Create readme.md

:D

check_service.sh/check_service.sh

@@ -0,0 +1,349 @@
+#!/usr/bin/env bash
+set -o pipefail
+
+# Author: Jon Schipp
+# 2015-03-09 [Pascal Hegy] - Add sudo for linux
+# 2015-03-09 [Pascal Hegy] - Change USER variable to USERNAME to avoid the use and confusion with the USER env variable
+# 2017-08-30 [Roberto Leibman] - Reordered checks to make sure dead and inactive get checked first
+# 2018-04-25 [Robin Gierse] - Update check via systemctl for Linux with grep to produce better output for systemctl
+# 2019-03-15 [nem / liberodark] - Add support for check all failed services in linux
+
+########
+# Examples:
+
+# 1.) List services for osx
+# $ ./check_service.sh -l -o osx
+#
+# 2.) Check status of SSH service on a linux machine
+# $ ./check_service.sh -o linux -s sshd
+
+# 3.) Manually select service management tool and service
+# $ ./check_service.sh -o linux -t "service rsyslog status"
+# Exemple for check all failed services
+# $ ./check_service.sh -o linux -t "systemctl list-units --state=failed"
+
+# Nagios Exit Codes
+OK=0
+WARNING=1
+CRITICAL=2
+UNKNOWN=3
+
+# Weather or not we can trust the exit code from the service management tool.
+# Defaults to 0, put to 1 for systemd.  Otherwise we must rely on parsing the
+# output from the service management tool.
+TRUST_EXIT_CODE=0
+
+usage()
+{
+cat <<EOF
+
+Check status of system services for Linux, FreeBSD, OSX, and AIX.
+
+     Options:
+        -s <service>    Specify service name
+        -l              List services
+        -o <os>         OS type, "linux/osx/freebsd/aix"
+        -u <user>       User if you need to ``sudo -u'' for launchctl (def: nagios, linux and osx only)
+        -t <tool>       Manually specify service management tool (def: autodetect) with status and service
+                        e.g. ``-t "service nagios status"''
+
+
+EOF
+}
+
+argcheck() {
+# if less than n argument
+if [ $ARGC -lt $1 ]; then
+        echo "Missing arguments! Use \`\`-h'' for help."
+        exit 1
+fi
+}
+
+os_check() {
+if [ "$OS" == null ]; then
+	unamestr=$(uname)
+        if [[ $unamestr == 'Linux' ]]; then
+                OS='linux'
+        elif [[ $unamestr == 'FreeBSD' ]]; then
+               OS='freebsd'
+        elif [[ $unamestr == 'Darwin' ]]; then
+               OS='osx'	       
+        else
+                echo "OS not recognized, Use \`-o\` and specify the OS as an argument"
+                exit 3
+        fi
+fi
+}
+
+
+
+determine_service_tool() {
+if [[ $OS == linux ]]; then
+        if command -v systemctl >/dev/null 2>&1; then
+                SERVICETOOL="systemctl status $SERVICE | grep -i Active"
+                LISTTOOL="systemctl"
+                if [ $USERNAME ]; then
+                    SERVICETOOL="sudo -u $USERNAME systemctl status $SERVICE"
+                    LISTTOOL="sudo -u $USERNAME systemctl"
+                fi
+		TRUST_EXIT_CODE=1
+        elif command -v service >/dev/null 2>&1; then
+                SERVICETOOL="service $SERVICE status"
+                LISTTOOL="service --status-all"
+                if [ $USERNAME ]; then
+                    SERVICETOOL="sudo -u $USERNAME service $SERVICE status"
+                    LISTTOOL="sudo -u $USERNAME service --status-all"
+                fi
+        elif command -v initctl >/dev/null 2>&1; then
+                SERVICETOOL="status $SERVICE"
+                LISTTOOL="initctl list"
+                if [ $USERNAME ]; then
+                    SERVICETOOL="sudo -u $USERNAME status $SERVICE"
+                    LISTTOOL="sudo -u $USERNAME initctl list"
+                fi
+        elif command -v chkconfig >/dev/null 2>&1; then
+                SERVICETOOL=chkconfig
+                LISTTOOL="chkconfig --list"
+                if [ $USERNAME ]; then
+                    SERVICETOOL="sudo -u $USERNAME chkconfig"
+                    LISTTOOL="sudo -u $USERNAME chkconfig --list"
+                fi
+        elif [ -f /etc/init.d/$SERVICE ] || [ -d /etc/init.d ]; then
+                SERVICETOOL="/etc/init.d/$SERVICE status | tail -1"
+                LISTTOOL="ls -1 /etc/init.d/"
+                if [ $USERNAME ]; then
+                    SERVICETOOL="sudo -u $USERNAME /etc/init.d/$SERVICE status | tail -1"
+                    LISTTOOL="sudo -u $USERNAME ls -1 /etc/init.d/"
+                fi
+        else
+                echo "Unable to determine the system's service tool!"
+                exit 1
+        fi
+fi
+
+if [[ $OS == freebsd ]]; then
+        if command -v service >/dev/null 2>&1; then
+                SERVICETOOL="service $SERVICE status"
+                LISTTOOL="service -l"
+        elif [ -f /etc/rc.d/$SERVICE ] || [ -d /etc/rc.d ]; then
+                SERVICETOOL="/etc/rc.d/$SERVICE status"
+                LISTTOOL="ls -1 /etc/rc.d/"
+        else
+                echo "Unable to determine the system's service tool!"
+                exit 1
+        fi
+fi
+
+if [[ $OS == osx ]]; then
+        if [ -f /usr/sbin/serveradmin >/dev/null 2>&1 ] && serveradmin list | grep "$SERVICE" 2>&1 >/dev/null; then
+                SERVICETOOL="serveradmin status $SERVICE"
+                LISTTOOL="serveradmin list"
+        elif [ -f /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin >/dev/null 2>&1 ] && \
+               /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin list | \
+                grep "$SERVICE" 2>&1 >/dev/null; then
+                SERVICETOOL="/Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin status $SERVICE"
+                LISTTOOL="/Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin list"
+        elif command -v launchctl >/dev/null 2>&1; then
+                SERVICETOOL="launchctl list | grep -v ^- | grep $SERVICE || echo $SERVICE not running! "
+                LISTTOOL="launchctl list"
+                if [ $USERNAME ]; then
+                        SERVICETOOL="sudo -u $USERNAME launchctl list | grep -v ^- | grep $SERVICE || echo $SERVICE not running! "
+                        LISTTOOL="sudo -u $USERNAME launchctl list"
+                fi
+        elif command -v service >/dev/null 2>&1; then
+                SERVICETOOL="service --test-if-configured-on $SERVICE"
+                LISTTOOL="service list"
+        else
+                echo "Unable to determine the system's service tool!"
+                exit 1
+        fi
+fi
+
+if [[ $OS == aix ]]; then
+        if command -v lssrc >/dev/null 2>&1; then
+                SERVICETOOL="lssrc -s $SERVICE | grep -v Subsystem"
+                LISTTOOL="lssrc -a"
+        else
+                echo "Unable to determine the system's service tool!"
+                exit 1
+        fi
+fi
+}
+
+ARGC=$#
+LIST=0
+MANUAL=0
+OS=null
+SERVICETOOL=null
+LISTTOOL=null
+SERVICE=".*"
+#USERNAME=nagios
+
+argcheck 1
+
+while getopts "hls:o:t:u:" OPTION
+do
+     case $OPTION in
+         h)
+             usage
+             exit 0
+             ;;
+         l)
+             LIST=1
+             ;;
+         s)
+             SERVICE="$OPTARG"
+             ;;
+         o)
+             if [[ "$OPTARG" == linux ]]; then
+                     OS="$OPTARG"
+             elif [[ "$OPTARG" == osx ]]; then
+                     OS="$OPTARG"
+             elif [[ "$OPTARG" == freebsd ]]; then
+                     OS="$OPTARG"
+             elif [[ "$OPTARG" == aix ]]; then
+                     OS="$OPTARG"
+             else
+                     echo "Unknown type!"
+                     exit 1
+             fi
+             ;;
+         t)
+             MANUAL=1
+             MANUALSERVICETOOL="$OPTARG"
+             ;;
+         u)
+             USERNAME="$OPTARG"
+             ;;
+         \?)
+             exit 1
+             ;;
+     esac
+done
+
+os_check
+
+if [ $MANUAL -eq 1 ]; then
+SERVICETOOL=$MANUALSERVICETOOL
+else
+determine_service_tool
+fi
+
+# -l conflicts with -t                                                                                                                                                   
+if [ $MANUAL -eq 1 ] && [ $LIST -eq 1 ]; then
+    echo "Options conflict: \`\`-t'' and \`\`-l''"
+    exit 2
+fi
+
+if [ $LIST -eq 1 ]; then
+        if [[ $LISTTOOL != null ]]; then
+                $LISTTOOL
+                exit 0
+        else
+                echo "OS not specified! Use \`\`-o''"
+                exit 2
+        fi
+fi
+
+# Check the status of a service
+STATUS_MSG=$(eval "$SERVICETOOL" 2>&1)
+EXIT_CODE=$?
+
+## Exit code from the service tool - if it's non-zero, we should
+## probably return CRITICAL.  (though, in some cases UNKNOWN would
+## probably be more appropriate)
+[ $EXIT_CODE -ne 0 ] && echo "$STATUS_MSG" && exit $CRITICAL
+
+## For systemd and most systems, $EXIT_CODE can be trusted - if it's 0, the service is running.
+## Ref https://github.com/jonschipp/nagios-plugins/issues/15
+[ $TRUST_EXIT_CODE -eq 1 ] && [ $EXIT_CODE -eq 0 ] && echo "$STATUS_MSG" && exit $OK 
+
+case $STATUS_MSG in
+
+*stop*)
+        echo "$STATUS_MSG"
+        exit $CRITICAL
+        ;;
+*STOPPED*)
+        echo "$STATUS_MSG"
+        exit $CRITICAL
+        ;;
+*not*running*)
+        echo "$STATUS_MSG"
+        exit $CRITICAL
+        ;;
+*NOT*running*)
+        echo "$STATUS_MSG"
+        exit $CRITICAL
+        ;;
+*NOT*RUNNING*)
+        echo "$STATUS_MSG"
+        exit $CRITICAL
+        ;;
+#*inactive*)
+#        echo "$STATUS_MSG"
+#        exit $CRITICAL
+#        ;;
+*dead*)
+        echo "$STATUS_MSG"
+        exit $CRITICAL
+        ;;
+*running*)
+        echo "$STATUS_MSG"
+        exit $OK
+        ;;
+*RUNNING*)
+        echo "$STATUS_MSG"
+        exit $OK
+        ;;
+*SUCCESS*)
+        echo "$STATUS_MSG"
+        exit $OK
+        ;;
+*[eE]rr*)
+        echo "Error in command: $STATUS_MSG"
+        exit $CRITICAL
+        ;;
+*[fF]ailed*)
+        echo "$STATUS_MSG"
+        exit $CRITICAL
+        ;;
+*[eE]nable*)
+        echo "$STATUS_MSG"
+        exit $OK
+        ;;
+*[dD]isable*)
+        echo "$STATUS_MSG"
+        exit $CRITICAL
+        ;;
+*[cC]annot*)
+        echo "$STATUS_MSG"
+        exit $CRITICAL
+        ;;
+*[aA]ctive*)
+        echo "$STATUS_MSG"
+        exit $OK
+        ;;
+*Subsystem*not*on*file)
+        echo "$STATUS_MSG"
+        exit $CRITICAL
+        ;;
+[1-9][1-9]*)
+        echo "$SERVICE running: $STATUS_MSG"
+        exit $OK
+        ;;
+"")
+	echo "$SERVICE is not running: no output from service command"
+	exit $CRITICAL
+	;;
+*)
+        echo "Unknown status: $STATUS_MSG"
+        echo "Is there a typo in the command or service configuration?: $STATUS_MSG"
+        exit $UNKNOWN
+        ;;
+*0\ loaded*)
+        echo "$STATUS_MSG"
+        exit $OK
+        ;;
+esac
+

check_service.sh/nagios-plugins-check_service.spec

@@ -0,0 +1,48 @@
+%define debug_package %{nil}
+
+Summary:	A Nagios plugin to check services on Linux servers
+Name:		nagios-plugins-check_service
+Version:	0
+Release:	1%{?dist}
+License:	GPLv2+
+Group:		Applications/System
+URL:		https://github.com/jonschipp/nagios-plugins/blob/master/check_service.sh
+Source0:	http://opensource.ok.is/trac/browser/nagios-plugins/check_service/releases/nagios-plugins-check_service-%{version}.tar.gz
+Requires:	nrpe
+BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Packager:	Gardar Thorsteinsson <gardar@ok.is>
+BuildArch:	noarch
+
+%description
+Check status of system services for Linux, FreeBSD, OSX, and AIX.
+
+%prep
+%setup -q
+perl -pi -e "s|/usr/lib/|%{_libdir}/|g" nrpe.d/check_service.cfg
+perl -pi -e "s|/usr/lib64/|%{_libdir}/|g" nrpe.d/check_service.cfg
+
+%build
+
+
+%install
+rm -rf %{buildroot}
+install -D -p -m 0755 check_service.sh %{buildroot}%{_libdir}/nagios/plugins/check_service.sh
+install -D -p -m 0755 nrpe.d/check_service.cfg %{buildroot}/etc/nrpe.d/check_service.cfg
+
+%clean
+rm -rf %{buildroot}
+
+%post
+/sbin/service nrpe reload
+
+%files
+%defattr(-,root,root,-)
+#%doc README LICENSE
+%{_libdir}/nagios/plugins/*
+/etc/nrpe.d/check_service.cfg
+
+
+%changelog
+* Tue Apr 21 2020  <gardar@ok.is> 0.1-1
+- Initial packaging
+

check_service.sh/nrpe.d/check_service.cfg

@@ -0,0 +1 @@
+command[check_service]=/usr/lib/nagios/plugins/check_service.sh

check_snmp/check_snmp_cpfw.pl

@@ -5,6 +5,9 @@
 # Author  : Patrick Proy (patrick at proy.org)
 # Help : http://nagios.manubulon.com
 # Licence : GPL - http://www.fsf.org/licenses/gpl.txt
+# Patch 1.2.1c
+# Author : monitoreo.osi@uchile.cl
+# Desc:  warn/crit threshold to conns/seg check
 # TODO : 
 # - check sync method
 #################################################################
@@ -19,6 +22,7 @@ use Getopt::Long;
 # Nagios specific
 
 use lib "/usr/local/nagios/libexec";
+#use lib "/usr/lib/nagios/plugins"; # use in ubugtu
 use utils qw(%ERRORS $TIMEOUT);
 #my $TIMEOUT = 15;
 #my %ERRORS=('OK'=>0,'WARNING'=>1,'CRITICAL'=>2,'UNKNOWN'=>3,'DEPENDENT'=>4);
@@ -26,11 +30,12 @@ use utils qw(%ERRORS $TIMEOUT);
 ########### SNMP Datas ########### 
 
 ###### FW data
-my $policy_state	= "1.3.6.1.4.1.2620.1.1.1.0"; # "Installed"
+my $policy_state     = "1.3.6.1.4.1.2620.1.1.1.0";        # Installed
 my $policy_name      = "1.3.6.1.4.1.2620.1.1.2.0";        # Installed policy name
-my $connections		= "1.3.6.1.4.1.2620.1.1.25.3.0"; # number of connections
+my $connections      = "1.3.6.1.4.1.2620.1.1.25.3.0";     # Number of connections
-#my $connections_peak	= "1.3.6.1.4.1.2620.1.1.25.4.0"; # peak number of connections
+my $connectionsSR    = "1.3.6.1.4.1.2620.1.1.26.11.6.0" ; # FwConnectionsStatConnectionRate aka connx/seg
-my @fw_checks 		= ($policy_state,$policy_name,$connections);
+my $connectionsPeak  = "1.3.6.1.4.1.2620.1.1.25.4.0";     # Peak number of connections
+my @fw_checks        = ($policy_state,$policy_name,$connections,$connectionsSR,$connectionsPeak);
 
 ###### SVN data
 my $svn_status    = "1.3.6.1.4.1.2620.1.6.102.0"; # "OK" svn status
@@ -42,8 +47,8 @@ my @svn_checks_oid	= ($svn_status);
 
 my $ha_active       = "1.3.6.1.4.1.2620.1.5.5.0";       # "yes"
 my $ha_state        = "1.3.6.1.4.1.2620.1.5.6.0";       # "active" / "standby"
-my $ha_block_state	= "1.3.6.1.4.1.2620.1.5.7.0"; 	#"OK" : ha blocking state
 my $ha_status       = "1.3.6.1.4.1.2620.1.5.102.0";     # "OK" : ha status
+my $ha_block_state  = "1.3.6.1.4.1.2620.1.5.7.0";       # "OK" : ha blocking state
 
 my %ha_checks       =( $ha_active,"yes",$ha_state,"active",$ha_block_state,"OK",$ha_status,"OK");
 my %ha_checks_stand =( $ha_active,"yes",$ha_state,"standby",$ha_block_state,"OK",$ha_status,"OK");
@@ -51,7 +56,6 @@ my %ha_checks_n		=( $ha_active,"HA active",$ha_state,"HA state",$ha_block_state,
 my @ha_checks_oid   =( $ha_active,$ha_state,$ha_block_state,$ha_status);
 
 my $ha_mode         = "1.3.6.1.4.1.2620.1.5.11.0";  # "Sync only"/"High Availability (Active Up)" : ha Working mode
-
 my $ha_tables       = "1.3.6.1.4.1.2620.1.5.13.1";  # ha status table
 my $ha_tables_index = ".1";
 my $ha_tables_name  = ".2";
@@ -73,7 +77,7 @@ my @mgmt_checks_oid	= ($mgmt_status,$mgmt_alive);
 
 #################################### Globals ##############################""
 
-my $Version='1.2.1';
+my $Version='1.2.1b';
 
 my $o_host =  undef;      # hostname
 my $o_community = undef;  # community
@@ -85,12 +89,15 @@ my $o_version=	undef;		# print version
 my $o_timeout=  5;        # Default 5s Timeout
 my $o_warn= undef;        # Warning for connections
 my $o_crit= undef;        # Crit for connections
+my $o_warnSR= undef;      # Warning for connectionsSR
+my $o_critSR= undef;      # Crit for connectionsSR
 my $o_svn=  undef;        # Check for SVN status
 my $o_fw= undef;          # Check for FW status
 my $o_ha= undef;          # Check for HA status
 my $o_mgmt= undef;        # Check for management status
 my $o_policy= undef;      # Check for policy name
 my $o_conn= undef;        # Check for connexions
+my $o_connSR= undef;      # Check for connexionsSR
 my $o_perf= undef;        # Performance data output 
 
 # SNMPv3 specific
@@ -106,7 +113,7 @@ my $o_privpass= undef;		# priv password
 sub p_version { print "check_snmp_cpfw version : $Version\n"; }
 
 sub print_usage {
-    print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) [-s] [-w [-p=pol_name] [-c=warn,crit]] [-m] [-a [standby] ] [-f] [-p <port>] [-t <timeout>] [-V]\n";
+    print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) [-s] [-w [-p=pol_name] [-c=warn,crit]] [-r=warn,crit]]  [-m] [-a [standby] ] [-f] [-p <port>] [-t <timeout>] [-V]\n";
 }
 
 sub isnnum { # Return true if arg is not a number
@@ -117,7 +124,7 @@ sub isnnum { # Return true if arg is not a number
 
 sub help {
    print "\nSNMP Checkpoint FW-1 Monitor for Nagios version ",$Version,"\n";
-   print "GPL Licence, (c)2004-2007 - Patrick Proy\n\n";
+   print "GPL Licence, (c)2004-2020 - Patrick Proy\n\n";
    print_usage();
    print <<EOT;
 -v, --verbose
@@ -157,6 +164,8 @@ sub help {
    SNMP port (Default 161)
 -t, --timeout=INTEGER
    timeout for SNMP (Default: Nagios default)   
+-r, --connexionsSR=WARN,CRIT
+   check warn and critical number of connexionsSR (must have -w)
 -V, --version
    prints version number
 EOT
@@ -186,6 +195,7 @@ sub check_options {
   'm' => \$o_mgmt,    'mgmt'    => \$o_mgmt,
   'p:s' => \$o_policy,    'policy:s'  => \$o_policy,
   'c:s' => \$o_conn,    'connexions:s'  => \$o_conn,
+  'r:s' => \$o_connSR,   'rate:s' => \$o_connSR,
   'f' => \$o_perf,    'perfparse' => \$o_perf
   );
     if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}};
@@ -218,6 +228,18 @@ sub check_options {
           if ($o_warn >= $o_crit)
            { print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}}
     }
+    if ( defined($o_connSR)) {
+      if ( ! defined($o_fw))
+        { print "Cannot check connexionsSR without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
+      my @warncritSR=split(/,/ , $o_connSR);
+      if ( $#warncritSR != 1 ) 
+        { print "Put warn,crit levels with -c option\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
+      ($o_warnSR,$o_critSR)=@warncritSR;
+      if ( isnnum($o_warnSR) || isnnum($o_critSR) )
+        { print "Numeric values for warning and critical in -r options\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
+          if ($o_warnSR >= $o_critSR)
+           { print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}}
+    }
     if ( defined($o_policy)) {
       if (! defined($o_fw))
         { print "Cannot check policy name without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
@@ -230,7 +252,6 @@ sub check_options {
       { print "Must select a product to check !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
     if (defined ($o_ha) && ($o_ha ne "") && ($o_ha ne "standby")) 
       { print "-a option comes with 'standby' or nothing !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
-	
 }
 
 ########## MAIN #######
@@ -380,6 +401,8 @@ if (defined ($o_mgmt)) {
 my $fw_state=0;
 my $fw_print="";
 my $perf_conn=undef;
+my $perf_connSR=undef;
+my $perf_connPeak=undef;
 
 if (defined ($o_fw)) {
 
@@ -392,6 +415,8 @@ if (defined ($o_fw)) {
     verb("State : $$resultat{$policy_state}");
     verb("Name : $$resultat{$policy_name}");
     verb("connections : $$resultat{$connections}");
+    verb("connectionsSR : $$resultat{$connectionsSR}");
+    verb("connectionsPeak : $$resultat{$connectionsPeak}");
 
     if ($$resultat{$policy_state} ne "Installed") {
       $fw_state=2;
@@ -417,6 +442,22 @@ if (defined ($o_fw)) {
           }
       }
       $perf_conn=$$resultat{$connections};
+      $perf_connSR=$$resultat{$connectionsSR};
+      $perf_connPeak=$$resultat{$connectionsPeak};
+    }
+    if (defined($o_connSR)) {
+      if ($$resultat{$connectionsSR} > $o_critSR) {
+        $fw_state=3;
+        $fw_print .= "Conn/seg  : ".$$resultat{$connectionsSR}." > ".$o_critSR." ";
+      } else {
+      if ($$resultat{$connectionsSR} > $o_warnSR) {
+        if ($fw_state!=3) {$fw_state=1;}
+          $fw_print .= "Conn/seg : ".$$resultat{$connectionsSR}." > ".$o_warnSR." ";    
+          }
+      }
+      $perf_conn=$$resultat{$connections};
+      $perf_connSR=$$resultat{$connectionsSR};
+      $perf_connPeak=$$resultat{$connectionsPeak};
     }
   } else {
     $fw_print .= "cannot find oids";
@@ -548,6 +589,8 @@ if (($ha_state_n+$svn_state+$fw_state+$mgmt_state) == 0 ) {
 
 if (defined($o_perf) && defined ($perf_conn)) {
   $f_print .= " | fw_connexions=" . $perf_conn;
+  $f_print .= " | fw_connexionsSR=" . $perf_connSR;
+  $f_print .= " | fw_connexionsPeak=" . $perf_connPeak;
 }
 
 print "$f_print\n";

check_xroad_token/check_xroad_token.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+xroad_list_tokens=$(signer-console list-tokens)
+
+if [[ $xroad_list_tokens == "Token: 0 (OK, writable, available, active)" ]]
+then
+        echo "OK - $xroad_list_tokens"
+        exit 0
+elif [[ $xroad_list_tokens != "Token: 0 (OK, writable, available, active)" ]]
+then
+        echo "Critical - $xroad_list_tokens"
+        exit 2
+else
+        echo "Unknown - $xroad_list_tokens"
+        exit 3
+fi

check_xroad_token/nagios-okplugin-check_xroad_token.spec

@@ -0,0 +1,52 @@
+%define debug_package %{nil}
+
+Summary:	A Nagios plugin to check status of XROAD soft-token
+Name:		nagios-okplugin-check_xroad_token
+Version:	1.2
+Release:	1%{?dist}
+License:	GPLv2+
+Group:		Applications/System
+URL:		https://github.com/opinkerfi/nagios-plugins/issues
+Source0:	http://opensource.ok.is/trac/browser/nagios-plugins/check_xroad_token/releases/nagios-okplugin-check_xroad_token-%{version}.tar.gz
+Requires:	nagios-nrpe
+Requires:	xroad-signer
+BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Packager:	Gardar Thorsteinsson <gardar@ok.is>
+
+
+%description
+A Nagios plugin to check status of XROAD soft-token
+
+
+%prep
+%setup -q
+#perl -pi -e "s|/usr/lib64|%{_libdir}|g" nrpe.d/check_xroad_token.cfg
+
+%build
+
+
+%install
+rm -rf %{buildroot}
+install -D -p -m 0755 check_xroad_token.sh %{buildroot}%{_libdir}/nagios/plugins/check_xroad_token.sh
+install -D -p -m 0755 nrpe.d/check_xroad_token.cfg %{buildroot}/etc/nrpe.d/check_xroad_token.cfg
+install -D -p -m 0644 sudoers.d/check_xroad_token %{buildroot}/etc/sudoers.d/check_xroad_token
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+#%doc README LICENSE
+%{_libdir}/nagios/plugins/*
+/etc/nrpe.d/check_xroad_token.cfg
+/etc/sudoers.d/check_xroad_token
+
+%post
+restorecon -v %{_libdir}/nagios/plugins/check_xroad_token.sh /etc/nrpe.d/check_xroad_token.cfg /etc/sudoers.d/check_xroad_token
+
+%changelog
+* Mon Sep 14 2020 Your Name <you@example.com> 1.2-1
+- new package built with tito
+
+* Fri Sep 11 2020  Gardar Thorsteinsson <gardart@gmail.com> 1.0.1-1
+- Initial packaging

check_xroad_token/nrpe.d/check_xroad_token.cfg

@@ -0,0 +1,2 @@
+# xroad plugin to check for tokens
+command[check_xroad_token]=sudo -u xroad /usr/lib64/nagios/plugins/check_xroad_token.sh

check_xroad_token/readme.md

@@ -0,0 +1,9 @@
+# Required steps to use this check
+
+```shell
+# On RHEL/Centos
+sudo semanage permissive -a nrpe_t
+sudo setsebool -P nagios_run_sudo 1
+sudo yum install nagios-okplugin-check_xroad_token -y
+sudo systemctl restart nrpe
+```

check_xroad_token/sudoers.d/check_xroad_token

@@ -0,0 +1,2 @@
+Defaults:nrpe   !requiretty
+nrpe            ALL = (xroad) NOPASSWD: /usr/bin/signer-console list-tokens, /usr/lib64/nagios/plugins/check_xroad_token.sh

check_yum/check_yum

@@ -1,24 +1,29 @@
-#!/usr/bin/python
+#!/usr/bin/env python
-# coding=utf-8
+#
+#  Author: Hari Sekhon
+#  Date: 2008-04-29 17:21:08 +0100 (Tue, 29 Apr 2008)
+#
+#  https://github.com/harisekhon/nagios-plugins
+#
+#  License: see accompanying LICENSE file
+#
 
-"""Nagios plugin to check the YUM package management system for package updates.
+"""
-   Can optionally alert on any available updates as well as just
+Nagios plugin to test for Yum updates on RedHat / CentOS Linux.
-   security related updates"""
 
-__title__   = "check_yum"
+Can optionally alert on any available updates as well as just security related updates
-__version__ = "0.8.0"
 
-# Standard Nagios return codes
+See also: check_yum.pl (also part of the Advanced Nagios Plugins Collection)
-OK       = 0
+
-WARNING  = 1
+Tested on CentOS 5 / 6 / 7
-CRITICAL = 2
+"""
-UNKNOWN  = 3
 
 import os
 import re
 import sys
 import signal
 OLD_PYTHON = False
+# pylint: disable=wrong-import-position
 try:
     from subprocess import Popen, PIPE, STDOUT
 except ImportError:
@@ -26,28 +31,41 @@ except ImportError:
     import commands
 from optparse import OptionParser
 
+__author__ = "Hari Sekhon"
+__title__ = "Nagios Plugin for Yum updates on RedHat/CentOS systems"
+__version__ = "0.8.9"
+
+# Standard Nagios return codes
+OK = 0
+WARNING = 1
+CRITICAL = 2
+UNKNOWN = 3
+
 DEFAULT_TIMEOUT = 30
 
+support_msg = "Please make sure you have upgraded to the latest version from " + \
+              "https://github.com/harisekhon/nagios-plugins. If the problem persists, " + \
+              "please raise a ticket at https://github.com/harisekhon/nagios-plugins/issues "+ \
+              "with the full -vvv output"
 
-def end(status, message, perfdata=''):
+def end(status, message):
     """Exits the plugin with first arg as the return code and the second
     arg as the message to output"""
 
     check = "YUM "
     if status == OK:
-        print "%sOK: %s | %s" % (check, message, perfdata)
+        print "%sOK: %s" % (check, message)
         sys.exit(OK)
     elif status == WARNING:
-        print "%sWARNING: %s | %s" % (check, message, perfdata)
+        print "%sWARNING: %s" % (check, message)
         sys.exit(WARNING)
     elif status == CRITICAL:
-        print "%sCRITICAL: %s | %s" % (check, message, perfdata)
+        print "%sCRITICAL: %s" % (check, message)
         sys.exit(CRITICAL)
     else:
         print "UNKNOWN: %s" % message
         sys.exit(UNKNOWN)
 
-
 YUM = "/usr/bin/yum"
 
 def check_yum_usable():
@@ -62,7 +80,7 @@ def check_yum_usable():
         end(UNKNOWN, "%s is not executable" % YUM)
 
 
-class YumTester:
+class YumTester(object):
     """Class to hold all portage test functions and state"""
 
     def __init__(self):
@@ -73,6 +91,8 @@ class YumTester:
         self.no_warn_on_lock = False
         self.enable_repo = ""
         self.disable_repo = ""
+        self.disable_plugin = ""
+        self.yum_config = ""
         self.timeout = DEFAULT_TIMEOUT
         self.verbosity = 0
         self.warn_on_any_update = False
@@ -81,7 +101,7 @@ class YumTester:
         """Validates all object variables to make sure the
         environment is sane"""
 
-        if self.timeout == None:
+        if self.timeout is None:
             self.timeout = DEFAULT_TIMEOUT
         try:
             self.timeout = int(self.timeout)
@@ -92,7 +112,7 @@ class YumTester:
         if self.timeout < 1 or self.timeout > 3600:
             end(UNKNOWN, "Timeout must be a number between 1 and 3600 seconds")
 
-        if self.verbosity == None:
+        if self.verbosity is None:
             self.verbosity = 0
         try:
             self.verbosity = int(self.verbosity)
@@ -107,7 +127,7 @@ class YumTester:
         """runs a system command and returns
         an array of lines of the output"""
 
-        if cmd == "" or cmd == None:
+        if not cmd:
             end(UNKNOWN, "Internal python error - " \
                        + "no cmd supplied for run function")
 
@@ -121,20 +141,29 @@ class YumTester:
             for repo in self.disable_repo.split(","):
                 cmd += " --disablerepo=%s" % repo
 
+        if self.disable_plugin:
+            # --disableplugin can take a comma separated list directly
+            #for plugin in self.disable_plugin.split(","):
+                #cmd += " --disableplugin=%s" % plugin
+            cmd += " --disableplugin=%s" % self.disable_plugin
+
+        if self.yum_config:
+            for repo in self.yum_config.split(","):
+                cmd += " --config=%s" % repo
+
         self.vprint(3, "running command: %s" % cmd)
 
         if OLD_PYTHON:
             self.vprint(3, "subprocess not available, probably old python " \
                          + "version, using shell instead")
+            os.environ['LANG'] = "en_US"
             returncode, stdout = commands.getstatusoutput(cmd)
             if returncode >= 256:
                 returncode = returncode / 256
         else:
             try:
-                process = Popen( cmd.split(), 
+                env = {'LANG': 'en_US'}
-                                 stdin=PIPE, 
+                process = Popen(cmd.split(), stdin=PIPE, stdout=PIPE, stderr=STDOUT, env=env)
-                                 stdout=PIPE, 
-                                 stderr=STDOUT )
             except OSError, error:
                 error = str(error)
                 if error == "No such file or directory":
@@ -143,10 +172,12 @@ class YumTester:
                                                   % (cmd.split()[0], error))
 
             output = process.communicate()
+            # for using debug outputs, either do not comment above line or explicitly set exit code below
+            #output = [open(os.path.dirname(__file__) + '/test_input.txt').read(), '']
             returncode = process.returncode
             stdout = output[0]
 
-        if stdout == None or stdout == "":
+        if not stdout:
             end(UNKNOWN, "No output from utility '%s'" % cmd.split()[0])
 
         self.vprint(3, "Returncode: '%s'\nOutput: '%s'" \
@@ -159,18 +190,20 @@ class YumTester:
 
     def check_returncode(self, returncode, output):
         """Takes the returncode and output (as an array of lines)
-        of the YUM program execution and tests for failures, exits 
+        of the yum program execution and tests for failures, exits
         with an appropriate message if any are found"""
 
         if returncode == 0:
-            pass
+            for line in output:
+                if "You must run this command as root" in line:
+                    end(UNKNOWN, "You must run this plugin as root")
         elif returncode == 100:
             # Updates Available
             pass
         elif returncode == 200:
             if "lock" in output[-2] or "another copy is running" in output[-2]:
                 msg = "Cannot check for updates, " \
-                    + "another instance of YUM is running"
+                    + "another instance of yum is running"
                 if self.no_warn_on_lock:
                     end(OK, msg)
                 else:
@@ -179,10 +212,15 @@ class YumTester:
                 output = self.strip_output(output)
                 end(UNKNOWN, "%s" % output)
         else:
-            if not 'Loading "security" plugin' in output \
+            if 'No more mirrors to try' in output:
+                end(UNKNOWN, 'connectivity issue to repos: \'No more mirrors to try\'. ' + \
+                             'You could also try running --cache-only and ' + \
+                             'scheduling a separate \'yum makecache\' via cron or similar')
+            elif (not ('Loading "security" plugin' in output or 'Loaded plugins:.*security' in output)) \
                or "Command line error: no such option: --security" in output:
-                end(UNKNOWN, "Security plugin for YUM is required. Try to "    \
+                end(UNKNOWN, "Security plugin for yum is required. Try to "    \
-                           + "'yum install yum-security' and then re-run "     \
+                           + "'yum install yum-security' (RHEL5) or " \
+                           + "'yum install yum-plugin-security' (RHEL6) and then re-run " \
                            + "this plugin. Alternatively, to just alert on "   \
                            + "any update which does not require the security " \
                            + "plugin, try --all-updates")
@@ -252,25 +290,27 @@ class YumTester:
 
         output = self.run(cmd)
 
-        output2 = "\n".join(output).split("\n\n")
+        output2 = [_ for _ in "\n".join(output).split("\n\n") if  _]
         if self.verbosity >= 4:
             for section in output2:
                 print "\nSection:\n%s\n" % section
         if len(output2) > 2 or \
            not ("Setting up repositories" in output2[0] or \
                 "Loaded plugins: " in output2[0] or \
-                 re.search('Loading\s+".+"\s+plugin', output2[0]) ):
+                re.search(r'Loading\s+".+"\s+plugin', output2[0])):
             end(WARNING, "Yum output signature does not match current known "  \
-                       + "format. Please make sure you have upgraded to the "  \
+                       + "format. " + support_msg)
-                       + "latest version of this plugin. If the problem "      \
+        number_packages = 0
-                       + "persists, please contact the author for a fix")
         if len(output2) == 1:
             # There are no updates but we have passed
             # the loading and setting up of repositories
-            number_packages = 0
+            pass
         else:
-            number_packages = len([x for x in output2[1].split("\n") \
+            for line in output2[1].split("\n"):
-                                                        if len(x.split()) > 1 ])
+                if len(line.split()) > 1 and \
+                   line[0:1] != " " and \
+                   "Obsoleting Packages" not in line:
+                    number_packages += 1
 
         try:
             number_packages = int(number_packages)
@@ -278,54 +318,44 @@ class YumTester:
                 raise ValueError
         except ValueError:
             end(UNKNOWN, "Error parsing package information, invalid package " \
-                       + "number, YUM output may have changed. Please make "   \
+                       + "number, yum output may have changed. " + support_msg)
-                       + "sure you have upgraded to the latest version of "    \
-                       + "this plugin. If the problem persists, then please "  \
-                       + "contact the author for a fix")
 
         # Extra layer of checks. This is a security plugin so it's preferable
         # to fail on error rather than pass silently leaving you with an
         # insecure system
         count = 0
+        re_kernel_security_update = re.compile('^Security: kernel-.+ is an installed security update')
+        re_kernel_update = re.compile('^Security: kernel-.+ is the currently running version')
         re_package_format = \
-                re.compile("^.+\.(i[3456]86|x86_64|noarch)\s+.+\s+.+$")
+                re.compile(r'^.+\.(i[3456]86|x86_64|noarch)\s+.+\s+.+$')
-        # This is to work around a YUM truncation issue effectively changing
+        # This is to work around a yum truncation issue effectively changing
         # the package output format. Currently only very long kmod lines
         # are seen to have caused this so we stick to what we know for safety
         # and raise an unknown error on anything else for maximum security
         #re_package_format_truncated = \
         #        re.compile("^[\w-]+-kmod-\d[\d\.-]+.*\s+.+\s+.+$")
+        obsoleting_packages = False
         for line in output:
+            if ' excluded ' in line:
+                continue
+            elif obsoleting_packages and line[0:1] == " ":
+                continue
+            elif "Obsoleting Packages" in line:
+                obsoleting_packages = True
+                continue
+            elif re_kernel_security_update.match(line):
+                end(WARNING, 'Kernel security update is installed but requires a reboot')
+            elif re_kernel_update.match(line):
+                continue
             if re_package_format.match(line):
                 count += 1
         if count != number_packages:
             end(UNKNOWN, "Error parsing package information, inconsistent "    \
-                       + "package count, yum output may have changed. Please " \
+                       + "package count (%d count vs %s num packages)" % (count, number_packages) \
-                       + "make sure you have upgraded to the latest version "  \
+                       + ", yum output may have changed. " + support_msg)
-                       + "of this plugin. If the problem persists, then "      \
-                       + "please contact the author for a fix")
 
-        return number_packages, "'updates'=%s" % (number_packages)
+        return number_packages
 
-    def get_security_updateinfo(self):
-        """Fetches errata numbers and package names"""
-
-        cmd = "%s list-security" % YUM
-
-        output = self.run(cmd)
-
-        errata = []
-
-        for line in output:
-	    try:
-                if line.split()[1] != "security" and line.split()[1][-4:] != "Sec.":
-                    continue
-            except:
-                continue
-	    (advisoryid, etype, package) = line.split()
-            errata.append( { "name": package, "advisory": advisoryid } )
-    
-        return errata
 
     def get_security_updates(self):
         """Gets all updates, but differentiates between
@@ -336,56 +366,52 @@ class YumTester:
 
         output = self.run(cmd)
 
-        re_security_summary_rhel5 = re.compile("Needed \d+ of \d+ packages, for security")
+        re_security_summary = \
-        re_security_summary_rhel6 = re.compile("\d+ package\(s\) needed for security, out of \d+ available")
+                re.compile(r'Needed (\d+) of (\d+) packages, for security')
-        re_no_security_updates_available_rhel5 = re.compile("No packages needed, for security, \d+ available")
+        re_summary_rhel6 = re.compile(r'(\d+) package\(s\) needed for security, out of (\d+) available')
-        re_no_security_updates_available_rhel6 = re.compile("No packages needed for security; \d+ packages available")
+        re_no_sec_updates = \
+                re.compile(r'No packages needed,? for security[;,] (\d+) (?:packages )?available')
+        re_kernel_update = re.compile(r'^Security: kernel-.+ is an installed security update')
         summary_line_found = False
         for line in output:
-            if re_no_security_updates_available_rhel5.match(line):
+            _ = re_summary_rhel6.match(line)
+            if _:
+                summary_line_found = True
+                number_security_updates = _.group(1)
+                number_total_updates = _.group(2)
+                break
+            _ = re_no_sec_updates.match(line)
+            if _:
                 summary_line_found = True
                 number_security_updates = 0
-                number_total_updates    = line.split()[5]
+                number_total_updates = _.group(1)
                 break
-            if re_no_security_updates_available_rhel6.match(line):
+            _ = re_security_summary.match(line)
+            if _:
                 summary_line_found = True
-                number_security_updates = 0
+                number_security_updates = _.group(1)
-                number_total_updates    = line.split()[5]
+                number_total_updates = _.group(2)
-                break
-            if re_security_summary_rhel5.match(line):
-                summary_line_found = True
-                number_security_updates = line.split()[1]
-                number_total_updates    = line.split()[3]
-                break
-            if re_security_summary_rhel6.match(line):
-                summary_line_found = True
-                number_security_updates = line.split()[0]
-                number_total_updates    = line.split()[7]
                 break
+            _ = re_kernel_update.match(line)
+            if _:
+                end(CRITICAL, "Kernel security update is installed but requires a reboot")
 
         if not summary_line_found:
-            end(WARNING, "Cannot find summary line in YUM output. Please "     \
+            end(WARNING, "Cannot find summary line in yum output. " + support_msg)
-                       + "make sure you have upgraded to the latest version "  \
-                       + "of this plugin. If the problem persists, please "    \
-                       + "contact the author for a fix")
 
         try:
             number_security_updates = int(number_security_updates)
             number_total_updates = int(number_total_updates)
         except ValueError:
-            end(WARNING, "Error parsing package information, YUM output " \
+            end(WARNING, "Error parsing package information, yum output " \
-                       + "may have changed. Please make sure you have "     \
+                       + "may have changed. " + support_msg)
-                       + "upgraded to the latest version of this plugin. "  \
-                       + "If the problem persists, the please contact the " \
-                       + "author for a fix")
 
         number_other_updates = number_total_updates - number_security_updates
 
-        if len(output) > number_total_updates + 25:
+        from_excluded_regex = re.compile(' from .+ excluded ')
+        if len([_ for _ in output if not from_excluded_regex.search(_)]) > number_total_updates + 25:
             end(WARNING, "Yum output signature is larger than current known "  \
-                       + "format, please make sure you have upgraded to the "  \
+                       + "format. " + support_msg)
-                       + "latest version of this plugin. If the problem "      \
-                       + "persists, please contact the author for a fix")
 
         return number_security_updates, number_other_updates
 
@@ -394,15 +420,14 @@ class YumTester:
         """Starts tests and controls logic flow"""
 
         check_yum_usable()
-        self.vprint(3, "%s - Version %s\n" \
+        self.vprint(3, "%s - Version %s\nAuthor: %s\n" \
-            % (__title__, __version__))
+            % (__title__, __version__, __author__))
 
         self.validate_all_variables()
         self.set_timeout()
 
         if self.all_updates:
             return self.test_all_updates()
-        else:
         return self.test_security_updates()
 
 
@@ -411,9 +436,9 @@ class YumTester:
         of the status code and output"""
 
         status = UNKNOWN
-        message = "code error - please contact author for a fix"
+        message = "code error. " + support_msg
 
-        number_updates, perfdata = self.get_all_updates()
+        number_updates = self.get_all_updates()
         if number_updates == 0:
             status = OK
             message = "0 Updates Available"
@@ -424,7 +449,9 @@ class YumTester:
             else:
                 message = "%s Updates Available" % number_updates
 
-        return status, message, perfdata
+        message += " | total_updates_available=%s" % number_updates
+
+        return status, message
 
 
     def test_security_updates(self):
@@ -432,12 +459,10 @@ class YumTester:
         of the status code and output"""
 
         status = UNKNOWN
-        message = "code error - please contact author for a fix"
+        message = "code error. " + support_msg
 
         number_security_updates, number_other_updates = \
                                                     self.get_security_updates()
-
-	perfdata = "'security_updates'=%s 'other_updates'=%s" % (number_security_updates, number_other_updates)
         if number_security_updates == 0:
             status = OK
             message = "0 Security Updates Available"
@@ -448,6 +473,7 @@ class YumTester:
             elif number_security_updates > 1:
                 message = "%s Security Updates Available" \
                                                     % number_security_updates
+
         if number_other_updates != 0:
             if self.warn_on_any_update and status != CRITICAL:
                 status = WARNING
@@ -456,13 +482,10 @@ class YumTester:
             else:
                 message += ". %s Non-Security Updates Available" \
                                                         % number_other_updates
+        message += " | security_updates_available=%s non_security_updates_available=%s total_updates_available=%s" \
+                   % (number_security_updates, number_other_updates, number_security_updates + number_other_updates)
 
-        if number_security_updates and self.long_output:
+        return status, message
-            errata = self.get_security_updateinfo()
-            for e in errata:
-                message += "\n%s - %s" % (e['advisory'], e['name'])
-    
-        return status, message, perfdata
 
 
     def vprint(self, threshold, message):
@@ -479,18 +502,20 @@ def main():
     tester = YumTester()
     parser = OptionParser()
 
-    parser.add_option( "--all-updates",
+    parser.add_option("-A",
+                      "--all-updates",
                       action="store_true",
                       dest="all_updates",
                       help="Does not distinguish between security and "      \
                          + "non-security updates, but returns critical for " \
                          + "any available update. This may be used if the "  \
-                          + "YUM security plugin is absent or you want to "   \
+                         + "yum security plugin is absent or you want to "   \
                          + "maintain every single package at the latest "    \
                          + "version. You may want to use "                   \
                          + "--warn-on-any-update instead of this option")
 
-    parser.add_option( "--warn-on-any-update",
+    parser.add_option("-W",
+                      "--warn-on-any-update",
                       action="store_true",
                       dest="warn_on_any_update",
                       help="Warns if there are any (non-security) package "   \
@@ -507,38 +532,45 @@ def main():
                       action="store_true",
                       dest="no_cache_update",
                       help="Run entirely from cache and do not update the " \
-                          + "cache when running YUM. Useful if you have "    \
+                         + "cache when running yum. Useful if you have "    \
                          + "'yum makecache' cronned so that the nagios "    \
                          + "check itself doesn't have to do it, possibly "  \
                          + "speeding up execution (by 1-2 seconds in tests)")
 
-    parser.add_option( "--no-warn-on-lock",
+    parser.add_option("-c",
+                      "--config",
+                      dest="yum_config",
+                      help="Run with custom repository config in order to use " \
+                         + "custom repositories in case of special setup for")
+
+    parser.add_option("-N",
+                      "--no-warn-on-lock",
                       action="store_true",
                       dest="no_warn_on_lock",
-                       help="Return OK instead of WARNING when YUM is locked " \
+                      help="Return OK instead of WARNING when yum is locked " \
                          + "and fails to check for updates due to another "   \
                          + "instance running. This is not recommended from "  \
                          + "the security standpoint, but may be wanted to "   \
                          + "reduce the number of alerts that may "            \
                          + "intermittently pop up when someone is running "   \
-                          + "YUM interactively for package management")
+                         + "yum for package management")
 
-    parser.add_option( "--enablerepo",
+    parser.add_option("-e",
+                      "--enablerepo",
                       dest="repository_to_enable",
-                       help="Explicitly enables a reposity when calling YUM. "
+                      help="Explicitly enables a reposity when calling yum. " +
-                          + "Can take a comma separated list of repositories")
+                      "Can take a comma separated list of repositories")
 
-    parser.add_option( "--disablerepo",
+    parser.add_option("-d",
+                      "--disablerepo",
                       dest="repository_to_disable",
-                       help="Explicitly disables a repository when calling YUM "
+                      help="Explicitly disables a repository when calling yum. " \
                          + "Can take a comma separated list of repositories")
 
-    parser.add_option( "-l",
+    parser.add_option("--disableplugin",
-                       "--long-output",
+                      dest="plugin_to_disable",
-                       action="store_true",
+                      help="Explicitly disables a plugin when calling yum. " \
-                       dest="long_output",
+                         + "Can take a comma separated list of plugins")
-                       help="Shows more detailed output including the errata "
-                          + "ID.")
 
     parser.add_option("-t",
                       "--timeout",
@@ -573,18 +605,19 @@ def main():
     tester.no_warn_on_lock = options.no_warn_on_lock
     tester.enable_repo = options.repository_to_enable
     tester.disable_repo = options.repository_to_disable
+    tester.disable_plugin = options.plugin_to_disable
+    tester.yum_config = options.yum_config
     tester.timeout = options.timeout
     tester.verbosity = options.verbosity
     tester.warn_on_any_update = options.warn_on_any_update
-    tester.long_output                 = options.long_output
 
     if options.version:
-        print "%s - Version %s\n" \
+        print "%s - Version %s\nAuthor: %s\n" \
-            % (__title__, __version__)
+            % (__title__, __version__, __author__)
         sys.exit(OK)
 
-    result, output, perfdata = tester.test_yum_updates()
+    result, output = tester.test_yum_updates()
-    end(result, output, perfdata)
+    end(result, output)
 
 
 if __name__ == "__main__":
@@ -593,37 +626,3 @@ if __name__ == "__main__":
     except KeyboardInterrupt:
         print "Caught Control-C..."
         sys.exit(CRITICAL)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-#Copyright © ?–?, Hari Sekhon <harisekhon@gmail.com>.
-#Copyright © 2012, Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>.
-#All rights reserved.
-#
-#
-#This program is free software; you can redistribute it and/or
-#modify it under the terms of the GNU General Public License
-#as published by the Free Software Foundation; version 2
-#of the License.
-#
-#This program is distributed in the hope that it will be useful,
-#but WITHOUT ANY WARRANTY; without even the implied warranty of
-#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#GNU General Public License for more details.
-#
-#You should have received a copy of the GNU General Public License
-#along with this program; if not, write to the Free Software
-#Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

rel-eng/packages/nagios-okplugin-check_xroad_token

@@ -0,0 +1 @@
+1.2-1 check_xroad_token/

rel-eng/releasers.conf

@@ -3,6 +3,7 @@
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-7-x86_64
+srpm_disttag = .el7
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel7/x86_64/
 
 # RHEL 7 Test
@@ -10,6 +11,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel7/x86_64/
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-7-x86_64
+srpm_disttag = .el7
 builder.test = 1
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel7/x86_64/
 
@@ -19,12 +21,14 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel7/x8
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-6-x86_64
+srpm_disttag = .el6
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/x86_64/
 
 [production-el6-i386]
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-6-i386
+srpm_disttag = .el6
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/i386/
 
 
@@ -34,6 +38,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/i386/
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-5-x86_64
+srpm_disttag = .el5
 createrepo_command = createrepo -s sha1 .
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/x86_64/
 
@@ -42,6 +47,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/x86_64/
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-5-i386
+srpm_disttag = .el5
 createrepo_command = createrepo -s sha1 .
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/i386/
 
@@ -50,6 +56,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/i386/
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-6-x86_64
+srpm_disttag = .el6
 builder.test = 1
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/x86_64/
 
@@ -58,6 +65,7 @@ releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-6-i386
 builder.test = 1
+srpm_disttag = .el6
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/i386/
 
 
@@ -66,6 +74,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/i3
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-5-x86_64
+srpm_disttag = .el5
 builder.test = 1
 createrepo_command = createrepo -s sha1 .
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/x86_64/
@@ -75,6 +84,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/x8
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-5-i386
+srpm_disttag = .el5
 builder.test = 1
 createrepo_command = createrepo -s sha1 .
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/i386/
@@ -86,6 +96,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/i3
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = fedora-20-x86_64
+srpm_disttag = .fc20
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/fedora20/x86_64/
 
 # Fedora FC20
@@ -93,6 +104,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/fedora20/x86_64/
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = fedora-20-x86_64
+srpm_disttag = .fc20
 builder.test = 1
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/fedora20/x86_64/