Loading
Use Nagios to Check Your Zypper
If you use Nagios to monitor your system and run openSUSE on a remote server the bash script presented here will check for online updates and is designed to be run by Nagios so that the result will appear on the Nagios service-detail page.
The script is pretty unsophisticated as it just parses the output from the zypper command. A more sophsiticated solution might interact directly with libzypp, the library that provides zypper with its functionality. Of course, that's not possible using bash. Based on a quick scan of the libzypp documentation it appears the only current option for doing that is C++.
A Nagios plugin script outputs information in two ways:
- It writes a short status message (one line of text) to the standard output which Nagios displays on the service-detail page.
- It sets its exit status to indicate to Nagios the status
of the service:
- 0 if the service status is "OK"
- 1 if the service status is "WARNING"
- 2 if the service status is "CRITICAL"
If you run zypper from the command line you will see output similar to the following:
$ sudo zypper list-updates * Reading repository 'openSUSE-10.3-Updates' cache * Reading repository 'Main Repository (OSS)' cache * Reading repository 'Main Repository (NON-OSS)' cache * Reading repository 'Packman Repository' cache * Reading installed packages [100%] Repository: | Name | Version | Category | Status ----------------------+------------------+---------+----------+------- openSUSE-10.3-Updates | dhcpcd | 5390-0 | optional | Needed openSUSE-10.3-Updates | openmotif22-libs | 4540-0 | optional | Needed openSUSE-10.3-Updates | ruby | 5483-0 | security | NeededThe script looks for the "----" line and then breaks the subsequent lines into fields, using the "|" as the separator character. Using this data it then builds the output text and sets the status. The status is set to 0 if there are no updates available, 1 if there are updates available, and 2 if any of the updates are security related.
Running zypper can take a while so you can run the script in test mode to get some immediate satisfaction. In test mode it contains some test zypper output which it parses:
$ env TEST=1 sh check_zypper 3 Updates needed: package-1(required/Needed), package-3(required/Needed), package-4(required/Needed) (1 Optional update) $ echo $? 1The output text is what Nagios would display on the service-detail page. Nagios will set the service status to "WARNING" since the script status on exit is 1 (meaning updates are availabe).
The script follows:
#!/bin/bash
max_packages=3
TEST=${TEST:-0}
VERBOSE=${VERBOSE:-0}
nl='
'
# Read list of packages that need updating according to zypper.
OIFS=$IFS
IFS=$nl
if [[ $TEST -eq 0 ]]; then
zypper_lines=($(/usr/bin/sudo /usr/bin/zypper list-updates 2>&1))
stat=$?
if [[ $stat -ne 0 ]]; then
echo "Zypper exited with code: $stat"
exit 1
fi
else
zypper_lines=(
"test line 1"
"test line 2"
"------------"
"Main Repository | package-1 | 50-0 | required | Needed"
"Main Repository | package-2 | 48-0 | optional | Needed"
"Test Repository | package-3 | 40-0 | required | Needed"
"Test Repository | package-4 | 40-0 | required | Needed"
)
fi
IFS=$OIFS
# Count the number of optional and non-optional packages.
npackages=0
noptional_packages=0
nsecurity_packages=0
in_packages=0
for ix in ${!zypper_lines[*]}
do
line=${zypper_lines[$ix]}
if [[ $VERBOSE -ne 0 ]]; then echo $line; fi
if [[ $in_packages -eq 0 ]]; then
if [[ $line =~ ^---- ]]; then in_packages=1; fi
else
IFS='|'
set -- $line
IFS=$OIFS
if [[ $# -eq 5 ]]; then
trepo=$(echo $1)
tpackage=$(echo $2)
tversion=$(echo $3)
tcategory=$(echo $4)
tstatus=$(echo $5)
if [[ "$tcategory" == 'optional' ]]; then
let noptional_packages++
else
repo[$npackages]=$trepo
package[$npackages]=$tpackage
version[$npackages]=$tversion
category[$npackages]=$tcategory
status[$npackages]=$tstatus
let npackages++
if [[ "$tcategory" == 'security' ]]; then let nsecurity_packages++; fi
fi
fi
fi
done
# Output summary.
if [[ $npackages -ne 1 ]]; then s1='s'; else s1='' ; fi
if [[ $noptional_packages -ne 1 ]]; then s2='s'; else s2='' ; fi
n=0
for ix in ${!package[*]}
do
t[$n]="${package[$ix]}(${category[$ix]}/${status[$ix]})"
let n++
if [[ ix -eq $max_packages ]]; then break; fi
done
if [[ ${#package[*]} -gt $max_packages ]]; then t[$n]="..."; fi
if [[ ${#t[*]} -gt 0 ]]; then
if [[ $npackages -gt 0 ]]; then
echo -n "$npackages Update$s1 needed: "
first=1
for ix in ${!t[*]}
do
if [[ $first -eq 1 ]]; then
echo -n ' '
first=0
else
echo -n ', '
fi
echo -n "${t[$ix]}"
done
if [[ $noptional_packages -gt 0 ]]; then
echo -n " ($noptional_packages Optional update$s2)"
fi
else
echo -n "$noptional_packages Optional update$s2"
fi
echo
stat=1
if [[ $nsecurity_packages -gt 0 ]]; then stat=2; fi
else
echo "OK, no package updates available"
stat=0
fi
exit $stat
There are a few things you need to do to integrate the script with Nagios. First setup sudo to allow the Nagios user to run zypper. Use visudo to add this to the sudoers file:
nagios ALL=(ALL) NOPASSWD:/usr/bin/zypperSecond, because running zypper takes a while you need to increase the service-run-time in the Nagios configuration file /etc/nagios/nagios.cfg:
service_check_timeout=600And lastly, of course, you need to setup Nagios to run the script:
define command{
command_name check-zypper
command_line /path/to/check_zypper
}
...
define service{
use generic-service
host_name localhost
service_description Updates
is_volatile 0
check_period 24x7
max_check_attempts 1
normal_check_interval 600
retry_check_interval 60
contact_groups admins
notifications_enabled 0
notification_options c
notification_interval 960
notification_period 24x7
check_command check-zypper
}
Among other things, this tells Nagios to run check_zypper
every 10 hours and if it fails, to retry in an hour.
p.s. Yeah, the title is pretty "cheap humor", but then again I'm not the one who decided to call my package manager zypper.
______________________
Mitch Frazier is an Associate Editor for Linux Journal.
- 100% disappointed with the decision to go all digital.
- Readers' Choice Awards 2011
- You Need A Budget
- Linux--The Internet Appliance?
- Validate an E-Mail Address with PHP, the Right Way
- Kernel Korner - I/O Schedulers
- The Linux powered LAN Gaming House
- RSS Feeds
- Why Python?
- Python Programming for Beginners
- Search
4 hours 47 min ago - Question
5 hours 11 min ago - for the record
5 hours 13 min ago - That's disappointing. Thanks
7 hours 36 min ago - Well spotted. I've corrected
9 hours 5 min ago - This is a great program. We
12 hours 5 min ago - No Air for Linux
13 hours 55 min ago - HEWLETT PACKARD created
14 hours 5 min ago - HEWLETT PACKARD created
14 hours 8 min ago - very helpful :)
14 hours 29 min ago
Comments
Complete nagios-plugins-zypper package already available
Hi
Just want to point you to http://en.opensuse.org/Nagios-plugins-zypper - the "server:monitoring" repository of the openSUSE Build Service always contains the latest version.
This plugin allows you a bit more configuration than your bash script and runs out of the box on all supported openSUSE distributions.
You can set the warning level via "patchlevel". Default is: security-patch: Critical; recommended-patch: Warning
It also checks for package updates from buildservice repositories and catches some possible traps (refresh needed, no online connection, ...).
The package integrates completely in a nagios installation - see the description on the page listed above.
With kind regards,
Lars
reduced timeout
to reduce the need for the increased timeout, use cron on the target machine(s) to output the 'zypper lu' to a file. this script can then use that file instead.
can you supply some usage instructions ?
eg : how does TEST and VERBOSE get specified to make 'TEST=${TEST:-0}' and 'VERBOSE=${VERBOSE:-0}' work ?
Test and Verbose
Those are meant for testing outside of nagios, rather than clutter it all up with command line argument processing those are just set from the environment. So, for example you could test via:
Mitch Frazier is an Associate Editor for Linux Journal.