/usr/lib/nagios/plugins/check_archostcert is in nordugrid-arc-nagios-plugins 1.9.1-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 | #! /usr/bin/python
import getopt, ldap, sys
from datetime import datetime, timedelta
def show_timedelta(dt):
if dt.days:
return '%s days'%dt.days
if dt.seconds >= 2*3600:
return '%s h'%(dt.seconds / 3600)
if dt.seconds >= 2*60:
return '%s min'%(dt.seconds / 60)
return '%s s'%dt.seconds
_usage = """
Usage: check_archostcert -H HOST [OPTIONS]
Options:
-H HOST The host name or IP number to probe.
-p PORT The port number of the infosystem, defaults to 2135.
-c T Report critical when the lifetime left is less than T days.
-w T Report warning when the lifetime left is less than T days.
-t T Time out after T seconds.
\n"""
try:
host = None
port = 2135
timeout = 30
crit_days = 7
warn_days = 31
grace_days = 2
opts, args = getopt.gnu_getopt(sys.argv, 'H:c:w:t:p:', ['help'])
for opt, arg in opts:
if opt == '--help':
sys.stdout.write(_usage)
sys.exit(0)
elif opt == '-H':
host = arg
elif opt == '-c':
crit_days = int(arg)
elif opt == '-w':
warn_days = int(arg)
elif opt == '-t':
timeout = int(arg)
elif opt == '-p':
port = int(arg)
if host is None:
raise getopt.GetoptError('The -H option is required.')
except getopt.GetoptError, xc:
sys.stderr.write('%s\n' % xc)
sys.exit(64)
try:
lconn = ldap.initialize('ldap://%s:%d'%(host, port))
entries = lconn.search_st('mds-vo-name=local,o=grid', ldap.SCOPE_SUBTREE,
'(&(objectClass=nordugrid-cluster)'
'(nordugrid-cluster-credentialexpirationtime=*))',
attrlist = ['nordugrid-cluster-credentialexpirationtime'],
timeout = timeout)
dt_min = None
for dn, entry in entries:
xt_str = entry['nordugrid-cluster-credentialexpirationtime'][0]
yr, mo, da = int(xt_str[0:4]), int(xt_str[4:6]), int(xt_str[6:8])
ho, mi, se = int(xt_str[8:10]), int(xt_str[10:12]), int(xt_str[12:14])
dt = datetime(yr, mo, da, ho, mi, se) - datetime.now()
if dt_min is None or dt < dt_min:
dt_min = dt
if dt_min is None:
print 'No expiration time published in infosystem.'
sys.exit(1)
elif dt_min <= timedelta(0):
print 'Host certificate expired %s ago.' % show_timedelta(-dt_min)
sys.exit(2)
elif dt_min <= timedelta(crit_days):
print 'Resource will be unusable in %s since certificate expires in %s.' \
% (show_timedelta(dt_min - grace_time), show_timedelta(dt_min))
sys.exit(2)
elif dt_min <= timedelta(warn_days):
print 'Host certificate will expire in %s.' % show_timedelta(dt_min)
sys.exit(1)
else:
print 'Host certificate valid (%s left).' % show_timedelta(dt_min)
sys.exit(0)
except (ldap.TIMEOUT, ldap.SERVER_DOWN):
print 'Cannot contact infosystem.'
sys.exit(3)
except SystemExit, xc: # In old Python versions SystemExit inherits Exception.
raise xc
except Exception, xc:
print 'Probe received exception: %r'%xc
sys.exit(3)
|