check_mysql: ignore authentication failure

This patch allows checking if MySQL server is running without providing valid
username and password. Similar to check_ssh plugin it returns MySQL server
version string and protocol number.

Example:
check_mysql -n -H aaa.bbb.ccc.ddd
MySQL OK - Version: 5.0.51a-24+lenny5 (protocol 10)

This is useful for monitoring servers where one does not have administrator
privileges or does not want to grant any privileges for the monitoring station.

To enable this functionality new option --ignore-auth (-n) is added to
check_mysql plugin.

Thanks to Julius Kriukas

Closes #1020
Closes #1178

2 files changed, 21 insertions, 2 deletions

diff --git a/THANKS.in b/THANKS.in
index 6738ae7f..b732e787 100644
--- a/THANKS.in
+++ b/THANKS.in
@@ -325,3 +325,4 @@ Andy Brist
 Mikael Falkvidd
 Patric Wust
 Neil Prockter
+Julius Kriukas
diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c
index 4f09e5f8..216626bc 100644
--- a/plugins/check_mysql.c
+++ b/plugins/check_mysql.c
@@ -42,6 +42,7 @@ const char *email = "devel@monitoring-plugins.org";
 #include "netutils.h"
 
 #include <mysql.h>
+#include <mysqld_error.h>
 #include <errmsg.h>
 
 char *db_user = NULL;
@@ -59,6 +60,7 @@ char *opt_file = NULL;
 char *opt_group = NULL;
 unsigned int db_port = MYSQL_PORT;
 int check_slave = 0, warn_sec = 0, crit_sec = 0;
+int ignore_auth = 0;
 int verbose = 0;
 
 static double warning_time = 0;
@@ -136,7 +138,16 @@ main (int argc, char **argv)
 		mysql_ssl_set(&mysql,key,cert,ca_cert,ca_dir,ciphers);
 	/* establish a connection to the server and error checking */
 	if (!mysql_real_connect(&mysql,db_host,db_user,db_pass,db,db_port,db_socket,0)) {
-		if (mysql_errno (&mysql) == CR_UNKNOWN_HOST)
+		if (ignore_auth && mysql_errno (&mysql) == ER_ACCESS_DENIED_ERROR)
+		{
+			printf("MySQL OK - Version: %s (protocol %d)\n",
+				mysql_get_server_info(&mysql),
+				mysql_get_proto_info(&mysql)
+			);
+			mysql_close (&mysql);
+			return STATE_OK;
+		}
+		else if (mysql_errno (&mysql) == CR_UNKNOWN_HOST)
 			die (STATE_WARNING, "%s\n", mysql_error (&mysql));
 		else if (mysql_errno (&mysql) == CR_VERSION_ERROR)
 			die (STATE_WARNING, "%s\n", mysql_error (&mysql));
@@ -341,6 +352,7 @@ process_arguments (int argc, char **argv)
 		{"critical", required_argument, 0, 'c'},
 		{"warning", required_argument, 0, 'w'},
 		{"check-slave", no_argument, 0, 'S'},
+		{"ignore-auth", no_argument, 0, 'n'},
 		{"verbose", no_argument, 0, 'v'},
 		{"version", no_argument, 0, 'V'},
 		{"help", no_argument, 0, 'h'},
@@ -357,7 +369,7 @@ process_arguments (int argc, char **argv)
 		return ERROR;
 
 	while (1) {
-		c = getopt_long (argc, argv, "hlvVSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option);
+		c = getopt_long (argc, argv, "hlvVnSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option);
 
 		if (c == -1 || c == EOF)
 			break;
@@ -419,6 +431,9 @@ process_arguments (int argc, char **argv)
 		case 'S':
 			check_slave = 1;							/* check-slave */
 			break;
+		case 'n':
+			ignore_auth = 1;							/* ignore-auth */
+			break;
 		case 'w':
 			warning = optarg;
 			warning_time = strtod (warning, NULL);
@@ -506,6 +521,9 @@ print_help (void)
 	printf (UT_EXTRA_OPTS);
 
   printf (UT_HOST_PORT, 'P', myport);
+  printf (" %s\n", "-n, --ignore-auth");
+  printf ("    %s\n", _("Ignore authentication failure and check for mysql connectivity only"));
+
   printf (" %s\n", "-s, --socket=STRING");
   printf ("    %s\n", _("Use the specified socket (has no effect if -H is used)"));