diff options
-rw-r--r-- | plugins/check_apt.c | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/plugins/check_apt.c b/plugins/check_apt.c index 3fdee5d3..db328a06 100644 --- a/plugins/check_apt.c +++ b/plugins/check_apt.c @@ -38,6 +38,8 @@ const char *email = "nagiosplug-devel@lists.sourceforge.net"; #define APTGET_DISTUPGRADE "/usr/bin/apt-get -o 'Debug::NoLocking=true' -s -qq dist-upgrade" #define APTGET_UPDATE "/usr/bin/apt-get -q update" +#define SECURITY_RE "^[^\\(]*\\([^ ]* (Debian-Security:|Ubuntu:[^/]*/[^-]*-security)" + /* some standard functions */ int process_arguments(int, char **); void print_help(void); @@ -46,7 +48,7 @@ void print_usage(void); /* run an apt-get update */ int run_update(void); /* run an apt-get upgrade */ -int run_upgrade(int *pkgcount); +int run_upgrade(int *pkgcount, int *secpkgcount); /* add another clause to a regexp */ char* add_to_regexp(char *expr, const char *next); @@ -62,7 +64,7 @@ static int stderr_warning = 0; /* if a cmd issued output on stderr */ static int exec_warning = 0; /* if a cmd exited non-zero */ int main (int argc, char **argv) { - int result=STATE_UNKNOWN, packages_available=0; + int result=STATE_UNKNOWN, packages_available=0, sec_count=0; if (process_arguments(argc, argv) == ERROR) usage_va(_("Could not parse arguments")); @@ -79,18 +81,21 @@ int main (int argc, char **argv) { if(do_update) result = run_update(); /* apt-get upgrade */ - result = max_state(result, run_upgrade(&packages_available)); + result = max_state(result, run_upgrade(&packages_available, &sec_count)); - if(packages_available > 0){ + if(sec_count > 0){ + result = max_state(result, STATE_CRITICAL); + } else if(packages_available > 0){ result = max_state(result, STATE_WARNING); } else { result = max_state(result, STATE_OK); } - printf("APT %s: %d packages available for %s.%s%s%s%s\n", + printf("APT %s: %d packages available for %s (%d critical updates). %s%s%s%s\n", state_text(result), packages_available, (dist_upgrade)?"dist-upgrade":"upgrade", + sec_count, (stderr_warning)?" warnings detected":"", (stderr_warning && exec_warning)?",":"", (exec_warning)?" errors detected":"", @@ -193,10 +198,10 @@ void print_usage(void){ } /* run an apt-get upgrade */ -int run_upgrade(int *pkgcount){ - int i=0, result=STATE_UNKNOWN, regres=0, pc=0; +int run_upgrade(int *pkgcount, int *secpkgcount){ + int i=0, result=STATE_UNKNOWN, regres=0, pc=0, spc=0; struct output chld_out, chld_err; - regex_t ireg, ereg; + regex_t ireg, ereg, sreg; char rerrbuf[64]; const char *default_include_expr="^Inst"; @@ -224,6 +229,13 @@ int run_upgrade(int *pkgcount){ progname, rerrbuf); } } + regres=regcomp(&sreg, SECURITY_RE, REG_EXTENDED); + if(regres!=0) { + regerror(regres, &ereg, rerrbuf, 64); + die(STATE_UNKNOWN, "%s: Error compiling regexp: %s", + progname, rerrbuf); + } + /* run the upgrade */ @@ -262,6 +274,9 @@ int run_upgrade(int *pkgcount){ if(do_exclude==NULL || regexec(&ereg, chld_out.line[i], 0, NULL, 0)!=0){ pc++; + if(regexec(&sreg, chld_out.line[i], 0, NULL, 0)==0){ + spc++; + } if(verbose){ printf("*%s\n", chld_out.line[i]); } @@ -269,6 +284,7 @@ int run_upgrade(int *pkgcount){ } } *pkgcount=pc; + *secpkgcount=spc; /* If we get anything on stderr, at least set warning */ if(chld_err.buflen){ |