check_fsecure [F-Secure fsav check]

The plugin needs some modification for FSIGK F-Secure Internet Gatekeeper (thats not the same as FSLS, F-Secure Server Linux Security), but then its still useable, thanks for that.

With FSIGK 5.50 you have to change:
1. Link the following binaries to make ./fsav executable within FSIGK:

/usr/lib/libfsavd.so.7 -> /opt/f-secure/fsigk/fssp/lib/libfsavd.so.7
/usr/lib/libsubstatus.so -> /opt/f-secure/fsigk/fssp/lib/libsubstatus.so
/usr/lib/libkeycheck.so -> /opt/f-secure/fsigk/fssp/lib/libkeycheck.so
/usr/lib/libfsclm.so.2 -> /opt/f-secure/fsigk/fssp/lib/libfsclm.so.2
/usr/lib/libmgmtfile.2.0.0.so -> /opt/f-secure/fsigk/fssp/lib/libmgmtfile.2.0.0.so

2. Change line #101 to a hardcoded path conf path (or ad another prefix, FSAV in FSIGK works just different to FSLS):
chomp(my $fsav_version = `$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version`);

Now it depends on your FSIGK installation, usually user "nagios" is not able to run "$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version" without sudo/root.

2. Add sudo for the FSAV binary like this in check_fsecure:

my $fsav = "/usr/bin/sudo /opt/f-secure/fsigk/fssp/bin/fsav";

3. Comment-out the following lines in check_fsecure:

#if (!-x $fsav) {
# die("ERROR: Unable to execute $fsav");
#}

4. Add a sudo rule /etc/sudoers on monitored machine:
nagios ALL=(root) NOPASSWD: /opt/f-secure/fsigk/fssp/bin/fsav

Thats it.

---