Hello community, here is the log from the commit of package nagios-plugins-zypper for openSUSE:Factory checked in at Mon Oct 11 15:24:52 CEST 2010. -------- --- nagios-plugins-zypper/nagios-plugins-zypper.changes 2010-03-10 16:42:08.000000000 +0100 +++ nagios-plugins-zypper/nagios-plugins-zypper.changes 2010-10-10 13:47:08.000000000 +0200 @@ -1,0 +2,12 @@ +Sun Oct 10 11:43:15 UTC 2010 - lars@linux-schulserver.de + +- update to 1.30: + + added check for unsupported packages. As those packages might lead + to a system with security holes, just the packages from the official + repository are marked as valid at the moment. Admins should list + their packages via 'whitelist:foo' in an ignore file to disable the + warning. + + Performance data output is reduced to a single variable now containing + security,recommended,optional,packages as values + +------------------------------------------------------------------- calling whatdependson for head-i586 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nagios-plugins-zypper.spec ++++++ --- /var/tmp/diff_new_pack.cpKuC3/_old 2010-10-11 15:21:53.000000000 +0200 +++ /var/tmp/diff_new_pack.cpKuC3/_new 2010-10-11 15:21:53.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package nagios-plugins-zypper (Version 1.26) +# spec file for package nagios-plugins-zypper (Version 1.30) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -20,7 +20,7 @@ Name: nagios-plugins-zypper Summary: Nagios plugin for checking software updates -Version: 1.26 +Version: 1.30 Release: 1 Url: http://en.opensuse.org/Nagios-plugins-zypper License: BSD4c ++++++ check_zypper.pl ++++++ --- /var/tmp/diff_new_pack.cpKuC3/_old 2010-10-11 15:21:53.000000000 +0200 +++ /var/tmp/diff_new_pack.cpKuC3/_new 2010-10-11 15:21:53.000000000 +0200 @@ -3,7 +3,7 @@ # # check_zypper - nagios plugin # -# Copyright (C) 2008-2009, Novell, Inc. +# Copyright (C) 2008-2010, Novell, Inc. # Author: Lars Vogdt # # All rights reserved. @@ -49,7 +49,7 @@ # constants $PROGNAME = "check_zypper"; -$VERSION = "1.26"; +$VERSION = "1.30"; $DEBUG = 0; # variables @@ -62,15 +62,16 @@ our $release = "11.2"; our $dist = "openSUSE"; our $patchlevel = 0; -our ( $opt_V, $opt_h, $opt_i, $opt_w, $opt_c, $opt_f, $opt_o, $opt_p, $opt_r, $opt_s, $opt_t, $opt_v ); +our ( $opt_V, $opt_h, $opt_i, $opt_w, $opt_c, $opt_f, $opt_o, $opt_p, $opt_r, $opt_s, $opt_t, $opt_u, $opt_v ); our $exitcode = 0; our %ERRORS = ( 'OK' => 0, 'WARNING' => 1, 'CRITICAL' => 2, 'UNKNOWN' => 3, 'DEPENDENT' => 4 ); our %REVERSE = ( 4 => 'DEPENDENT', 3 => 'UNKNOWN', 2 => 'CRITICAL', 1 => 'WARNING', 0 => 'OK' ); our $TIMEOUT = 120; our @patchignore = (); our @packageignore = (); +our @packagewhitelist = (); -$opt_w = "recommended,optional"; +$opt_w = "recommended,optional,unsupported"; $opt_c = "security"; $opt_f = "$releasefile"; $opt_t = "120"; @@ -148,7 +149,9 @@ print " patch:libtiff-devel\n"; print " # comment\n"; print " package:libtiff3\n"; - print " package:libtiff-devel\n\n"; + print " package:libtiff-devel\n"; + print " # comment\n"; + print " whitelist:aaa_base\n\n"; print " -o, --ignore_outdated\n"; print " Don't warn if a repository is outdated.\n"; print " -p, --no_perfdata\n"; @@ -276,8 +279,25 @@ my $optstr = ""; my $pacstr = ""; my $warnstr = ""; + my $unsupstr = ""; my $update_avail = 0; my %packagelist; + my @unsup_packagelist=(); + if ($opt_u){ + @unsup_packagelist=`rpm -qa --qf "%{NAME} %{VENDOR}\n" | grep -v 'SUSE LINUX Products GmbH, Nuernberg, Germany' | grep -v gpg-pubkey | awk '" " { print \$1 }'`; + my $category = 'unsupported'; + my $status = "new"; + foreach my $name (sort(@unsup_packagelist)){ + chomp($name); + if ( grep {/\Q$name\E/} @packagewhitelist ){ + print STDERR "WARINING: ignoring $name as it is in \@packagewhitelist\n" if ($DEBUG); + next; + } + $packagelist{"$category"}{"$name"}{'category'} = "$category"; + $packagelist{"$category"}{"$name"}{'name'} = "$name"; + $packagelist{"$category"}{"$name"}{'status'} = "$status"; + } + } print STDERR "INFO: Trying $use_sudo $zypper $zypperopt\n" if ($DEBUG); if ( open( FH, "$use_sudo $zypper $zypperopt 2>&1 |" ) ) { @@ -351,6 +371,7 @@ print STDERR "INFO: Optional (optcount): " . scalar( keys %{ ( $packagelist{'optional'} ) } ) . "\n"; print STDERR "INFO: Recommended (reccount): " . scalar( keys %{ ( $packagelist{'recommended'} ) } ) . "\n"; print STDERR "INFO: Security (seccount): " . scalar( keys %{ ( $packagelist{'security'} ) } ) . "\n"; + print STDERR "INFO: Unsupported (uspcount): " . scalar( keys %{ ( $packagelist{'unsupported'} ) } ) . "\n"; use Data::Dumper; print STDERR Data::Dumper->Dump( [ \%packagelist ] ); } @@ -374,17 +395,26 @@ $error = check_errorcode("security"); $secstr = scalar( keys %{ ( $packagelist{'security'} ) } ) . " security update(s);"; } + if ( defined( $packagelist{'unsupported'} ) && (scalar( keys %{ ( $packagelist{'unsupported'} ) } ) ne 0 ) ) { + $update_avail = 1; + $error = check_errorcode("unsupported"); + $unsupstr = scalar( keys %{ ( $packagelist{'unsupported'} ) } ) . " unsupported package(s);"; + } if ($update_avail) { - $ret_str .= "$error : " . trim("$warnstr $secstr $recstr $optstr $pacstr") . " "; + $ret_str .= "$error : " . trim("$warnstr $secstr $recstr $optstr $pacstr $unsupstr") . " "; my @packagelist = (); + my @unsupported_packagelist = (); if ($opt_v) { - foreach my $cat ( 'security', 'recommended', 'optional', 'package' ) { + foreach my $cat ( 'security', 'recommended', 'optional', 'package', 'unsupported' ) { for my $key ( sort( keys %packagelist ) ) { if ( "$key" eq "$cat" ) { for my $name ( sort( keys %{ $packagelist{$key} } ) ) { if ( "$cat" eq "package" ) { push @packagelist, $packagelist{$key}{$name}{'name'}; } + elsif ( "$cat" eq "unsupported" ) { + push @unsupported_packagelist, $packagelist{$key}{$name}{'name'}; + } else { $ret_str .= "\n$cat patch: " . $packagelist{$key}{$name}{'name'}; } @@ -393,8 +423,15 @@ } } $ret_str .= "\npackages: " . join( ' ', @packagelist ) if @packagelist; + $ret_str .= "\nunsupported Packages: ". join(' ',@unsupported_packagelist ) if @unsupported_packagelist; $ret_str .= "\nIgnored Patches : " . join( ' ', @patchignore ) . " " if @patchignore; $ret_str .= "\nIgnored Packages: " . join( ' ', @packageignore ) . " " if @packageignore; + if ($#packagewhitelist lt 11){ + $ret_str .= "\nUnsupported, ignored Packages: " . join( ' ', @packagewhitelist ) . " " if @packagewhitelist; + } + else { + $ret_str .= "\nUnsupported, ignored Packages: $#packagewhitelist "; + } } } else { @@ -403,18 +440,24 @@ if ($opt_v) { $ret_str .= "\nIgnored Patches : " . join( ' ', @patchignore ) . " " if @patchignore; $ret_str .= "\nIgnored Packages: " . join( ' ', @packageignore ) . " " if @packageignore; + if ($#packagewhitelist lt 11){ + $ret_str .= "\nUnsupported, ignored Packages: " . join( ' ', @packagewhitelist ) . " " if @packagewhitelist; + } + else { + $ret_str .= "\nUnsupported, ignored Packages: $#packagewhitelist "; + } } } $ret_str - .= "| security=" + .= "| package_updates=" . scalar( keys %{ ( $packagelist{'security'} ) } ) - . ";;;; recommended=" + . ";" . scalar( keys %{ ( $packagelist{'recommended'} ) } ) - . ";;;; optional=" + . ";" . scalar( keys %{ ( $packagelist{'optional'} ) } ) - . ";;;; packages=" + . ";" . scalar( keys %{ ( $packagelist{'package'} ) } ) - . ";;;;\n" + . ";\n" if ($opt_p); } close(FH); @@ -449,10 +492,12 @@ "refresh_repos" => \$opt_r, "t=i" => \$opt_t, "timeout=i" => \$opt_t, + "u" => \$opt_u, + "check-vendor" => \$opt_u, "v" => \$opt_v, "verbose_output" => \$opt_v, "s" => \$opt_s, - "use_sudo" => \$opt_s + "use_sudo" => \$opt_s, ) or print_help(2); $TIMEOUT = $opt_t if ($opt_t); @@ -525,6 +570,12 @@ print "INFO: + Package: $toadd\n" if ($DEBUG); push @packageignore, "$toadd"; } + elsif ( (/^whitelist:/) || (/^Whitelist:/) ) { + my ( $foo, $toadd ) = split( ':', $_, 2 ); + $toadd =~ s/\s*//g; # Package names have no whitespaces + print "INFO: + Whitelisting Package: $toadd\n" if ($DEBUG); + push @packagewhitelist, "$toadd"; + } } close(IGNORES); } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org