From aca1e6a6cec40754c67d3cf229db2660c4685202 Mon Sep 17 00:00:00 2001 From: Thomas Guyot-Sionnest Date: Wed, 30 Apr 2008 12:50:52 +0000 Subject: Add socket support to check_mysql* Also clears the password from check_mysql command-line options git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1988 f882894a-f735-0410-b71e-b25c423dba1c --- NEWS | 2 ++ plugins/check_mysql.c | 47 ++++++++++++++++++++++++++++++--------------- plugins/check_mysql_query.c | 20 +++++++++++++------ plugins/t/check_mysql.t | 22 +++++++++++++++++++-- 4 files changed, 68 insertions(+), 23 deletions(-) diff --git a/NEWS b/NEWS index f77bfa05..a0624aa2 100644 --- a/NEWS +++ b/NEWS @@ -18,6 +18,8 @@ This file documents the major additions and syntax changes between releases. check_dig can now pass arguments dig by using -A/--dig-arguments (#1874041/#1889453) check_ntp and check_ntp_peer now show proper jitter/stratum thresholds longopts in --help check_dns now allow to repeat -a to match multiple possibly returned address (common with load balancers) + check_mysql now try clearing password in processlist just like check_mysql_query + check_mysql and check_mysql_query now support sockets explicitely (-s, --socket) 1.4.11 13th December 2007 Fixed check_http regression in 1.4.10 where following redirects to diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c index ea2e30d2..3d7426d8 100644 --- a/plugins/check_mysql.c +++ b/plugins/check_mysql.c @@ -50,6 +50,7 @@ const char *email = "nagiosplug-devel@lists.sourceforge.net"; char *db_user = NULL; char *db_host = NULL; +char *db_socket = NULL; char *db_pass = NULL; char *db = NULL; unsigned int db_port = MYSQL_PORT; @@ -90,7 +91,7 @@ main (int argc, char **argv) mysql_options(&mysql,MYSQL_READ_DEFAULT_GROUP,"client"); /* establish a connection to the server and error checking */ - if (!mysql_real_connect(&mysql,db_host,db_user,db_pass,db,db_port,NULL,0)) { + if (!mysql_real_connect(&mysql,db_host,db_user,db_pass,db,db_port,db_socket,0)) { if (mysql_errno (&mysql) == CR_UNKNOWN_HOST) die (STATE_WARNING, "%s\n", mysql_error (&mysql)); else if (mysql_errno (&mysql) == CR_VERSION_ERROR) @@ -243,6 +244,7 @@ process_arguments (int argc, char **argv) int option = 0; static struct option longopts[] = { {"hostname", required_argument, 0, 'H'}, + {"socket", required_argument, 0, 's'}, {"database", required_argument, 0, 'd'}, {"username", required_argument, 0, 'u'}, {"password", required_argument, 0, 'p'}, @@ -260,7 +262,7 @@ process_arguments (int argc, char **argv) return ERROR; while (1) { - c = getopt_long (argc, argv, "hvVSP:p:u:d:H:c:w:", longopts, &option); + c = getopt_long (argc, argv, "hvVSP:p:u:d:H:s:c:w:", longopts, &option); if (c == -1 || c == EOF) break; @@ -274,14 +276,23 @@ process_arguments (int argc, char **argv) usage2 (_("Invalid hostname/address"), optarg); } break; - case 'd': /* hostname */ + case 's': /* socket */ + db_socket = optarg; + break; + case 'd': /* database */ db = optarg; break; case 'u': /* username */ db_user = optarg; break; case 'p': /* authentication information: password */ - db_pass = optarg; + db_pass = strdup(optarg); + + /* Delete the password from process list */ + while (*optarg != '\0') { + *optarg = 'X'; + optarg++; + } break; case 'P': /* critical time threshold */ db_port = atoi (optarg); @@ -373,28 +384,33 @@ print_help (void) print_usage (); - printf (_(UT_HELP_VRSN)); + printf (_(UT_HELP_VRSN)); - printf (_(UT_HOST_PORT), 'P', myport); + printf (_(UT_HOST_PORT), 'P', myport); + printf (" %s\n", "-s, --socket=STRING"); + printf (" %s\n", _("Use the specified socket (has no effect if -H is used)")); - printf (" %s\n", "-d, --database=STRING"); + printf (" %s\n", "-d, --database=STRING"); printf (" %s\n", _("Check database with indicated name")); printf (" %s\n", "-u, --username=STRING"); printf (" %s\n", _("Connect using the indicated username")); printf (" %s\n", "-p, --password=STRING"); printf (" %s\n", _("Use the indicated password to authenticate the connection")); - printf (" %s\n", _("==> IMPORTANT: THIS FORM OF AUTHENTICATION IS NOT SECURE!!! <==")); - printf (" %s\n", _("Your clear-text password will be visible as a process table entry")); + printf (" ==> %s <==\n", _("IMPORTANT: THIS FORM OF AUTHENTICATION IS NOT SECURE!!!")); + printf (" %s\n", _("Your clear-text password could be visible as a process table entry")); printf (" %s\n", "-S, --check-slave"); printf (" %s\n", _("Check if the slave thread is running properly.")); printf (" %s\n", "-w, --warning"); - printf (" %s\n", _("Exit with WARNING status if slave server is more than INTEGER seconds behind master")); + printf (" %s\n", _("Exit with WARNING status if slave server is more than INTEGER seconds")); + printf (" %s\n", _("behind master")); printf (" %s\n", "-c, --critical"); - printf (" %s\n", _("Exit with CRITICAL status if slave server is more then INTEGER seconds behind master")); + printf (" %s\n", _("Exit with CRITICAL status if slave server is more then INTEGER seconds")); + printf (" %s\n", _("behind master")); - printf ("\n"); - printf (" %s\n", _("There are no required arguments. By default, the local database with")); - printf (_(" a server listening on MySQL standard port %d will be checked\n"), MYSQL_PORT); + printf ("\n"); + printf (" %s\n", _("There are no required arguments. By default, the local database is checked")); + printf (" %s\n", _("using the default unix socket. You can force TCP on localhost by using an")); + printf (" %s\n", _("IP address or FQDN ('localhost' will use the socket as well).")); printf (_(UT_SUPPORT)); } @@ -404,5 +420,6 @@ void print_usage (void) { printf (_("Usage:")); - printf ("%s [-d database] [-H host] [-P port] [-u user] [-p password] [-S]\n",progname); + printf (" %s [-d database] [-H host] [-P port] [-s socket]\n",progname); + printf (" [-u user] [-p password] [-S]\n"); } diff --git a/plugins/check_mysql_query.c b/plugins/check_mysql_query.c index 8c6a96c6..171fc69f 100644 --- a/plugins/check_mysql_query.c +++ b/plugins/check_mysql_query.c @@ -47,6 +47,7 @@ const char *email = "nagiosplug-devel@lists.sourceforge.net"; char *db_user = NULL; char *db_host = NULL; +char *db_socket = NULL; char *db_pass = NULL; char *db = NULL; unsigned int db_port = MYSQL_PORT; @@ -86,7 +87,7 @@ main (int argc, char **argv) mysql_options(&mysql,MYSQL_READ_DEFAULT_GROUP,"client"); /* establish a connection to the server and error checking */ - if (!mysql_real_connect(&mysql,db_host,db_user,db_pass,db,db_port,NULL,0)) { + if (!mysql_real_connect(&mysql,db_host,db_user,db_pass,db,db_port,db_socket,0)) { if (mysql_errno (&mysql) == CR_UNKNOWN_HOST) die (STATE_WARNING, "QUERY %s: %s\n", _("WARNING"), mysql_error (&mysql)); else if (mysql_errno (&mysql) == CR_VERSION_ERROR) @@ -170,6 +171,7 @@ process_arguments (int argc, char **argv) int option = 0; static struct option longopts[] = { {"hostname", required_argument, 0, 'H'}, + {"socket", required_argument, 0, 's'}, {"database", required_argument, 0, 'd'}, {"username", required_argument, 0, 'u'}, {"password", required_argument, 0, 'p'}, @@ -187,7 +189,7 @@ process_arguments (int argc, char **argv) return ERROR; while (1) { - c = getopt_long (argc, argv, "hvVSP:p:u:d:H:q:w:c:", longopts, &option); + c = getopt_long (argc, argv, "hvVSP:p:u:d:H:s:q:w:c:", longopts, &option); if (c == -1 || c == EOF) break; @@ -201,14 +203,17 @@ process_arguments (int argc, char **argv) usage2 (_("Invalid hostname/address"), optarg); } break; - case 'd': /* hostname */ + case 's': /* socket */ + db_socket = optarg; + break; + case 'd': /* database */ db = optarg; break; case 'u': /* username */ db_user = optarg; break; case 'p': /* authentication information: password */ - asprintf(&db_pass, "%s", optarg); + db_pass = strdup(optarg); /* Delete the password from process list */ while (*optarg != '\0') { @@ -293,6 +298,8 @@ print_help (void) printf (" %s\n", _("SQL query to run. Only first column in first row will be read")); printf (_(UT_WARN_CRIT_RANGE)); printf (_(UT_HOST_PORT), 'P', myport); + printf (" %s\n", "-s, --socket=STRING"); + printf (" %s\n", _("Use the specified socket (has no effect if -H is used)")); printf (" -d, --database=STRING\n"); printf (" %s\n", _("Database to check")); printf (" -u, --username=STRING\n"); @@ -300,6 +307,7 @@ print_help (void) printf (" -p, --password=STRING\n"); printf (" %s\n", _("Password to login with")); printf (" ==> %s <==\n", _("IMPORTANT: THIS FORM OF AUTHENTICATION IS NOT SECURE!!!")); + printf (" %s\n", _("Your clear-text password could be visible as a process table entry")); printf ("\n"); printf (" %s\n", _("A query is required. The result from the query should be numeric.")); @@ -313,6 +321,6 @@ void print_usage (void) { printf (_("Usage:")); - printf ("%s -q SQL_query [-w warn] [-c crit]\n",progname); - printf ("[-d database] [-H host] [-P port] [-u user] [-p password]\n"); + printf (" %s -q SQL_query [-w warn] [-c crit] [-H host] [-P port] [-s socket]\n",progname); + printf (" [-d database] [-u user] [-p password]\n"); } diff --git a/plugins/t/check_mysql.t b/plugins/t/check_mysql.t index 852926a7..e8bccf1c 100644 --- a/plugins/t/check_mysql.t +++ b/plugins/t/check_mysql.t @@ -19,12 +19,16 @@ use vars qw($tests); plan skip_all => "check_mysql not compiled" unless (-x "check_mysql"); -plan tests => 10; +plan tests => 15; my $bad_login_output = '/Access denied for user /'; my $mysqlserver = getTestParameter( "NP_MYSQL_SERVER", - "A MySQL Server with no slaves setup" + "A MySQL Server hostname or IP with no slaves setup" + ); +my $mysqlsocket = getTestParameter( + "NP_MYSQL_SOCKET", + "A MySQL Server socket with no slaves setup" ); my $mysql_login_details = getTestParameter( "MYSQL_LOGIN_DETAILS", @@ -57,6 +61,20 @@ SKIP: { like( $result->output, "/No slaves defined/", "Correct error message"); } +SKIP: { + skip "No mysql socket defined", 5 unless $mysqlsocket; + $result = NPTest->testCmd("./check_mysql -s $mysqlsocket $mysql_login_details"); + cmp_ok( $result->return_code, '==', 0, "Login okay"); + + $result = NPTest->testCmd("./check_mysql -s $mysqlsocket -u dummy -pdummy"); + cmp_ok( $result->return_code, '==', 2, "Login failure"); + like( $result->output, $bad_login_output, "Expected login failure message"); + + $result = NPTest->testCmd("./check_mysql -S -s $mysqlsocket $mysql_login_details"); + cmp_ok( $result->return_code, "==", 1, "No slaves defined" ); + like( $result->output, "/No slaves defined/", "Correct error message"); +} + SKIP: { skip "No mysql server with slaves defined", 5 unless $with_slave; $result = NPTest->testCmd("./check_mysql -H $with_slave $with_slave_login"); -- cgit v1.2.3-74-g34f1