S'},
+		{"ignore-auth", no_argument, 0, 'n'},
 		{"verbose", no_argument, 0, 'v'},
 		{"version", no_argument, 0, 'V'},
 		{"help", no_argument, 0, 'h'},
@@ -357,7 +369,7 @@ process_arguments (int argc, char **argv)
 		return ERROR;
 
 	while (1) {
-		c = getopt_long (argc, argv, "hlvVSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option);
+		c = getopt_long (argc, argv, "hlvVnSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option);
 
 		if (c == -1 || c == EOF)
 			break;
@@ -419,6 +431,9 @@ process_arguments (int argc, char **argv)
 		case 'S':
 			check_slave = 1;							/* check-slave */
 			break;
+		case 'n':
+			ignore_auth = 1;							/* ignore-auth */
+			break;
 		case 'w':
 			warning = optarg;
 			warning_time = strtod (warning, NULL);
@@ -506,6 +521,9 @@ print_help (void)
 	printf (UT_EXTRA_OPTS);
 
   printf (UT_HOST_PORT, 'P', myport);
+  printf (" %s\n", "-n, --ignore-auth");
+  printf ("    %s\n", _("Ignore authentication failure and check for mysql connectivity only"));
+
   printf (" %s\n", "-s, --socket=STRING");
   printf ("    %s\n", _("Use the specified socket (has no effect if -H is used)"));
 
-- 
cgit v0.10-9-g596f