From 572307df1b3282f8e940647667e0426038285f81 Mon Sep 17 00:00:00 2001 From: opensides Date: Thu, 1 Nov 2007 21:40:29 +0000 Subject: [PATCH] Completely rewrote the goNagios.pl and added config file git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@7702 594d385d-05f5-0310-b6e9-bd551577e9d8 --- contrib/scripts/goNagios.pl | 264 ++++++++++++-------------- contrib/scripts/ldap2nagios.conf | 65 +++++++ contrib/scripts/ldap2nagios_bind.conf | 6 + doc/README.nagios | 8 +- 4 files changed, 201 insertions(+), 142 deletions(-) create mode 100644 contrib/scripts/ldap2nagios.conf create mode 100644 contrib/scripts/ldap2nagios_bind.conf diff --git a/contrib/scripts/goNagios.pl b/contrib/scripts/goNagios.pl index 754681dbc..dc946c251 100755 --- a/contrib/scripts/goNagios.pl +++ b/contrib/scripts/goNagios.pl @@ -3,6 +3,7 @@ # Copyright (C) 2005 Guillaume Delecourt # Copyright (C) 2005 Vincent Senave +# Copyright (C) 2007 Benoit Mortier # # # This program is free software; you can redistribute it and/or modify @@ -22,27 +23,15 @@ # use Net::LDAP; -use Getopt::Std; -use Net::LDAP::Schema; -use Net::LDAP::LDIF; -use Data::Dumper; use MIME::Lite; use Sys::Syslog; -use Switch; +use Switch; use strict; -# Variables a config +# Default config variables -my $admindef="admin"; - -my $cgi_file="cgi.cfg"; -my $contacts_file="contacts.cfg"; -my $contacts_groups_file="contactgroups.cfg"; - -my $TS_FILE='/tmp/gosa_timestamp'; -my %Options; my $nb_user=0; -my $nb_groupe=0; +my $nb_group=0; my ($i,$file,$ldap,@nagiosmail, $line,$text,$mesg,$entry,$userlist1,$userlist2,$userlist3,$userlist4, @@ -52,163 +41,140 @@ my ($i,$file,$ldap,@nagiosmail, $usercontact,$members,@contactname,@nagiosalias,$j,@entries ); -# Les parametres de connexion proviennent du fichier smbldap-bind.conf -my $gosa_bind_conf="/etc/gosa_bind.conf"; -my $gosa_ldap_conf="/etc/gosaldap.conf"; +my $error_open = "Problem opening file "; + +# Where are the config stored +my $gosa_bind_conf="ldap2nagios_bind.conf"; +my $gosa_ldap_conf="ldap2nagios.conf"; + +# Read the config files my %config_bind = &read_conf($gosa_bind_conf); my %config = &read_conf($gosa_ldap_conf); +# Parameters in ldap2nagios.conf my $peopleou=$config{peopleou}; my $groupeou=$config{groupeou}; my $base=$config{base}; my $scope=$config{scope};# par defaut my $server=$config{server}; - +my $logs=$config{logs}; +my $logfile=$config{logfile}; +my $email=$config{email}; +my $email_from=$config{email_from}; +my $nagiosadmin=$config{nagiosadmin}; +my $cgi_file=$config{cgi_file}; +my $contacts_file=$config{contacts_file}; +my $contacts_groups_file=$config{contacts_groups_file}; + +# Parameters in ldap2nagios_bind.conf my $admin=$config_bind{masterDN}; my $password=$config_bind{masterPw}; - $stdout.="\n\nSearch new Nagios attribute in user list\n"; - $stdout.="-"x55;$stdout.="\n"; - #my $ts = getTS; - -# $ldap = &anonBind; -# $mesg = $ldap->search( -# base => $LDAP_BASE, -# filter => "(&(modifyTimestamp>=$ts)(!(objectClass=gosaUserTemplate)))" -# ); - - # Put timestamp to file - #putTS; - - # Work if changes is present - #if($mesg->count > 0) - #{ - #$stdout.="Processing records modified after $ts\n\n"; $ldap = Net::LDAP->new($server); $mesg = $ldap->bind($admin,password=>$password) or syslog('error',$mesg->err) && print $mesg->code && die $mesg->error; - - - #Partie pour l'objectClass NAgios Contact + #Searching the objectClass nagiosContact $mesg = $ldap->search(filter=>"(&(objectClass~=nagiosContact))", base=>$peopleou,scope=>$scope); @entries = $mesg->entries; $i=0; foreach $entry (@entries) { - $stdout.="\nContact $i : \nName\t\t\t";$contactname[$i]=$entry->get_value('uid');$stdout.=$contactname[$i]; - $stdout.="\n\n\tmail:\t\t\t\t";$nagiosmail[$i]=$entry->get_value('NagiosMail');$stdout.=$nagiosmail[$i]; - $stdout.="\n\talias:\t\t\t\t";$nagiosalias[$i]=$entry->get_value('NagiosAlias');$stdout.=$nagiosalias[$i]; - $stdout.="\n\tHostNotificationPeriod:\t\t";$hostnotificationperiod[$i]=$entry->get_value('HostNotificationPeriod');$stdout.=$hostnotificationperiod[$i]; - $stdout.="\n\tServiceNotificationPeriod:\t";$servicenotificationperiod[$i]=$entry->get_value('ServiceNotificationPeriod');$stdout.=$servicenotificationperiod[$i]; - $stdout.="\n\tHostNotificationOptions:\t";$hostnotificationoptions[$i]=$entry->get_value('HostNotificationOptions');$stdout.=$hostnotificationoptions[$i]; - $stdout.="\n\tServiceNotificationOptions:\t";$servicenotificationoptions[$i]=$entry->get_value('ServiceNotificationOptions');$stdout.=$servicenotificationoptions[$i]; - $stdout.="\n"." "x15;$stdout.="-"x20;$stdout.=" "x 15; - $usercontact.=$entry->get_value('uid')." ,"; - $i++; + $contactname[$i]=$entry->get_value('uid'); + $nagiosmail[$i]=$entry->get_value('NagiosMail'); + $nagiosalias[$i]=$entry->get_value('NagiosAlias'); + $hostnotificationperiod[$i]=$entry->get_value('HostNotificationPeriod'); + $servicenotificationperiod[$i]=$entry->get_value('ServiceNotificationPeriod'); + $hostnotificationoptions[$i]=$entry->get_value('HostNotificationOptions'); + $servicenotificationoptions[$i]=$entry->get_value('ServiceNotificationOptions'); + $usercontact.=$entry->get_value('uid').","; + + $i++; } $nb_user=$i; - - #Partie pour l'objectClass NAgios Group + #Searching the objectClass nagiosContactGroup $mesg = $ldap->search(filter=>"(&(objectClass~=nagiosContactGroup))", base=>$groupeou,scope=>$scope); @entries = $mesg->entries; $i=0; foreach $entry (@entries) { - $stdout.="\nGroupe $i : \nName\t\t";$groupname[$i]=$entry->get_value('cn');$stdout.=$groupname[$i]; - $stdout.="\n\n\talias:\t\t";$groupdescription[$i]=$entry->get_value('description');$stdout.=$groupdescription[$i]; - $stdout.="\n\tmembers:\t"; - $j=0; - foreach $members($entry->get_value('memberUid')) - { - $stdout.=$members." "; - $groupmembers[$i][$j]=$members; - $j++; - } - $stdout.="\n"." "x15;$stdout.="-"x20;$stdout.=" "x 15; - $i++; - } - $nb_groupe=$i; + $groupname[$i]=$entry->get_value('cn'); - $userlist1.=$admindef; + $groupdescription[$i]=$entry->get_value('description'); - #Partie pour l'objectClass NagiosAuth - $stdout.="\n\n\n\n\nAuthorization for the different Information in Nagios\n"."-" x 53;$stdout.="\n"; + if(!$groupdescription[$i]){$groupdescription[$i]=$groupname[$i]}; + + $j=0; + + foreach $members($entry->get_value('memberUid')) { + $groupmembers[$i][$j]=$members; + $j++; + } + $i++; + } + $nb_group=$i; + + #Searching for the objectClass nagiosAuth $mesg = $ldap->search(filter=>"(&(objectClass~=nagiosAuth)(AuthorizedSystemInformation~=checked))", base=>$peopleou,scope=>$scope); @entries = $mesg->entries; - $stdout.="\nSystem infos :\t\t"; foreach $entry (@entries) { - $stdout.= $entry->get_value('uid')."\t"; - $userlist1.=$entry->get_value('uid')." ,"; + $userlist1.=$entry->get_value('uid').","; } - $userlist1.=$admindef; + $userlist1.=$nagiosadmin."\n\r"; $mesg = $ldap->search(filter=>"(&(objectClass~=nagiosAuth)(AuthorizedConfigurationInformation~=checked))", base=>$peopleou,scope=>$scope); @entries = $mesg->entries; - $stdout.="\nConfiguration infos :\t"; foreach $entry (@entries) { - $stdout.= $entry->get_value('uid')."\t"; - $userlist2.=$entry->get_value('uid')." , "; + $userlist2.=$entry->get_value('uid').","; } - $userlist2.=$admindef; + $userlist2.=$nagiosadmin."\n\r"; $mesg = $ldap->search(filter=>"(&(objectClass~=nagiosAuth)(AuthorizedSystemCommands~=checked))", base=>$peopleou,scope=>$scope); @entries = $mesg->entries; - $stdout.="\nSystem commands : \t"; foreach $entry (@entries) { - $stdout.= $entry->get_value('uid')."\t"; - $userlist3.=$entry->get_value('uid')." , "; + $userlist3.=$entry->get_value('uid').","; } - $userlist3.=$admindef; + $userlist3.=$nagiosadmin."\n\r"; $mesg = $ldap->search(filter=>"(&(objectClass~=nagiosAuth)(AuthorizedAllServices~=checked))", base=>$peopleou,scope=>$scope); @entries = $mesg->entries; - $stdout.="\nAll services :\t\t"; foreach $entry (@entries) { - $stdout.= $entry->get_value('uid')."\t"; - $userlist4.=$entry->get_value('uid')." ,"; + $userlist4.=$entry->get_value('uid').","; } - $userlist4.=$admindef; + $userlist4.=$nagiosadmin."\n\r"; $mesg = $ldap->search(filter=>"(&(objectClass~=nagiosAuth)(AuthorizedAllHosts~=checked))", base=>$peopleou,scope=>$scope); @entries = $mesg->entries; - $stdout.="\nAll hosts :\t\t"; foreach $entry (@entries) { - $stdout.= $entry->get_value('uid')."\t"; $userlist5.=$entry->get_value('uid').","; } - $userlist5.=$admindef; + $userlist5.=$nagiosadmin."\n\r"; $mesg = $ldap->search(filter=>"(&(objectClass~=nagiosAuth)(AuthorizedAllServiceCommands~=checked))", base=>$peopleou,scope=>$scope); @entries = $mesg->entries; - $stdout.="\nAll services commands :\t"; foreach $entry (@entries) { - $stdout.= $entry->get_value('uid')."\t"; $userlist6.=$entry->get_value('uid').","; } - $userlist6.=$admindef; + $userlist6.=$nagiosadmin."\n\r"; $mesg = $ldap->search(filter=>"(&(objectClass~=nagiosAuth)(AuthorizedAllHostCommands~=checked))",base=>$peopleou,scope=>$scope); @entries = $mesg->entries; - $stdout.="\nAll host commands :\t"; foreach $entry (@entries) { - $stdout.= $entry->get_value('uid')."\t"; $userlist7.=$entry->get_value('uid').","; } - $userlist7.=$admindef; - + $userlist7.=$nagiosadmin."\n\r"; &modiffile_cgi($cgi_file); &modiffile_contact($contacts_file); &modiffile_group($contacts_groups_file); $ldap->unbind; - $stdout.="\n"; - switch($config{stdout}) + switch($logs) { case "mail" {&mail()} case "log" {&writelog()} - case "normal" {print $stdout} + case "terminal" {&write_stdout()} + } exit(0); @@ -216,9 +182,8 @@ sub modiffile_contact() { $file=$_[0]; my $text=""; - open(FH,"$file") || die "Probleme d'ouverture du fichier $file"; - $stdout.="\n\n"; $stdout.=" "x10;$stdout.="-"x25;$stdout.=" "x10; - $stdout.="\n\n$nb_user utilisateur(s) ajouté(s) dans le fichier $file\n"; + open(FH,"$file") || die "$error_open $file"; + for($i=0;$i<$nb_user;$i++) { $text.="\n\ndefine contact{\n"; @@ -232,7 +197,7 @@ sub modiffile_contact() $text.="\n}\n\n"; } close(FH); - open(FH,"> $file") || die "Probleme d'ouverture du fichier $file"; + open(FH,"> $file") || die "$error_open $file"; print FH "$text"; close(FH); @@ -244,12 +209,11 @@ sub modiffile_group() $text=""; $j=0; $i=0; - open(FH,"$file") || die "Probleme d'ouverture du fichier $file"; - $stdout.="\n\n"; $stdout.=" "x10;$stdout.="-"x25;$stdout.=" "x10; - $stdout.="\n\n$nb_groupe groupe(s) ajouté(s) dans le fichier $file\n"; - for($i=0;$i<$nb_groupe;$i++) + open(FH,"$file") || die "$error_open $file"; + + for($i=0;$i<$nb_group;$i++) { - $text.="\n\ndefine contact{\n"; + $text.="\n\ndefine contactgroup{\n"; $text.="\n\tcontactgroup_name \t".$groupname[$i]; $text.="\n\talias \t\t\t".$groupdescription[$i]; $text.="\n\tmembers \t\t"; @@ -262,7 +226,7 @@ sub modiffile_group() } close(FH); - open(FH,"> $file") || die "Probleme d'ouverture du fichier $file"; + open(FH,"> $file") || die "$error_open $file"; print FH "$text"; close(FH); @@ -272,22 +236,21 @@ sub modiffile_cgi() { $file=$_[0]; $text=""; - open(FH,"$file") || die "Probleme d'ouverture du fichier $file"; + open(FH,"$file") || die "$error_open $file"; while() { $line=$_; - #$stdout.="$line"; if($line =~ /^authorized_for_system_information=*/i){$text.="authorized_for_system_information=".$userlist1} elsif($line =~ /^authorized_for_configuration_information=*/i){$text.="authorized_for_configuration_information=".$userlist2} elsif($line =~ /^authorized_for_system_commands=*/i){$text.="authorized_for_system_commands=".$userlist3} - elsif($line =~ /^authorized_for_all_services=*/i){$text.="authorized_for_all_services=".$userlist4."\n"} + elsif($line =~ /^authorized_for_all_services=*/i){$text.="authorized_for_all_services=".$userlist4} elsif($line =~ /^authorized_for_all_hosts=*/i){$text.="authorized_for_all_hosts=".$userlist5} - elsif($line =~ /^authorized_for_all_service_commands=*/i){$text.="authorized_for_all_host_commands=".$userlist6."\n"} + elsif($line =~ /^authorized_for_all_service_commands=*/i){$text.="authorized_for_all_host_commands=".$userlist6} elsif($line =~ /^authorized_for_all_host_commands=*/i){$text.="authorized_for_all_service_commands=".$userlist7} else {$text.=$line}; } close(FH); - open(FH,"> $file") || die "Probleme d'ouverture du fichier $file"; + open(FH,"> $file") || die "$error_open $file"; print FH "$text"; close(FH); @@ -311,8 +274,6 @@ sub read_conf() } - - sub read_parameter { my $line=shift; @@ -331,6 +292,7 @@ sub read_parameter } } + sub subst_configvar { my $value = shift; @@ -340,15 +302,16 @@ sub subst_configvar return $value; } + sub mail { -if($config{email}eq ""){$config{email}="root"} +if($email eq ""){$email="root"} $msg = MIME::Lite->new( - From => 'monperl@opensides.be', + From => $config{email_from}, To => $config{email}, - Subject => "Plugin Nagios Gosa", + Subject => "Ldap2nagios Gosa plugin", Data => $stdout ); @@ -356,36 +319,57 @@ $msg = MIME::Lite->new( $msg->send; } + sub writelog { - open(F, "> $config{logfile}"); + open(F, "> $logfile"); print F $stdout; close(F); } -# Read timestamp -sub getTS +sub write_stdout { - open(F, "< $TS_FILE"); - my $ts = ; - chop $ts; - $ts ||= "19700101000000Z"; - return $ts; -} + $j=0; -# save timestamp -sub putTS -{ - my $ts = `date -u '+%Y%m%d%H%M%SZ'`; - open(F, "> $TS_FILE"); - $stdout.= F $ts; -} + $stdout.="\n\nSearch for Nagios attribute in user and group list\n"; + $stdout.="-"x55;$stdout.="\n"; + + for($i=0;$i<$nb_user;$i++) { + $stdout.="\nContact $i : \n\tName\t\t\t $contactname[$i]"; + $stdout.="\n\n\tmail:\t\t\t\t $nagiosmail[$i]"; + $stdout.="\n\talias:\t\t\t\t $nagiosalias[$i]"; + $stdout.="\n\tHostNotificationPeriod:\t\t $hostnotificationperiod[$i]"; + $stdout.="\n\tServiceNotificationPeriod:\t $servicenotificationperiod[$i]"; + $stdout.="\n\tHostNotificationOptions:\t $hostnotificationoptions[$i]"; + $stdout.="\n\tServiceNotificationOptions:\t $servicenotificationoptions[$i]"; + $stdout.="\n"." "x15;$stdout.="-"x20;$stdout.=" "x 15; + } + + for($i=0;$i<$nb_group;$i++) { + $stdout.="\nGroupe $i : \n\tName\t\t $groupname[$i]"; + $stdout.="\n\talias \t\t $groupdescription[$i]"; + $stdout.="\n\tmembers \t"; + while(defined($groupmembers[$i][$j])) + { + $stdout.=$groupmembers[$i][$j]. " "; + $j++; + } + } + + $stdout.="\n\n\n\n\nAuthorization for the various Informations in Nagios\n"."-" x 53;$stdout.="\n"; + + $stdout.="\nSystem infos :\t\t $userlist1"; + $stdout.="\nConfiguration infos :\t $userlist2"; + $stdout.="\nSystem commands : \t $userlist3"; + $stdout.="\nAll services :\t\t $userlist4"; + $stdout.="\nAll hosts :\t\t $userlist5"; + $stdout.="\nAll services commands :\t $userlist6"; + $stdout.="\nAll host commands :\t $userlist7"; + + $stdout.="\n\n"; $stdout.=" "x10;$stdout.="-"x25;$stdout.=" "x10; + $stdout.="\n$nb_user user(s) added in the file $file\n"; + $stdout.="\n$nb_group group(s) added in the file $file\n"; + + print $stdout; -#connexion anonyme -sub anonBind -{ - my $ldap = Net::LDAP->new( $server); - my $mesg = $ldap->bind(); - $mesg->code && die $mesg->error; - return $ldap; } diff --git a/contrib/scripts/ldap2nagios.conf b/contrib/scripts/ldap2nagios.conf new file mode 100644 index 000000000..a20702ed9 --- /dev/null +++ b/contrib/scripts/ldap2nagios.conf @@ -0,0 +1,65 @@ +############################################################################## +# +# General Configuration +# +############################################################################## + +# +# Where are you ldap users stored +# +peopleou = "ou=people,dc=opensides,dc=be" + +# +# Where are you ldap group stored +# +groupeou = "ou=groups,dc=opensides,dc=be" + +# +# Base of your ldap tree for searching +# Not used yet +# +base = "dc=opensides,dc=be" + +# +# Ldap scope method for search +# +scope = sub + +# +# Address of the ldap server where we connect +# +server = localhost + +# +# Where to send the logs +# Parameters are : +# mail, log, terminal +# +logs = terminal + +# +# Where to save the logs when logs = log +# +logfile = /var/log/syslog/ldap2nagios.log + +# +# Address email where to send the logs +# +email = benoit.mortier@opensides.be + +# +# From email address +# +email_from = ldap2nagios@opensides.be + +# +# Base nagios admin +# +nagiosadmin = admin + +# +# Nagios config file path +# +cgi_file = cgi.cfg +contacts_file = contacts.cfg +contacts_groups_file = contactgroups.cfg diff --git a/contrib/scripts/ldap2nagios_bind.conf b/contrib/scripts/ldap2nagios_bind.conf new file mode 100644 index 000000000..5db6f4ee2 --- /dev/null +++ b/contrib/scripts/ldap2nagios_bind.conf @@ -0,0 +1,6 @@ +############################ +# Credential Configuration # +############################ +masterDN="cn=admin,dc=opensides,dc=be" +masterPw="opensidescatbertslapd" + diff --git a/doc/README.nagios b/doc/README.nagios index 5878e4059..1b87ae445 100644 --- a/doc/README.nagios +++ b/doc/README.nagios @@ -4,14 +4,18 @@ To use the nagios plugin 2) Remove the comment in front of nagiosAccount in gosa.conf - + +3) configure the ldap2nagios.conf file + +4) Configure the ldap2nagios_bind.conf + Benoit Mortier Guillaume Delecourt OpenSides October-November 2005 -- 2.30.2