bkctld-check-canary: new subcommand to check canary files and content
This commit is contained in:
parent
2b83cd71bc
commit
8ee2aa3b51
|
@ -8,6 +8,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|||
|
||||
### Added
|
||||
|
||||
* check-canary: new subcommand to check canary files and content
|
||||
|
||||
### Changed
|
||||
|
||||
### Deprecated
|
||||
|
|
|
@ -67,7 +67,7 @@ done
|
|||
|
||||
subcommand="${1:-}"
|
||||
case "${subcommand}" in
|
||||
"inc" | "rm" | "check-jails" | "check-setup" | "stats" | "list")
|
||||
"inc" | "rm" | "check-jails" | "check-setup" | "check-canary" | "stats" | "list")
|
||||
"${LIBDIR}/bkctld-${subcommand}"
|
||||
;;
|
||||
"check")
|
||||
|
|
59
server/lib/bkctld-check-canary
Executable file
59
server/lib/bkctld-check-canary
Executable file
|
@ -0,0 +1,59 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# Description: check canary file
|
||||
# Usage: check-canary [<jailname>|all]
|
||||
#
|
||||
|
||||
# shellcheck source=./includes
|
||||
LIBDIR="$(dirname $0)" && . "${LIBDIR}/includes"
|
||||
|
||||
return=0
|
||||
nb_crit=0
|
||||
nb_warn=0
|
||||
nb_ok=0
|
||||
nb_unkn=0
|
||||
output=""
|
||||
|
||||
date=$(date +"%Y-%m-%d")
|
||||
|
||||
# Check each jail status
|
||||
|
||||
check_jail() {
|
||||
jail_name=$1
|
||||
|
||||
jail_path=$(jail_path "${jail_name}")
|
||||
canary_absolute_file="${jail_path}/var/backup/${CANARY_RELATIVE_FILE}"
|
||||
|
||||
if [ -f "${canary_absolute_file}" ]; then
|
||||
if grep --quiet --fixed-string "${date}" "${canary_absolute_file}"; then
|
||||
nb_ok=$((nb_ok + 1))
|
||||
output="${output}OK - ${jail_name} - entries found for ${date} in ${CANARY_RELATIVE_FILE} file\n"
|
||||
else
|
||||
nb_crit=$((nb_crit + 1))
|
||||
output="${output}CRITICAL - ${jail_name} - No entry for ${date} in ${CANARY_RELATIVE_FILE} file\n"
|
||||
[ "${return}" -le 2 ] && return=2
|
||||
fi
|
||||
else
|
||||
nb_crit=$((nb_crit + 1))
|
||||
output="${output}CRITICAL - ${jail_name} - missing ${CANARY_RELATIVE_FILE} file\n"
|
||||
[ "${return}" -le 2 ] && return=2
|
||||
fi
|
||||
}
|
||||
|
||||
for jail_name in $(jails_list); do
|
||||
check_jail "${jail_name}"
|
||||
done
|
||||
|
||||
[ "${return}" -ge 0 ] && header="OK"
|
||||
[ "${return}" -ge 1 ] && header="WARNING"
|
||||
[ "${return}" -ge 2 ] && header="CRITICAL"
|
||||
[ "${return}" -ge 3 ] && header="UNKNOWN"
|
||||
|
||||
printf "%s - %s UNK / %s CRIT / %s WARN / %s OK\n\n" "${header}" "${nb_unkn}" "${nb_crit}" "${nb_warn}" "${nb_ok}"
|
||||
|
||||
printf "${output}" | grep -E "^UNKNOWN"
|
||||
printf "${output}" | grep -E "^CRITICAL"
|
||||
printf "${output}" | grep -E "^WARNING"
|
||||
printf "${output}" | grep -E "^OK"
|
||||
|
||||
exit "${return}"
|
|
@ -20,6 +20,7 @@ LOCKDIR="${LOCKDIR:-/run/lock/bkctld}"
|
|||
ARCHIVESDIR="${ARCHIVESDIR:-${BACKUP_PARTITION}/archives}"
|
||||
INDEX_DIR="${INDEX_DIR:-${BACKUP_PARTITION}/index}"
|
||||
IDX_FILE="${IDX_FILE:-${INDEX_DIR}/bkctld-jails.idx}"
|
||||
CANARY_RELATIVE_FILE="${CANARY_RELATIVE_FILE:-/zzz_evobackup_canary}"
|
||||
SSHD_PID="${SSHD_PID:-/run/sshd.pid}"
|
||||
SSHD_CONFIG="${SSHD_CONFIG:-/etc/ssh/sshd_config}"
|
||||
AUTHORIZED_KEYS="${AUTHORIZED_KEYS:-/root/.ssh/authorized_keys}"
|
||||
|
@ -63,6 +64,13 @@ EOF
|
|||
printf "\n"
|
||||
}
|
||||
|
||||
is_quiet() {
|
||||
test ${QUIET} -eq 1
|
||||
}
|
||||
is_verbose() {
|
||||
test ${VERBOSE} -eq 1
|
||||
}
|
||||
|
||||
log_date() {
|
||||
echo "[$(date +"%Y-%m-%d %H:%M:%S")]"
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue