[monitoring-plugins] check_mysql: ignore authentication failure

[Jan Wagner]

 Module: monitoring-plugins
 Branch: master
 Commit: 2e8d440e73ac2b1875db5ecaf6df510fdcf6eb7a
 Author: Jan Wagner <waja at cyconet.org>
   Date: Tue Oct  1 00:47:08 2013 +0200
    URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=2e8d440

check_mysql: ignore authentication failure

This patch allows checking if MySQL server is running without providing valid
username and password. Similar to check_ssh plugin it returns MySQL server
version string and protocol number.

Example:
check_mysql -n -H aaa.bbb.ccc.ddd
MySQL OK - Version: 5.0.51a-24+lenny5 (protocol 10)

This is useful for monitoring servers where one does not have administrator
privileges or does not want to grant any privileges for the monitoring station.

To enable this functionality new option --ignore-auth (-n) is added to
check_mysql plugin.

Thanks to Julius Kriukas

Closes #1020
Closes #1178

---

 THANKS.in             |  1 +
 plugins/check_mysql.c | 22 ++++++++++++++++++++--
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/THANKS.in b/THANKS.in
index 6738ae7..b732e78 100644
--- a/THANKS.in
+++ b/THANKS.in
@@ -325,3 +325,4 @@ Andy Brist
 Mikael Falkvidd
 Patric Wust
 Neil Prockter
+Julius Kriukas
diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c
index 4f09e5f..216626b 100644
--- a/plugins/check_mysql.c
+++ b/plugins/check_mysql.c
@@ -42,6 +42,7 @@ const char *email = "devel at monitoring-plugins.org";
 #include "netutils.h"
 
 #include <mysql.h>
+#include <mysqld_error.h>
 #include <errmsg.h>
 
 char *db_user = NULL;
@@ -59,6 +60,7 @@ char *opt_file = NULL;
 char *opt_group = NULL;
 unsigned int db_port = MYSQL_PORT;
 int check_slave = 0, warn_sec = 0, crit_sec = 0;
+int ignore_auth = 0;
 int verbose = 0;
 
 static double warning_time = 0;
@@ -136,7 +138,16 @@ main (int argc, char **argv)
 		mysql_ssl_set(&mysql,key,cert,ca_cert,ca_dir,ciphers);
 	/* establish a connection to the server and error checking */
 	if (!mysql_real_connect(&mysql,db_host,db_user,db_pass,db,db_port,db_socket,0)) {
-		if (mysql_errno (&mysql) == CR_UNKNOWN_HOST)
+		if (ignore_auth && mysql_errno (&mysql) == ER_ACCESS_DENIED_ERROR)
+		{
+			printf("MySQL OK - Version: %s (protocol %d)\n",
+				mysql_get_server_info(&mysql),
+				mysql_get_proto_info(&mysql)
+			);
+			mysql_close (&mysql);
+			return STATE_OK;
+		}
+		else if (mysql_errno (&mysql) == CR_UNKNOWN_HOST)
 			die (STATE_WARNING, "%s\n", mysql_error (&mysql));
 		else if (mysql_errno (&mysql) == CR_VERSION_ERROR)
 			die (STATE_WARNING, "%s\n", mysql_error (&mysql));
@@ -341,6 +352,7 @@ process_arguments (int argc, char **argv)
 		{"critical", required_argument, 0, 'c'},
 		{"warning", required_argument, 0, 'w'},
 		{"check-slave", no_argument, 0, 'S'},
+		{"ignore-auth", no_argument, 0, 'n'},
 		{"verbose", no_argument, 0, 'v'},
 		{"version", no_argument, 0, 'V'},
 		{"help", no_argument, 0, 'h'},
@@ -357,7 +369,7 @@ process_arguments (int argc, char **argv)
 		return ERROR;
 
 	while (1) {
-		c = getopt_long (argc, argv, "hlvVSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option);
+		c = getopt_long (argc, argv, "hlvVnSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option);
 
 		if (c == -1 || c == EOF)
 			break;
@@ -419,6 +431,9 @@ process_arguments (int argc, char **argv)
 		case 'S':
 			check_slave = 1;							/* check-slave */
 			break;
+		case 'n':
+			ignore_auth = 1;							/* ignore-auth */
+			break;
 		case 'w':
 			warning = optarg;
 			warning_time = strtod (warning, NULL);
@@ -506,6 +521,9 @@ print_help (void)
 	printf (UT_EXTRA_OPTS);
 
   printf (UT_HOST_PORT, 'P', myport);
+  printf (" %s\n", "-n, --ignore-auth");
+  printf ("    %s\n", _("Ignore authentication failure and check for mysql connectivity only"));
+
   printf (" %s\n", "-s, --socket=STRING");
   printf ("    %s\n", _("Use the specified socket (has no effect if -H is used)"));