summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.clang-format1
-rw-r--r--plugins/check_apt.c664
2 files changed, 356 insertions, 309 deletions
diff --git a/.clang-format b/.clang-format
index 877a53b..ca411ed 100644
--- a/.clang-format
+++ b/.clang-format
@@ -9,3 +9,4 @@ IndentPPDirectives: AfterHash
9SortIncludes: Never 9SortIncludes: Never
10AllowShortEnumsOnASingleLine: false 10AllowShortEnumsOnASingleLine: false
11BinPackArguments: true 11BinPackArguments: true
12InsertBraces: true
diff --git a/plugins/check_apt.c b/plugins/check_apt.c
index 5e4021b..1eda45d 100644
--- a/plugins/check_apt.c
+++ b/plugins/check_apt.c
@@ -1,33 +1,33 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2 *
3* Monitoring check_apt plugin 3 * Monitoring check_apt plugin
4* 4 *
5* License: GPL 5 * License: GPL
6* Copyright (c) 2006-2024 Monitoring Plugins Development Team 6 * Copyright (c) 2006-2024 Monitoring Plugins Development Team
7* 7 *
8* Original author: Sean Finney 8 * Original author: Sean Finney
9* 9 *
10* Description: 10 * Description:
11* 11 *
12* This file contains the check_apt plugin 12 * This file contains the check_apt plugin
13* 13 *
14* Check for available updates in apt package management systems 14 * Check for available updates in apt package management systems
15* 15 *
16* 16 *
17* This program is free software: you can redistribute it and/or modify 17 * This program is free software: you can redistribute it and/or modify
18* it under the terms of the GNU General Public License as published by 18 * it under the terms of the GNU General Public License as published by
19* the Free Software Foundation, either version 3 of the License, or 19 * the Free Software Foundation, either version 3 of the License, or
20* (at your option) any later version. 20 * (at your option) any later version.
21* 21 *
22* This program is distributed in the hope that it will be useful, 22 * This program is distributed in the hope that it will be useful,
23* but WITHOUT ANY WARRANTY; without even the implied warranty of 23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25* GNU General Public License for more details. 25 * GNU General Public License for more details.
26* 26 *
27* You should have received a copy of the GNU General Public License 27 * You should have received a copy of the GNU General Public License
28* along with this program. If not, see <http://www.gnu.org/licenses/>. 28 * along with this program. If not, see <http://www.gnu.org/licenses/>.
29* 29 *
30*****************************************************************************/ 30 *****************************************************************************/
31 31
32const char *progname = "check_apt"; 32const char *progname = "check_apt";
33const char *copyright = "2006-2024"; 33const char *copyright = "2006-2024";
@@ -39,17 +39,21 @@ const char *email = "devel@monitoring-plugins.org";
39#include "regex.h" 39#include "regex.h"
40 40
41/* some constants */ 41/* some constants */
42typedef enum { UPGRADE, DIST_UPGRADE, NO_UPGRADE } upgrade_type; 42typedef enum {
43 UPGRADE,
44 DIST_UPGRADE,
45 NO_UPGRADE
46} upgrade_type;
43 47
44/* Character for hidden input file option (for testing). */ 48/* Character for hidden input file option (for testing). */
45#define INPUT_FILE_OPT CHAR_MAX+1 49#define INPUT_FILE_OPT CHAR_MAX + 1
46/* the default opts can be overridden via the cmdline */ 50/* the default opts can be overridden via the cmdline */
47#define UPGRADE_DEFAULT_OPTS "-o 'Debug::NoLocking=true' -s -qq" 51#define UPGRADE_DEFAULT_OPTS "-o 'Debug::NoLocking=true' -s -qq"
48#define UPDATE_DEFAULT_OPTS "-q" 52#define UPDATE_DEFAULT_OPTS "-q"
49/* until i commit the configure.in patch which gets this, i'll define 53/* until i commit the configure.in patch which gets this, i'll define
50 * it here as well */ 54 * it here as well */
51#ifndef PATH_TO_APTGET 55#ifndef PATH_TO_APTGET
52# define PATH_TO_APTGET "/usr/bin/apt-get" 56# define PATH_TO_APTGET "/usr/bin/apt-get"
53#endif /* PATH_TO_APTGET */ 57#endif /* PATH_TO_APTGET */
54/* String found at the beginning of the apt output lines we're interested in */ 58/* String found at the beginning of the apt output lines we're interested in */
55#define PKGINST_PREFIX "Inst " 59#define PKGINST_PREFIX "Inst "
@@ -57,97 +61,108 @@ typedef enum { UPGRADE, DIST_UPGRADE, NO_UPGRADE } upgrade_type;
57#define SECURITY_RE "^[^\\(]*\\(.* (Debian-Security:|Ubuntu:[^/]*/[^-]*-security)" 61#define SECURITY_RE "^[^\\(]*\\(.* (Debian-Security:|Ubuntu:[^/]*/[^-]*-security)"
58 62
59/* some standard functions */ 63/* some standard functions */
60int process_arguments(int, char **); 64static int process_arguments(int /*argc*/, char ** /*argv*/);
61void print_help(void); 65static void print_help(void);
62void print_usage(void); 66void print_usage(void);
63 67
64/* construct the appropriate apt-get cmdline */ 68/* construct the appropriate apt-get cmdline */
65char* construct_cmdline(upgrade_type u, const char *opts); 69static char *construct_cmdline(upgrade_type u, const char *opts);
66/* run an apt-get update */ 70/* run an apt-get update */
67int run_update(void); 71static int run_update(void);
72
73typedef struct {
74 int errorcode;
75 int package_count;
76 int security_package_count;
77 char **packages_list;
78 char **secpackages_list;
79} run_upgrade_result;
80
68/* run an apt-get upgrade */ 81/* run an apt-get upgrade */
69int run_upgrade(int *pkgcount, int *secpkgcount, char ***pkglist, char ***secpkglist); 82static run_upgrade_result run_upgrade(void);
83
70/* add another clause to a regexp */ 84/* add another clause to a regexp */
71char* add_to_regexp(char *expr, const char *next); 85static char *add_to_regexp(char *expr, const char *next);
72/* extract package name from Inst line */ 86/* extract package name from Inst line */
73char* pkg_name(char *line); 87static char *pkg_name(char *line);
74/* string comparison function for qsort */ 88/* string comparison function for qsort */
75int cmpstringp(const void *p1, const void *p2); 89static int cmpstringp(const void *p1, const void *p2);
76 90
77/* configuration variables */ 91/* configuration variables */
78static int verbose = 0; /* -v */ 92static int verbose = 0; /* -v */
79static bool list = false; /* list packages available for upgrade */ 93static bool list = false; /* list packages available for upgrade */
80static bool do_update = false; /* whether to call apt-get update */ 94static bool do_update = false; /* whether to call apt-get update */
81static bool only_critical = false; /* whether to warn about non-critical updates */ 95static bool only_critical = false; /* whether to warn about non-critical updates */
82static upgrade_type upgrade = UPGRADE; /* which type of upgrade to do */ 96static upgrade_type upgrade = UPGRADE; /* which type of upgrade to do */
83static char *upgrade_opts = NULL; /* options to override defaults for upgrade */ 97static char *upgrade_opts = NULL; /* options to override defaults for upgrade */
84static char *update_opts = NULL; /* options to override defaults for update */ 98static char *update_opts = NULL; /* options to override defaults for update */
85static char *do_include = NULL; /* regexp to only include certain packages */ 99static char *do_include = NULL; /* regexp to only include certain packages */
86static char *do_exclude = NULL; /* regexp to only exclude certain packages */ 100static char *do_exclude = NULL; /* regexp to only exclude certain packages */
87static char *do_critical = NULL; /* regexp specifying critical packages */ 101static char *do_critical = NULL; /* regexp specifying critical packages */
88static char *input_filename = NULL; /* input filename for testing */ 102static char *input_filename = NULL; /* input filename for testing */
89/* number of packages available for upgrade to return WARNING status */ 103/* number of packages available for upgrade to return WARNING status */
90static int packages_warning = 1; 104static int packages_warning = 1;
91 105
92/* other global variables */ 106/* other global variables */
93static int stderr_warning = 0; /* if a cmd issued output on stderr */ 107static int stderr_warning = 0; /* if a cmd issued output on stderr */
94static int exec_warning = 0; /* if a cmd exited non-zero */ 108static int exec_warning = 0; /* if a cmd exited non-zero */
95
96int main (int argc, char **argv) {
97 int result=STATE_UNKNOWN, packages_available=0, sec_count=0;
98 char **packages_list=NULL, **secpackages_list=NULL;
99 109
110int main(int argc, char **argv) {
100 /* Parse extra opts if any */ 111 /* Parse extra opts if any */
101 argv=np_extra_opts(&argc, argv, progname); 112 argv = np_extra_opts(&argc, argv, progname);
102 113
103 if (process_arguments(argc, argv) == ERROR) 114 if (process_arguments(argc, argv) == ERROR) {
104 usage_va(_("Could not parse arguments")); 115 usage_va(_("Could not parse arguments"));
116 }
105 117
106 /* Set signal handling and alarm timeout */ 118 /* Set signal handling and alarm timeout */
107 if (signal (SIGALRM, timeout_alarm_handler) == SIG_ERR) { 119 if (signal(SIGALRM, timeout_alarm_handler) == SIG_ERR) {
108 usage_va(_("Cannot catch SIGALRM")); 120 usage_va(_("Cannot catch SIGALRM"));
109 } 121 }
110 122
111 /* handle timeouts gracefully... */ 123 /* handle timeouts gracefully... */
112 alarm (timeout_interval); 124 alarm(timeout_interval);
113 125
126 int result = STATE_UNKNOWN;
114 /* if they want to run apt-get update first... */ 127 /* if they want to run apt-get update first... */
115 if(do_update) result = run_update(); 128 if (do_update) {
129 result = run_update();
130 }
116 131
117 /* apt-get upgrade */ 132 /* apt-get upgrade */
118 result = max_state(result, run_upgrade(&packages_available, &sec_count, &packages_list, &secpackages_list)); 133 run_upgrade_result upgrad_res = run_upgrade();
119 134
120 if(sec_count > 0){ 135 result = max_state(result, upgrad_res.errorcode);
136 int packages_available = upgrad_res.package_count;
137 int sec_count = upgrad_res.security_package_count;
138 char **packages_list = upgrad_res.packages_list;
139 char **secpackages_list = upgrad_res.secpackages_list;
140
141 if (sec_count > 0) {
121 result = max_state(result, STATE_CRITICAL); 142 result = max_state(result, STATE_CRITICAL);
122 } else if(packages_available >= packages_warning && only_critical == false){ 143 } else if (packages_available >= packages_warning && only_critical == false) {
123 result = max_state(result, STATE_WARNING); 144 result = max_state(result, STATE_WARNING);
124 } else if(result > STATE_UNKNOWN){ 145 } else if (result > STATE_UNKNOWN) {
125 result = STATE_UNKNOWN; 146 result = STATE_UNKNOWN;
126 } 147 }
127 148
128 printf(_("APT %s: %d packages available for %s (%d critical updates). %s%s%s%s|available_upgrades=%d;;;0 critical_updates=%d;;;0\n"), 149 printf(_("APT %s: %d packages available for %s (%d critical updates). %s%s%s%s|available_upgrades=%d;;;0 critical_updates=%d;;;0\n"),
129 state_text(result), 150 state_text(result), packages_available, (upgrade == DIST_UPGRADE) ? "dist-upgrade" : "upgrade", sec_count,
130 packages_available, 151 (stderr_warning) ? " warnings detected" : "", (stderr_warning && exec_warning) ? "," : "",
131 (upgrade==DIST_UPGRADE)?"dist-upgrade":"upgrade", 152 (exec_warning) ? " errors detected" : "", (stderr_warning || exec_warning) ? "." : "", packages_available, sec_count);
132 sec_count, 153
133 (stderr_warning)?" warnings detected":"", 154 if (list) {
134 (stderr_warning && exec_warning)?",":"", 155 qsort(secpackages_list, sec_count, sizeof(char *), cmpstringp);
135 (exec_warning)?" errors detected":"", 156 qsort(packages_list, packages_available - sec_count, sizeof(char *), cmpstringp);
136 (stderr_warning||exec_warning)?".":"", 157
137 packages_available, 158 for (int i = 0; i < sec_count; i++) {
138 sec_count
139 );
140
141 if(list) {
142 qsort(secpackages_list, sec_count, sizeof(char*), cmpstringp);
143 qsort(packages_list, packages_available-sec_count, sizeof(char*), cmpstringp);
144
145 for(int i = 0; i < sec_count; i++)
146 printf("%s (security)\n", secpackages_list[i]); 159 printf("%s (security)\n", secpackages_list[i]);
160 }
147 161
148 if (only_critical == false) { 162 if (only_critical == false) {
149 for(int i = 0; i < packages_available - sec_count; i++) 163 for (int i = 0; i < packages_available - sec_count; i++) {
150 printf("%s\n", packages_list[i]); 164 printf("%s\n", packages_list[i]);
165 }
151 } 166 }
152 } 167 }
153 168
@@ -155,34 +170,32 @@ int main (int argc, char **argv) {
155} 170}
156 171
157/* process command-line arguments */ 172/* process command-line arguments */
158int process_arguments (int argc, char **argv) { 173int process_arguments(int argc, char **argv) {
159 int c; 174 static struct option longopts[] = {{"version", no_argument, 0, 'V'},
160 175 {"help", no_argument, 0, 'h'},
161 static struct option longopts[] = { 176 {"verbose", no_argument, 0, 'v'},
162 {"version", no_argument, 0, 'V'}, 177 {"timeout", required_argument, 0, 't'},
163 {"help", no_argument, 0, 'h'}, 178 {"update", optional_argument, 0, 'u'},
164 {"verbose", no_argument, 0, 'v'}, 179 {"upgrade", optional_argument, 0, 'U'},
165 {"timeout", required_argument, 0, 't'}, 180 {"no-upgrade", no_argument, 0, 'n'},
166 {"update", optional_argument, 0, 'u'}, 181 {"dist-upgrade", optional_argument, 0, 'd'},
167 {"upgrade", optional_argument, 0, 'U'}, 182 {"list", no_argument, false, 'l'},
168 {"no-upgrade", no_argument, 0, 'n'}, 183 {"include", required_argument, 0, 'i'},
169 {"dist-upgrade", optional_argument, 0, 'd'}, 184 {"exclude", required_argument, 0, 'e'},
170 {"list", no_argument, false, 'l'}, 185 {"critical", required_argument, 0, 'c'},
171 {"include", required_argument, 0, 'i'}, 186 {"only-critical", no_argument, 0, 'o'},
172 {"exclude", required_argument, 0, 'e'}, 187 {"input-file", required_argument, 0, INPUT_FILE_OPT},
173 {"critical", required_argument, 0, 'c'}, 188 {"packages-warning", required_argument, 0, 'w'},
174 {"only-critical", no_argument, 0, 'o'}, 189 {0, 0, 0, 0}};
175 {"input-file", required_argument, 0, INPUT_FILE_OPT}, 190
176 {"packages-warning", required_argument, 0, 'w'}, 191 while (true) {
177 {0, 0, 0, 0} 192 int option_char = getopt_long(argc, argv, "hVvt:u::U::d::nli:e:c:ow:", longopts, NULL);
178 }; 193
179 194 if (option_char == -1 || option_char == EOF || option_char == 1) {
180 while(1) { 195 break;
181 c = getopt_long(argc, argv, "hVvt:u::U::d::nli:e:c:ow:", longopts, NULL); 196 }
182
183 if(c == -1 || c == EOF || c == 1) break;
184 197
185 switch(c) { 198 switch (option_char) {
186 case 'h': 199 case 'h':
187 print_help(); 200 print_help();
188 exit(STATE_UNKNOWN); 201 exit(STATE_UNKNOWN);
@@ -193,46 +206,52 @@ int process_arguments (int argc, char **argv) {
193 verbose++; 206 verbose++;
194 break; 207 break;
195 case 't': 208 case 't':
196 timeout_interval=atoi(optarg); 209 timeout_interval = atoi(optarg);
197 break; 210 break;
198 case 'd': 211 case 'd':
199 upgrade=DIST_UPGRADE; 212 upgrade = DIST_UPGRADE;
200 if(optarg!=NULL){ 213 if (optarg != NULL) {
201 upgrade_opts=strdup(optarg); 214 upgrade_opts = strdup(optarg);
202 if(upgrade_opts==NULL) die(STATE_UNKNOWN, "strdup failed"); 215 if (upgrade_opts == NULL) {
216 die(STATE_UNKNOWN, "strdup failed");
217 }
203 } 218 }
204 break; 219 break;
205 case 'U': 220 case 'U':
206 upgrade=UPGRADE; 221 upgrade = UPGRADE;
207 if(optarg!=NULL){ 222 if (optarg != NULL) {
208 upgrade_opts=strdup(optarg); 223 upgrade_opts = strdup(optarg);
209 if(upgrade_opts==NULL) die(STATE_UNKNOWN, "strdup failed"); 224 if (upgrade_opts == NULL) {
225 die(STATE_UNKNOWN, "strdup failed");
226 }
210 } 227 }
211 break; 228 break;
212 case 'n': 229 case 'n':
213 upgrade=NO_UPGRADE; 230 upgrade = NO_UPGRADE;
214 break; 231 break;
215 case 'u': 232 case 'u':
216 do_update=true; 233 do_update = true;
217 if(optarg!=NULL){ 234 if (optarg != NULL) {
218 update_opts=strdup(optarg); 235 update_opts = strdup(optarg);
219 if(update_opts==NULL) die(STATE_UNKNOWN, "strdup failed"); 236 if (update_opts == NULL) {
237 die(STATE_UNKNOWN, "strdup failed");
238 }
220 } 239 }
221 break; 240 break;
222 case 'l': 241 case 'l':
223 list=true; 242 list = true;
224 break; 243 break;
225 case 'i': 244 case 'i':
226 do_include=add_to_regexp(do_include, optarg); 245 do_include = add_to_regexp(do_include, optarg);
227 break; 246 break;
228 case 'e': 247 case 'e':
229 do_exclude=add_to_regexp(do_exclude, optarg); 248 do_exclude = add_to_regexp(do_exclude, optarg);
230 break; 249 break;
231 case 'c': 250 case 'c':
232 do_critical=add_to_regexp(do_critical, optarg); 251 do_critical = add_to_regexp(do_critical, optarg);
233 break; 252 break;
234 case 'o': 253 case 'o':
235 only_critical=true; 254 only_critical = true;
236 break; 255 break;
237 case INPUT_FILE_OPT: 256 case INPUT_FILE_OPT:
238 input_filename = optarg; 257 input_filename = optarg;
@@ -249,68 +268,78 @@ int process_arguments (int argc, char **argv) {
249 return OK; 268 return OK;
250} 269}
251 270
252
253/* run an apt-get upgrade */ 271/* run an apt-get upgrade */
254int run_upgrade(int *pkgcount, int *secpkgcount, char ***pkglist, char ***secpkglist){ 272run_upgrade_result run_upgrade(void) {
255 int result=STATE_UNKNOWN, regres=0, pc=0, spc=0; 273 regex_t ereg;
256 struct output chld_out, chld_err;
257 regex_t ireg, ereg, sreg;
258 char *cmdline=NULL, rerrbuf[64];
259
260 /* initialize ereg as it is possible it is printed while uninitialized */ 274 /* initialize ereg as it is possible it is printed while uninitialized */
261 memset(&ereg, '\0', sizeof(ereg.buffer)); 275 memset(&ereg, '\0', sizeof(ereg.buffer));
262 276
263 if(upgrade==NO_UPGRADE) return STATE_OK; 277 run_upgrade_result result = {
278 .errorcode = STATE_UNKNOWN,
279 };
264 280
281 if (upgrade == NO_UPGRADE) {
282 result.errorcode = STATE_OK;
283 return result;
284 }
285
286 int regres = 0;
287 regex_t ireg;
288 char rerrbuf[64];
265 /* compile the regexps */ 289 /* compile the regexps */
266 if (do_include != NULL) { 290 if (do_include != NULL) {
267 regres=regcomp(&ireg, do_include, REG_EXTENDED); 291 regres = regcomp(&ireg, do_include, REG_EXTENDED);
268 if (regres!=0) { 292 if (regres != 0) {
269 regerror(regres, &ireg, rerrbuf, 64); 293 regerror(regres, &ireg, rerrbuf, 64);
270 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf); 294 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
271 } 295 }
272 } 296 }
273 297
274 if(do_exclude!=NULL){ 298 if (do_exclude != NULL) {
275 regres=regcomp(&ereg, do_exclude, REG_EXTENDED); 299 regres = regcomp(&ereg, do_exclude, REG_EXTENDED);
276 if(regres!=0) { 300 if (regres != 0) {
277 regerror(regres, &ereg, rerrbuf, 64); 301 regerror(regres, &ereg, rerrbuf, 64);
278 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), 302 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
279 progname, rerrbuf);
280 } 303 }
281 } 304 }
282 305
306 regex_t sreg;
283 const char *crit_ptr = (do_critical != NULL) ? do_critical : SECURITY_RE; 307 const char *crit_ptr = (do_critical != NULL) ? do_critical : SECURITY_RE;
284 regres=regcomp(&sreg, crit_ptr, REG_EXTENDED); 308 regres = regcomp(&sreg, crit_ptr, REG_EXTENDED);
285 if(regres!=0) { 309 if (regres != 0) {
286 regerror(regres, &ereg, rerrbuf, 64); 310 regerror(regres, &ereg, rerrbuf, 64);
287 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), 311 die(STATE_UNKNOWN, _("%s: Error compiling regexp: %s"), progname, rerrbuf);
288 progname, rerrbuf);
289 } 312 }
290 313
291 cmdline=construct_cmdline(upgrade, upgrade_opts); 314 struct output chld_out;
315 struct output chld_err;
316 char *cmdline = NULL;
317 cmdline = construct_cmdline(upgrade, upgrade_opts);
292 if (input_filename != NULL) { 318 if (input_filename != NULL) {
293 /* read input from a file for testing */ 319 /* read input from a file for testing */
294 result = cmd_file_read(input_filename, &chld_out, 0); 320 result.errorcode = cmd_file_read(input_filename, &chld_out, 0);
295 } else { 321 } else {
296 /* run the upgrade */ 322 /* run the upgrade */
297 result = np_runcmd(cmdline, &chld_out, &chld_err, 0); 323 result.errorcode = np_runcmd(cmdline, &chld_out, &chld_err, 0);
298 } 324 }
299 325
300 /* apt-get upgrade only changes exit status if there is an 326 /* apt-get upgrade only changes exit status if there is an
301 * internal error when run in dry-run mode. therefore we will 327 * internal error when run in dry-run mode. therefore we will
302 * treat such an error as UNKNOWN */ 328 * treat such an error as UNKNOWN */
303 if(result != 0){ 329 if (result.errorcode != STATE_OK) {
304 exec_warning=1; 330 exec_warning = 1;
305 result = STATE_UNKNOWN; 331 result.errorcode = STATE_UNKNOWN;
306 fprintf(stderr, _("'%s' exited with non-zero status.\n"), 332 fprintf(stderr, _("'%s' exited with non-zero status.\n"), cmdline);
307 cmdline);
308 } 333 }
309 334
310 *pkglist=malloc(sizeof(char *) * chld_out.lines); 335 char **pkglist = malloc(sizeof(char *) * chld_out.lines);
311 if(!pkglist) die(STATE_UNKNOWN, "malloc failed!\n"); 336 if (!pkglist) {
312 *secpkglist=malloc(sizeof(char *) * chld_out.lines); 337 die(STATE_UNKNOWN, "malloc failed!\n");
313 if(!secpkglist) die(STATE_UNKNOWN, "malloc failed!\n"); 338 }
339 char **secpkglist = malloc(sizeof(char *) * chld_out.lines);
340 if (!secpkglist) {
341 die(STATE_UNKNOWN, "malloc failed!\n");
342 }
314 343
315 /* parse the output, which should only consist of lines like 344 /* parse the output, which should only consist of lines like
316 * 345 *
@@ -321,82 +350,91 @@ int run_upgrade(int *pkgcount, int *secpkgcount, char ***pkglist, char ***secpkg
321 * we may need to switch to the --print-uris output format, 350 * we may need to switch to the --print-uris output format,
322 * in which case the logic here will slightly change. 351 * in which case the logic here will slightly change.
323 */ 352 */
324 for(size_t i = 0; i < chld_out.lines; i++) { 353 int package_counter = 0;
325 if(verbose){ 354 int security_package_counter = 0;
355 for (size_t i = 0; i < chld_out.lines; i++) {
356 if (verbose) {
326 printf("%s\n", chld_out.line[i]); 357 printf("%s\n", chld_out.line[i]);
327 } 358 }
328 /* if it is a package we care about */ 359 /* if it is a package we care about */
329 if (strncmp(PKGINST_PREFIX, chld_out.line[i], strlen(PKGINST_PREFIX)) == 0 && 360 if (strncmp(PKGINST_PREFIX, chld_out.line[i], strlen(PKGINST_PREFIX)) == 0 &&
330 (do_include == NULL || regexec(&ireg, chld_out.line[i], 0, NULL, 0) == 0)) { 361 (do_include == NULL || regexec(&ireg, chld_out.line[i], 0, NULL, 0) == 0)) {
331 /* if we're not excluding, or it's not in the 362 /* if we're not excluding, or it's not in the
332 * list of stuff to exclude */ 363 * list of stuff to exclude */
333 if(do_exclude==NULL || 364 if (do_exclude == NULL || regexec(&ereg, chld_out.line[i], 0, NULL, 0) != 0) {
334 regexec(&ereg, chld_out.line[i], 0, NULL, 0)!=0){ 365 package_counter++;
335 pc++; 366 if (regexec(&sreg, chld_out.line[i], 0, NULL, 0) == 0) {
336 if(regexec(&sreg, chld_out.line[i], 0, NULL, 0)==0){ 367 security_package_counter++;
337 spc++; 368 if (verbose) {
338 if(verbose) printf("*"); 369 printf("*");
339 (*secpkglist)[spc-1] = pkg_name(chld_out.line[i]); 370 }
371 (secpkglist)[security_package_counter - 1] = pkg_name(chld_out.line[i]);
340 } else { 372 } else {
341 (*pkglist)[pc-spc-1] = pkg_name(chld_out.line[i]); 373 (pkglist)[package_counter - security_package_counter - 1] = pkg_name(chld_out.line[i]);
342 } 374 }
343 if(verbose){ 375 if (verbose) {
344 printf("*%s\n", chld_out.line[i]); 376 printf("*%s\n", chld_out.line[i]);
345 } 377 }
346 } 378 }
347 } 379 }
348 } 380 }
349 *pkgcount=pc; 381 result.package_count = package_counter;
350 *secpkgcount=spc; 382 result.security_package_count = security_package_counter;
383 result.packages_list = pkglist;
384 result.secpackages_list = secpkglist;
351 385
352 /* If we get anything on stderr, at least set warning */ 386 /* If we get anything on stderr, at least set warning */
353 if (input_filename == NULL && chld_err.buflen) { 387 if (input_filename == NULL && chld_err.buflen) {
354 stderr_warning=1; 388 stderr_warning = 1;
355 result = max_state(result, STATE_WARNING); 389 result.errorcode = max_state(result.errorcode, STATE_WARNING);
356 if(verbose){ 390 if (verbose) {
357 for(size_t i = 0; i < chld_err.lines; i++) { 391 for (size_t i = 0; i < chld_err.lines; i++) {
358 fprintf(stderr, "%s\n", chld_err.line[i]); 392 fprintf(stderr, "%s\n", chld_err.line[i]);
359 } 393 }
360 } 394 }
361 } 395 }
362 if (do_include != NULL) regfree(&ireg); 396 if (do_include != NULL) {
397 regfree(&ireg);
398 }
363 regfree(&sreg); 399 regfree(&sreg);
364 if(do_exclude!=NULL) regfree(&ereg); 400 if (do_exclude != NULL) {
401 regfree(&ereg);
402 }
365 free(cmdline); 403 free(cmdline);
366 return result; 404 return result;
367} 405}
368 406
369/* run an apt-get update (needs root) */ 407/* run an apt-get update (needs root) */
370int run_update(void){ 408int run_update(void) {
371 int result=STATE_UNKNOWN; 409 int result = STATE_UNKNOWN;
372 struct output chld_out, chld_err;
373 char *cmdline; 410 char *cmdline;
374
375 /* run the update */ 411 /* run the update */
376 cmdline = construct_cmdline(NO_UPGRADE, update_opts); 412 cmdline = construct_cmdline(NO_UPGRADE, update_opts);
413
414 struct output chld_out;
415 struct output chld_err;
377 result = np_runcmd(cmdline, &chld_out, &chld_err, 0); 416 result = np_runcmd(cmdline, &chld_out, &chld_err, 0);
378 /* apt-get update changes exit status if it can't fetch packages. 417 /* apt-get update changes exit status if it can't fetch packages.
379 * since we were explicitly asked to do so, this is treated as 418 * since we were explicitly asked to do so, this is treated as
380 * a critical error. */ 419 * a critical error. */
381 if(result != 0){ 420 if (result != 0) {
382 exec_warning=1; 421 exec_warning = 1;
383 result = STATE_CRITICAL; 422 result = STATE_CRITICAL;
384 fprintf(stderr, _("'%s' exited with non-zero status.\n"), 423 fprintf(stderr, _("'%s' exited with non-zero status.\n"), cmdline);
385 cmdline);
386 } 424 }
387 425
388 if(verbose){ 426 if (verbose) {
389 for(size_t i = 0; i < chld_out.lines; i++) { 427 for (size_t i = 0; i < chld_out.lines; i++) {
390 printf("%s\n", chld_out.line[i]); 428 printf("%s\n", chld_out.line[i]);
391 } 429 }
392 } 430 }
393 431
394 /* If we get anything on stderr, at least set warning */ 432 /* If we get anything on stderr, at least set warning */
395 if(chld_err.buflen){ 433 if (chld_err.buflen) {
396 stderr_warning=1; 434 stderr_warning = 1;
397 result = max_state(result, STATE_WARNING); 435 result = max_state(result, STATE_WARNING);
398 if(verbose){ 436 if (verbose) {
399 for(size_t i = 0; i < chld_err.lines; i++) { 437 for (size_t i = 0; i < chld_err.lines; i++) {
400 fprintf(stderr, "%s\n", chld_err.line[i]); 438 fprintf(stderr, "%s\n", chld_err.line[i]);
401 } 439 }
402 } 440 }
@@ -405,158 +443,166 @@ int run_update(void){
405 return result; 443 return result;
406} 444}
407 445
408char* pkg_name(char *line){ 446char *pkg_name(char *line) {
409 char *start=NULL, *space=NULL, *pkg=NULL; 447 char *start = line + strlen(PKGINST_PREFIX);
410 int len=0;
411 448
412 start = line + strlen(PKGINST_PREFIX); 449 int len = strlen(start);
413 len = strlen(start);
414 450
415 space = index(start, ' '); 451 char *space = index(start, ' ');
416 if(space!=NULL){ 452 if (space != NULL) {
417 len = space - start; 453 len = space - start;
418 } 454 }
419 455
420 pkg=malloc(sizeof(char)*(len+1)); 456 char *pkg = malloc(sizeof(char) * (len + 1));
421 if(!pkg) die(STATE_UNKNOWN, "malloc failed!\n"); 457 if (!pkg) {
458 die(STATE_UNKNOWN, "malloc failed!\n");
459 }
422 460
423 strncpy(pkg, start, len); 461 strncpy(pkg, start, len);
424 pkg[len]='\0'; 462 pkg[len] = '\0';
425 463
426 return pkg; 464 return pkg;
427} 465}
428 466
429int cmpstringp(const void *p1, const void *p2){ 467int cmpstringp(const void *p1, const void *p2) { return strcmp(*(char *const *)p1, *(char *const *)p2); }
430 return strcmp(* (char * const *) p1, * (char * const *) p2);
431}
432 468
433char* add_to_regexp(char *expr, const char *next){ 469char *add_to_regexp(char *expr, const char *next) {
434 char *re=NULL; 470 char *re = NULL;
435 471
436 if(expr==NULL){ 472 if (expr == NULL) {
437 re=malloc(sizeof(char)*(strlen("()")+strlen(next)+1)); 473 re = malloc(sizeof(char) * (strlen("()") + strlen(next) + 1));
438 if(!re) die(STATE_UNKNOWN, "malloc failed!\n"); 474 if (!re) {
475 die(STATE_UNKNOWN, "malloc failed!\n");
476 }
439 sprintf(re, "(%s)", next); 477 sprintf(re, "(%s)", next);
440 } else { 478 } else {
441 /* resize it, adding an extra char for the new '|' separator */ 479 /* resize it, adding an extra char for the new '|' separator */
442 re=realloc(expr, sizeof(char)*(strlen(expr)+1+strlen(next)+1)); 480 re = realloc(expr, sizeof(char) * (strlen(expr) + 1 + strlen(next) + 1));
443 if(!re) die(STATE_UNKNOWN, "realloc failed!\n"); 481 if (!re) {
482 die(STATE_UNKNOWN, "realloc failed!\n");
483 }
444 /* append it starting at ')' in the old re */ 484 /* append it starting at ')' in the old re */
445 sprintf((char*)(re+strlen(re)-1), "|%s)", next); 485 sprintf((char *)(re + strlen(re) - 1), "|%s)", next);
446 } 486 }
447 487
448 return re; 488 return re;
449} 489}
450 490
451char* construct_cmdline(upgrade_type u, const char *opts){ 491char *construct_cmdline(upgrade_type u, const char *opts) {
452 int len=0; 492 const char *opts_ptr = NULL;
453 const char *opts_ptr=NULL, *aptcmd=NULL; 493 const char *aptcmd = NULL;
454 char *cmd=NULL;
455 494
456 switch(u){ 495 switch (u) {
457 case UPGRADE: 496 case UPGRADE:
458 if(opts==NULL) opts_ptr=UPGRADE_DEFAULT_OPTS; 497 if (opts == NULL) {
459 else opts_ptr=opts; 498 opts_ptr = UPGRADE_DEFAULT_OPTS;
460 aptcmd="upgrade"; 499 } else {
500 opts_ptr = opts;
501 }
502 aptcmd = "upgrade";
461 break; 503 break;
462 case DIST_UPGRADE: 504 case DIST_UPGRADE:
463 if(opts==NULL) opts_ptr=UPGRADE_DEFAULT_OPTS; 505 if (opts == NULL) {
464 else opts_ptr=opts; 506 opts_ptr = UPGRADE_DEFAULT_OPTS;
465 aptcmd="dist-upgrade"; 507 } else {
508 opts_ptr = opts;
509 }
510 aptcmd = "dist-upgrade";
466 break; 511 break;
467 case NO_UPGRADE: 512 case NO_UPGRADE:
468 if(opts==NULL) opts_ptr=UPDATE_DEFAULT_OPTS; 513 if (opts == NULL) {
469 else opts_ptr=opts; 514 opts_ptr = UPDATE_DEFAULT_OPTS;
470 aptcmd="update"; 515 } else {
516 opts_ptr = opts;
517 }
518 aptcmd = "update";
471 break; 519 break;
472 } 520 }
473 521
474 len+=strlen(PATH_TO_APTGET)+1; /* "/usr/bin/apt-get " */ 522 int len = 0;
475 len+=strlen(opts_ptr)+1; /* "opts " */ 523 len += strlen(PATH_TO_APTGET) + 1; /* "/usr/bin/apt-get " */
476 len+=strlen(aptcmd)+1; /* "upgrade\0" */ 524 len += strlen(opts_ptr) + 1; /* "opts " */
525 len += strlen(aptcmd) + 1; /* "upgrade\0" */
477 526
478 cmd=(char*)malloc(sizeof(char)*len); 527 char *cmd = (char *)malloc(sizeof(char) * len);
479 if(cmd==NULL) die(STATE_UNKNOWN, "malloc failed"); 528 if (cmd == NULL) {
529 die(STATE_UNKNOWN, "malloc failed");
530 }
480 sprintf(cmd, "%s %s %s", PATH_TO_APTGET, opts_ptr, aptcmd); 531 sprintf(cmd, "%s %s %s", PATH_TO_APTGET, opts_ptr, aptcmd);
481 return cmd; 532 return cmd;
482} 533}
483 534
484/* informative help message */ 535/* informative help message */
485void 536void print_help(void) {
486print_help (void) 537 print_revision(progname, NP_VERSION);
487{ 538
488 print_revision(progname, NP_VERSION); 539 printf(_(COPYRIGHT), copyright, email);
489 540
490 printf(_(COPYRIGHT), copyright, email); 541 printf("%s\n", _("This plugin checks for software updates on systems that use"));
491 542 printf("%s\n", _("package management systems based on the apt-get(8) command"));
492 printf("%s\n", _("This plugin checks for software updates on systems that use")); 543 printf("%s\n", _("found in Debian GNU/Linux"));
493 printf("%s\n", _("package management systems based on the apt-get(8) command")); 544
494 printf("%s\n", _("found in Debian GNU/Linux")); 545 printf("\n\n");
495 546
496 printf ("\n\n"); 547 print_usage();
497 548
498 print_usage(); 549 printf(UT_HELP_VRSN);
499 550 printf(UT_EXTRA_OPTS);
500 printf(UT_HELP_VRSN); 551
501 printf(UT_EXTRA_OPTS); 552 printf(UT_PLUG_TIMEOUT, timeout_interval);
502 553
503 printf(UT_PLUG_TIMEOUT, timeout_interval); 554 printf(" %s\n", "-n, --no-upgrade");
504 555 printf(" %s\n", _("Do not run the upgrade. Probably not useful (without -u at least)."));
505 printf (" %s\n", "-n, --no-upgrade"); 556 printf(" %s\n", "-l, --list");
506 printf (" %s\n", _("Do not run the upgrade. Probably not useful (without -u at least).")); 557 printf(" %s\n", _("List packages available for upgrade. Packages are printed sorted by"));
507 printf (" %s\n", "-l, --list"); 558 printf(" %s\n", _("name with security packages listed first."));
508 printf (" %s\n", _("List packages available for upgrade. Packages are printed sorted by")); 559 printf(" %s\n", "-i, --include=REGEXP");
509 printf (" %s\n", _("name with security packages listed first.")); 560 printf(" %s\n", _("Include only packages matching REGEXP. Can be specified multiple times"));
510 printf (" %s\n", "-i, --include=REGEXP"); 561 printf(" %s\n", _("the values will be combined together. Any packages matching this list"));
511 printf (" %s\n", _("Include only packages matching REGEXP. Can be specified multiple times")); 562 printf(" %s\n", _("cause the plugin to return WARNING status. Others will be ignored."));
512 printf (" %s\n", _("the values will be combined together. Any packages matching this list")); 563 printf(" %s\n", _("Default is to include all packages."));
513 printf (" %s\n", _("cause the plugin to return WARNING status. Others will be ignored.")); 564 printf(" %s\n", "-e, --exclude=REGEXP");
514 printf (" %s\n", _("Default is to include all packages.")); 565 printf(" %s\n", _("Exclude packages matching REGEXP from the list of packages that would"));
515 printf (" %s\n", "-e, --exclude=REGEXP"); 566 printf(" %s\n", _("otherwise be included. Can be specified multiple times; the values"));
516 printf (" %s\n", _("Exclude packages matching REGEXP from the list of packages that would")); 567 printf(" %s\n", _("will be combined together. Default is to exclude no packages."));
517 printf (" %s\n", _("otherwise be included. Can be specified multiple times; the values")); 568 printf(" %s\n", "-c, --critical=REGEXP");
518 printf (" %s\n", _("will be combined together. Default is to exclude no packages.")); 569 printf(" %s\n", _("If the full package information of any of the upgradable packages match"));
519 printf (" %s\n", "-c, --critical=REGEXP"); 570 printf(" %s\n", _("this REGEXP, the plugin will return CRITICAL status. Can be specified"));
520 printf (" %s\n", _("If the full package information of any of the upgradable packages match")); 571 printf(" %s\n", _("multiple times like above. Default is a regexp matching security"));
521 printf (" %s\n", _("this REGEXP, the plugin will return CRITICAL status. Can be specified")); 572 printf(" %s\n", _("upgrades for Debian and Ubuntu:"));
522 printf (" %s\n", _("multiple times like above. Default is a regexp matching security")); 573 printf(" \t%s\n", SECURITY_RE);
523 printf (" %s\n", _("upgrades for Debian and Ubuntu:")); 574 printf(" %s\n", _("Note that the package must first match the include list before its"));
524 printf (" \t%s\n", SECURITY_RE); 575 printf(" %s\n", _("information is compared against the critical list."));
525 printf (" %s\n", _("Note that the package must first match the include list before its")); 576 printf(" %s\n", "-o, --only-critical");
526 printf (" %s\n", _("information is compared against the critical list.")); 577 printf(" %s\n", _("Only warn about upgrades matching the critical list. The total number"));
527 printf (" %s\n", "-o, --only-critical"); 578 printf(" %s\n", _("of upgrades will be printed, but any non-critical upgrades will not cause"));
528 printf (" %s\n", _("Only warn about upgrades matching the critical list. The total number")); 579 printf(" %s\n", _("the plugin to return WARNING status."));
529 printf (" %s\n", _("of upgrades will be printed, but any non-critical upgrades will not cause")); 580 printf(" %s\n", "-w, --packages-warning");
530 printf (" %s\n", _("the plugin to return WARNING status.")); 581 printf(" %s\n", _("Minimum number of packages available for upgrade to return WARNING status."));
531 printf (" %s\n", "-w, --packages-warning"); 582 printf(" %s\n\n", _("Default is 1 package."));
532 printf (" %s\n", _("Minimum number of packages available for upgrade to return WARNING status.")); 583
533 printf (" %s\n\n", _("Default is 1 package.")); 584 printf("%s\n\n", _("The following options require root privileges and should be used with care:"));
534 585 printf(" %s\n", "-u, --update=OPTS");
535 printf ("%s\n\n", _("The following options require root privileges and should be used with care:")); 586 printf(" %s\n", _("First perform an 'apt-get update'. An optional OPTS parameter overrides"));
536 printf (" %s\n", "-u, --update=OPTS"); 587 printf(" %s\n", _("the default options. Note: you may also need to adjust the global"));
537 printf (" %s\n", _("First perform an 'apt-get update'. An optional OPTS parameter overrides")); 588 printf(" %s\n", _("timeout (with -t) to prevent the plugin from timing out if apt-get"));
538 printf (" %s\n", _("the default options. Note: you may also need to adjust the global")); 589 printf(" %s\n", _("upgrade is expected to take longer than the default timeout."));
539 printf (" %s\n", _("timeout (with -t) to prevent the plugin from timing out if apt-get")); 590 printf(" %s\n", "-U, --upgrade=OPTS");
540 printf (" %s\n", _("upgrade is expected to take longer than the default timeout.")); 591 printf(" %s\n", _("Perform an upgrade. If an optional OPTS argument is provided,"));
541 printf (" %s\n", "-U, --upgrade=OPTS"); 592 printf(" %s\n", _("apt-get will be run with these command line options instead of the"));
542 printf (" %s\n", _("Perform an upgrade. If an optional OPTS argument is provided,")); 593 printf(" %s", _("default "));
543 printf (" %s\n", _("apt-get will be run with these command line options instead of the")); 594 printf("(%s).\n", UPGRADE_DEFAULT_OPTS);
544 printf (" %s", _("default ")); 595 printf(" %s\n", _("Note that you may be required to have root privileges if you do not use"));
545 printf ("(%s).\n", UPGRADE_DEFAULT_OPTS); 596 printf(" %s\n", _("the default options, which will only run a simulation and NOT perform the upgrade"));
546 printf (" %s\n", _("Note that you may be required to have root privileges if you do not use")); 597 printf(" %s\n", "-d, --dist-upgrade=OPTS");
547 printf (" %s\n", _("the default options, which will only run a simulation and NOT perform the upgrade")); 598 printf(" %s\n", _("Perform a dist-upgrade instead of normal upgrade. Like with -U OPTS"));
548 printf (" %s\n", "-d, --dist-upgrade=OPTS"); 599 printf(" %s\n", _("can be provided to override the default options."));
549 printf (" %s\n", _("Perform a dist-upgrade instead of normal upgrade. Like with -U OPTS")); 600
550 printf (" %s\n", _("can be provided to override the default options.")); 601 printf(UT_SUPPORT);
551
552 printf(UT_SUPPORT);
553} 602}
554 603
555
556/* simple usage heading */ 604/* simple usage heading */
557void 605void print_usage(void) {
558print_usage(void) 606 printf("%s\n", _("Usage:"));
559{ 607 printf("%s [[-d|-u|-U]opts] [-n] [-l] [-t timeout] [-w packages-warning]\n", progname);
560 printf ("%s\n", _("Usage:"));
561 printf ("%s [[-d|-u|-U]opts] [-n] [-l] [-t timeout] [-w packages-warning]\n", progname);
562} 608}