diff options
author | doktornotor <notordoktor@gmail.com> | 2015-08-03 21:56:47 +0200 |
---|---|---|
committer | doktornotor <notordoktor@gmail.com> | 2015-08-03 21:56:47 +0200 |
commit | 4e5f4398d932289721a588901e1bb9533166de4c (patch) | |
tree | 5d40845ebb94a8bd77e184177309b949c2f4dfda | |
parent | 5d5fe57725ea31c799b6683a755eea568d2f1705 (diff) | |
download | pfsense-packages-4e5f4398d932289721a588901e1bb9533166de4c.tar.gz pfsense-packages-4e5f4398d932289721a588901e1bb9533166de4c.tar.bz2 pfsense-packages-4e5f4398d932289721a588901e1bb9533166de4c.zip |
checkmk- code style fixes, fix URL again to use last working stable release
-rw-r--r-- | config/checkmk-agent/checkmk.inc | 378 |
1 files changed, 195 insertions, 183 deletions
diff --git a/config/checkmk-agent/checkmk.inc b/config/checkmk-agent/checkmk.inc index def0ae2d..67d82e6b 100644 --- a/config/checkmk-agent/checkmk.inc +++ b/config/checkmk-agent/checkmk.inc @@ -1,302 +1,314 @@ <?php -/* ========================================================================== */ /* checkmk.inc - part of pfSense (http://www.pfSense.com) - Copyright (C) 2013 Marcello Coutinho - All rights reserved. - */ -/* ========================================================================== */ -/* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code MUST retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form MUST reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - -define('ETC_SERVICES','/etc/services'); -define('ETC_INETD','/etc/inetd.conf'); -define('ETC_HOSTS_ALLOW','/etc/hosts.allow'); -define('ETC_RC_CONF','/etc/rc.conf.local'); + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2013 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +define('ETC_SERVICES', '/etc/services'); +define('ETC_INETD', '/etc/inetd.conf'); +define('ETC_HOSTS_ALLOW', '/etc/hosts.allow'); +define('ETC_RC_CONF', '/etc/rc.conf.local'); function checkmk_install() { - // Download latest check_mk version from head repo - $checkmk_bin="/usr/local/bin/check_mk_agent"; - mwexec("fetch -o {$checkmk_bin} 'http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/check_mk_agent.freebsd;hb=refs/heads/1.2.6'"); - chmod($checkmk_bin,0755); - sync_package_checkmk(); -} + /* + Download last STABLE check_mk version (1.2.5i7) from upstream git repository. + IMPORTANT NOTE: Newer versions require bash instead of sh! + */ + $checkmk_bin = "/usr/local/bin/check_mk_agent"; + $checkmk_url = 'http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/check_mk_agent.freebsd;hb=e13899bde8bdafe13780427811c8153c59be807f'; + mwexec("fetch -o {$checkmk_bin} \"{$checkmk_url}\""); + chmod($checkmk_bin, 0755); -function checkmk_deinstall() { - // reserved + sync_package_checkmk(); } -function checkmk_start() { - global $g, $config; - - // reserved +function checkmk_text_area_decode($text) { + return preg_replace('/\r\n/', "\n", base64_decode($text)); } -function checkmk_text_area_decode($text){ - return preg_replace('/\r\n/', "\n",base64_decode($text)); -} function sync_package_checkmk() { - global $config, $g; - $update_conf=0; + global $config, $g, $mk_config; + $update_conf = 0; - if (!is_array($config['installedpackages']['checkmk']['config'])) + if (!is_array($config['installedpackages']['checkmk']['config'])) { return; - - $mk_config=$config['installedpackages']['checkmk']['config'][0]; - - $checkmk_bin="/usr/local/bin/check_mk_agent"; - if (!file_exists($checkmk_bin) && $mk_config['checkmkenable']=="on"){ - $error = "Check_mk-agent Binary file not found"; - log_error($error." You can manually download it using this cmd: fetch -o {$checkmk_bin} 'http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/check_mk_agent.freebsd;hb=refs/heads/1.2.6'"); - file_notice("Check_mk-agent", $error, "checkmk save config", ""); + } + + $mk_config = $config['installedpackages']['checkmk']['config'][0]; + + $checkmk_bin = "/usr/local/bin/check_mk_agent"; + $checkmk_url = 'http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/check_mk_agent.freebsd;hb=e13899bde8bdafe13780427811c8153c59be807f'; + if (!file_exists($checkmk_bin) && $mk_config['checkmkenable'] == "on") { + $error = "ERROR: check_mk-agent binary file not found."; + $error .= " You can manually download it using this cmd: fetch -o {$checkmk_bin} \"{$checkmk_url}\""; + log_error($error); + file_notice("check_mk-agent", $error, "checkmk save config", ""); return; - } - //mount filesystem writeable + } + conf_mount_rw(); - - // check services file - $mk_services= file(ETC_SERVICES); - $port=($mk_config['checkmkport'] ? $mk_config['checkmkport'] : "6556"); - foreach($mk_services as $mk_service){ - if (!preg_match("/check_mk/",$mk_service)) + + /* Check services file. */ + $mk_services = file(ETC_SERVICES); + $port = ($mk_config['checkmkport'] ? $mk_config['checkmkport'] : "6556"); + foreach ($mk_services as $mk_service) { + if (!preg_match("/check_mk/", $mk_service)) { $mk_service_file.=chop($mk_service)."\n"; } - if ($mk_config['checkmkenable']=="on") - $mk_service_file.="check_mk {$port}/tcp #check_mk agent\n"; - file_put_contents(ETC_SERVICES,$mk_service_file,LOCK_EX); - - // check inetd file - $mk_inetds= file(ETC_INETD); - foreach($mk_inetds as $mk_inetd){ - if (!preg_match("/check_mk/",$mk_inetd)) + } + if ($mk_config['checkmkenable']=="on") { + $mk_service_file .= "check_mk {$port}/tcp #check_mk agent\n"; + file_put_contents(ETC_SERVICES, $mk_service_file, LOCK_EX); + } + + /* Check inetd file. */ + $mk_inetds = file(ETC_INETD); + foreach ($mk_inetds as $mk_inetd) { + if (!preg_match("/check_mk/",$mk_inetd)) { $mk_inetd_file.=chop($mk_inetd)."\n"; } - if ($mk_config['checkmkenable']=="on") - $mk_inetd_file.="check_mk stream tcp nowait root /usr/local/bin/check_mk_agent check_mk\n"; - file_put_contents(ETC_INETD,$mk_inetd_file,LOCK_EX); - - // check hosts.allow - $mk_hosts= file(ETC_HOSTS_ALLOW); - $inet_daemons_count=0; - foreach($mk_hosts as $mk_host){ - if (!preg_match("/check_mk/",$mk_host)) - $mk_hosts_file.=chop($mk_host)."\n"; - if (preg_match("/^\w+/")) + } + if ($mk_config['checkmkenable']=="on") { + $mk_inetd_file .= "check_mk stream tcp nowait root /usr/local/bin/check_mk_agent check_mk\n"; + } + file_put_contents(ETC_INETD, $mk_inetd_file, LOCK_EX); + + /* Check hosts.allow file. */ + $mk_hosts = file(ETC_HOSTS_ALLOW); + $inet_daemons_count = 0; + foreach ($mk_hosts as $mk_host) { + if (!preg_match("/check_mk/",$mk_host)) { + $mk_hosts_file .= chop($mk_host) . "\n"; + } + if (preg_match("/^\w+/")) { $inet_daemons_count++; } - if ($mk_config['checkmkenable']=="on") - foreach (explode(',',$mk_config['checkmkhosts']) as $check_mk_host){ - $mk_hosts_file.="check_mk : {$check_mk_host} : allow\n"; + } + if ($mk_config['checkmkenable'] == "on") { + foreach (explode(',',$mk_config['checkmkhosts']) as $check_mk_host) { + $mk_hosts_file .= "check_mk : {$check_mk_host} : allow\n"; $inet_daemons_count++; - } - file_put_contents(ETC_HOSTS_ALLOW,$mk_hosts_file,LOCK_EX); - - //check inetd daemon rc_conf option - $mk_rc_confs= file(ETC_RC_CONF); - foreach($mk_rc_confs as $mk_rc_conf){ - if (!preg_match("/inetd_/",$mk_rc_conf)) - $mk_rc_conf_file.=chop($mk_rc_conf)."\n"; } - if ($mk_config['checkmkenable']=="on"){ - $mk_rc_conf_file.='inetd_enable="YES"'."\n"; - $mk_rc_conf_file.='inetd_flags="-wW"'."\n"; + } + file_put_contents(ETC_HOSTS_ALLOW, $mk_hosts_file, LOCK_EX); + + /* Check inetd daemon rc_conf option. */ + $mk_rc_confs= file(ETC_RC_CONF); + foreach ($mk_rc_confs as $mk_rc_conf) { + if (!preg_match("/inetd_/",$mk_rc_conf)) { + $mk_rc_conf_file .= chop($mk_rc_conf)."\n"; } - - file_put_contents(ETC_RC_CONF,$mk_rc_conf_file,LOCK_EX); - if ($inet_daemons_count > 0) + } + if ($mk_config['checkmkenable']=="on") { + $mk_rc_conf_file .= 'inetd_enable="YES"' . "\n"; + $mk_rc_conf_file .= 'inetd_flags="-wW"' . "\n"; + } + + file_put_contents(ETC_RC_CONF, $mk_rc_conf_file, LOCK_EX); + if ($inet_daemons_count > 0) { mwexec("/etc/rc.d/inetd restart"); - else + } else { mwexec("/etc/rc.d/inetd stop"); + } - //Write config if any file from filesystem was loaded - if ($update_conf > 0) + /* Write config if any file from filesystem was loaded. */ + if ($update_conf > 0) { write_config(); - - // mount filesystem readonly + } + conf_mount_ro(); - + checkmk_sync_on_changes(); } function checkmk_validate_input($post, &$input_errors) { foreach ($post as $key => $value) { - if (empty($value)) + if (empty($value)) { continue; - if (substr($key, 0, 3) == "port" && !preg_match("/^\d+$/", $value)) + } + if (substr($key, 0, 3) == "port" && !preg_match("/^\d+$/", $value)) { $input_errors[] = "{$value} is no a valid port number"; - if (substr($key, 0, 11) == "description" && !preg_match("@^[a-zA-Z0-9 _/.-]+$@", $value)) + } + if (substr($key, 0, 11) == "description" && !preg_match("@^[a-zA-Z0-9 _/.-]+$@", $value)) { $input_errors[] = "Do not use special characters on description"; - if (substr($key, 0, 8) == "fullfile" && !preg_match("@^[a-zA-Z0-9_/.-]+$@", $value)) + } + if (substr($key, 0, 8) == "fullfile" && !preg_match("@^[a-zA-Z0-9_/.-]+$@", $value)) { $input_errors[] = "Do not use special characters on filename"; - + } + } } -############################################## -/* Uses XMLRPC to synchronize the changes to a remote node */ + +/* Uses XMLRPC to synchronize the changes to a remote node. */ function checkmk_sync_on_changes() { global $config, $g; - if (is_array($config['installedpackages']['checkmksync']['config'])){ - $checkmk_sync=$config['installedpackages']['checkmksync']['config'][0]; + if (is_array($config['installedpackages']['checkmksync']['config'])) { + $checkmk_sync = $config['installedpackages']['checkmksync']['config'][0]; $synconchanges = $checkmk_sync['synconchanges']; $synctimeout = $checkmk_sync['synctimeout']; - switch ($synconchanges){ + switch ($synconchanges) { case "manual": - if (is_array($checkmk_sync[row])){ - $rs=$checkmksync[row]; - } - else{ - log_error("[Check_mk-agent] xmlrpc sync is enabled but there is no hosts to push on squid config."); + if (is_array($checkmk_sync[row])) { + $rs = $checkmksync[row]; + } else { + log_error("[check_mk-agent] XMLRPC sync is enabled but there is no hosts to push on squid config."); return; - } + } break; case "auto": - if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])){ - $system_carp=$config['installedpackages']['carpsettings']['config'][0]; - $rs[0]['ipaddress']=$system_carp['synchronizetoip']; - $rs[0]['username']=$system_carp['username']; - $rs[0]['password']=$system_carp['password']; - } - else{ - log_error("[Check_mk-agent] xmlrpc sync is enabled but there is no system backup hosts to push squid config."); - return; - } - break; + if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])) { + $system_carp = $config['installedpackages']['carpsettings']['config'][0]; + $rs[0]['ipaddress'] = $system_carp['synchronizetoip']; + $rs[0]['username'] = $system_carp['username']; + $rs[0]['password'] = $system_carp['password']; + } else { + log_error("[check_mk-agent] XMLRPC sync is enabled but there is no system backup hosts to push squid config."); + return; + } + break; default: return; break; } - if (is_array($rs)){ - log_error("[Check_mk-agent] xmlrpc sync is starting."); - foreach($rs as $sh){ + if (is_array($rs)) { + log_error("[check_mk-agent] XMLRPC sync is starting."); + foreach ($rs as $sh) { $sync_to_ip = $sh['ipaddress']; $password = $sh['password']; - if($sh['username']) + if ($sh['username']) { $username = $sh['username']; - else + } else { $username = 'admin'; - if($password && $sync_to_ip) + } + if ($password && $sync_to_ip) { checkmk_do_xmlrpc_sync($sync_to_ip, $username, $password,$synctimeout); } - log_error("[Check_mk-agent] xmlrpc sync is ending."); + log_error("[check_mk-agent] XMLRPC sync is ending."); } - } + } + } } -############################################## -/* Do the actual XMLRPC sync */ + +/* Do the actual XMLRPC sync. */ function checkmk_do_xmlrpc_sync($sync_to_ip, $username, $password,$synctimeout) { global $config, $g; - if(!$username) + if (!$username) { return; - - if(!$password) + } + + if (!$password) { return; + } - if(!$sync_to_ip) + if (!$sync_to_ip) { return; + } $xmlrpc_sync_neighbor = $sync_to_ip; - if($config['system']['webgui']['protocol'] != "") { + if($config['system']['webgui']['protocol'] != "") { $synchronizetoip = $config['system']['webgui']['protocol']; $synchronizetoip .= "://"; - } - $port = $config['system']['webgui']['port']; - /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") + } + $port = $config['system']['webgui']['port']; + /* If port is empty, let's rely on the protocol selection. */ + if ($port == "") { + if($config['system']['webgui']['protocol'] == "http") { $port = "80"; - else + } else { $port = "443"; - } + } + } $synchronizetoip .= $sync_to_ip; - /* xml will hold the sections to sync */ + /* xml will hold the sections to sync. */ $xml = array(); $xml['checkmk'] = $config['installedpackages']['checkmk']; - - /* assemble xmlrpc payload */ + + /* Assemble XMLRPC payload. */ $params = array( XML_RPC_encode($password), XML_RPC_encode($xml) ); - /* set a few variables needed for sync code borrowed from filter.inc */ + /* Set a few variables needed for sync code; borrowed from filter.inc. */ $url = $synchronizetoip; - log_error("[Check_mk-agent] Beginning checkmk XMLRPC sync to {$url}:{$port}."); + log_error("[check_mk-agent] Beginning checkmk XMLRPC sync to {$url}:{$port}."); $method = 'pfsense.merge_installedpackages_section_xmlrpc'; $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); - if($g['debug']) + if ($g['debug']) { $cli->setDebug(1); - /* send our XMLRPC message and timeout after 250 seconds */ + } + /* Send our XMLRPC message and timeout after 250 seconds. */ $resp = $cli->send($msg, $synctimeout); - if(!$resp) { - $error = "[Check_mk-agent] A communications error occurred while attempting checkmk XMLRPC sync with {$url}:{$port}."; + if (!$resp) { + $error = "[check_mk-agent] A communications error occurred while attempting checkmk XMLRPC sync with {$url}:{$port}."; log_error($error); file_notice("sync_settings", $error, "checkmk Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, $synctimeout); - $error = "[Check_mk-agent] An error code was received while attempting checkmk XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + $error = "[check_mk-agent] An error code was received while attempting checkmk XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); log_error($error); file_notice("sync_settings", $error, "checkmk Settings Sync", ""); } else { - log_error("[Check_mk-agent] XMLRPC sync successfully completed with {$url}:{$port}."); + log_error("[check_mk-agent] XMLRPC sync successfully completed with {$url}:{$port}."); } - - /* tell checkmk to reload our settings on the destionation sync host. */ + + /* Tell check_mk to reload our settings on the destination sync host. */ $method = 'pfsense.exec_php'; - $execcmd = "require_once('/usr/local/pkg/checkmk.inc');\n"; + $execcmd = "require_once('/usr/local/pkg/checkmk.inc');\n"; $execcmd .= "sync_package_checkmk();"; - /* assemble xmlrpc payload */ + /* Assemble XMLRPC payload. */ $params = array( XML_RPC_encode($password), XML_RPC_encode($execcmd) ); - - log_error("[Check_mk-agent] XMLRPC reload data {$url}:{$port}."); + + log_error("[check_mk-agent] XMLRPC reload data {$url}:{$port}."); $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); $resp = $cli->send($msg, $synctimeout); - if(!$resp) { - $error = "[Check_mk-agent] A communications error occurred while attempting checkmk XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + if (!$resp) { + $error = "[check_mk-agent] A communications error occurred while attempting checkmk XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; log_error($error); file_notice("sync_settings", $error, "checkmk Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, $synctimeout); - $error = "[Check_mk-agent] An error code was received while attempting checkmk XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + $error = "[check_mk-agent] An error code was received while attempting checkmk XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); log_error($error); file_notice("sync_settings", $error, "checkmk Settings Sync", ""); } else { - log_error("[Check_mk-agent] XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + log_error("[check_mk-agent] XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); } - } ?> |