DirectorySearch Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
New ListingsDirectory Tree
Directory
elysium
byelysium, June 4, 2020
#!/usr/bin/env python3
4a5
> # plugin adjusted from python2 to python3 20200603
8c9
__version__ = "0.0.2"
33c34
print("%sOK: %s" % (check, message))
36c37
print("%sWARNING: %s" % (check, message))
39c40
print("%sCRITICAL: %s" % (check, message))
42c43
print("UNKNOWN: %s" % message)
147a149,151
> # self.verbosity = int(self.verbosity)
> if self.verbosity == None:
> self.verbosity = 0
149c153
print("%s" % message)
192c196
line = next(f)
315,316c319,320
% (__title__, __version__, __author__))
326c330
print("Caught Control-C...")
4a5
> # plugin adjusted from python2 to python3 20200603
8c9
__version__ = "0.0.2"
33c34
print("%sOK: %s" % (check, message))
36c37
print("%sWARNING: %s" % (check, message))
39c40
print("%sCRITICAL: %s" % (check, message))
42c43
print("UNKNOWN: %s" % message)
147a149,151
> # self.verbosity = int(self.verbosity)
> if self.verbosity == None:
> self.verbosity = 0
149c153
print("%s" % message)
192c196
line = next(f)
315,316c319,320
% (__title__, __version__, __author__))
326c330
print("Caught Control-C...")
byelysium, November 1, 2018
The plugin needs some modification for FSIGK F-Secure Internet Gatekeeper (thats not the same as FSLS, F-Secure Server Linux Security), but then its still useable, thanks for that.
With FSIGK 5.50 you have to change:
1. Link the following binaries to make ./fsav executable within FSIGK:
/usr/lib/libfsavd.so.7 -> /opt/f-secure/fsigk/fssp/lib/libfsavd.so.7
/usr/lib/libsubstatus.so -> /opt/f-secure/fsigk/fssp/lib/libsubstatus.so
/usr/lib/libkeycheck.so -> /opt/f-secure/fsigk/fssp/lib/libkeycheck.so
/usr/lib/libfsclm.so.2 -> /opt/f-secure/fsigk/fssp/lib/libfsclm.so.2
/usr/lib/libmgmtfile.2.0.0.so -> /opt/f-secure/fsigk/fssp/lib/libmgmtfile.2.0.0.so
2. Change line #101 to a hardcoded path conf path (or ad another prefix, FSAV in FSIGK works just different to FSLS):
chomp(my $fsav_version = `$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version`);
Now it depends on your FSIGK installation, usually user "nagios" is not able to run "$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version" without sudo/root.
2. Add sudo for the FSAV binary like this in check_fsecure:
my $fsav = "/usr/bin/sudo /opt/f-secure/fsigk/fssp/bin/fsav";
3. Comment-out the following lines in check_fsecure:
#if (!-x $fsav) {
# die("ERROR: Unable to execute $fsav");
#}
4. Add a sudo rule /etc/sudoers on monitored machine:
nagios ALL=(root) NOPASSWD: /opt/f-secure/fsigk/fssp/bin/fsav
Thats it.
With FSIGK 5.50 you have to change:
1. Link the following binaries to make ./fsav executable within FSIGK:
/usr/lib/libfsavd.so.7 -> /opt/f-secure/fsigk/fssp/lib/libfsavd.so.7
/usr/lib/libsubstatus.so -> /opt/f-secure/fsigk/fssp/lib/libsubstatus.so
/usr/lib/libkeycheck.so -> /opt/f-secure/fsigk/fssp/lib/libkeycheck.so
/usr/lib/libfsclm.so.2 -> /opt/f-secure/fsigk/fssp/lib/libfsclm.so.2
/usr/lib/libmgmtfile.2.0.0.so -> /opt/f-secure/fsigk/fssp/lib/libmgmtfile.2.0.0.so
2. Change line #101 to a hardcoded path conf path (or ad another prefix, FSAV in FSIGK works just different to FSLS):
chomp(my $fsav_version = `$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version`);
Now it depends on your FSIGK installation, usually user "nagios" is not able to run "$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version" without sudo/root.
2. Add sudo for the FSAV binary like this in check_fsecure:
my $fsav = "/usr/bin/sudo /opt/f-secure/fsigk/fssp/bin/fsav";
3. Comment-out the following lines in check_fsecure:
#if (!-x $fsav) {
# die("ERROR: Unable to execute $fsav");
#}
4. Add a sudo rule /etc/sudoers on monitored machine:
nagios ALL=(root) NOPASSWD: /opt/f-secure/fsigk/fssp/bin/fsav
Thats it.
