2024-02-26 20:39:29 -07:00
|
|
|
#!/bin/bash
|
|
|
|
# https://github.com/nagios-plugins/nagios-plugins/blob/master/plugins/check_apt.c
|
|
|
|
|
|
|
|
usage() {
|
|
|
|
echo "usage: check_apt_critical.sh [-h] [--warn WARN] [--crit CRIT]
|
|
|
|
|
|
|
|
options:
|
|
|
|
-h, --help Show this help message and exit.
|
|
|
|
--warn WARN The number of critical updates needed to trigger WARNING.
|
|
|
|
--crit CRIT The number of critical updates needed to trigger CRITICAL.
|
|
|
|
|
|
|
|
If --warn or --crit is not provided, any number of updates will trigger CRITICAL."
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
|
|
|
|
WARN_LEVEL=0
|
|
|
|
CRIT_LEVEL=0
|
|
|
|
|
|
|
|
while [ "$1" != "" ]; do
|
|
|
|
case $1 in
|
|
|
|
--warn ) shift
|
|
|
|
WARN_LEVEL=$1
|
|
|
|
;;
|
|
|
|
--crit ) shift
|
|
|
|
CRIT_LEVEL=$1
|
|
|
|
;;
|
|
|
|
* ) usage
|
|
|
|
esac
|
|
|
|
shift
|
|
|
|
done
|
|
|
|
|
|
|
|
CRITICAL_RE='^Inst [^\(]*\(.* (Debian-Security:|Ubuntu:[^/]*/[^-]*-security)'
|
|
|
|
APT_PATH=$(which apt-get)
|
|
|
|
CRITICAL_UPDATES=$($APT_PATH --just-print upgrade -o 'Debug::NoLocking=true' -s -qq | grep -oE "$CRITICAL_RE" )
|
|
|
|
NUM_CRIT_UPDATES=$(echo "$CRITICAL_UPDATES" | wc -l)
|
|
|
|
|
|
|
|
if [[ $NUM_CRIT_UPDATES -eq 0 ]]; then
|
|
|
|
echo "OK - $NUM_CRIT_UPDATES critical updates available. | critical_updates=$NUM_CRIT_UPDATES"
|
|
|
|
exit 0
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [[ $CRIT_LEVEL -gt 0 ]] || [[ $WARN_LEVEL -gt 0 ]]; then
|
|
|
|
# Only use the levels if the user has set one of them.
|
2024-02-26 20:44:39 -07:00
|
|
|
if [[ $CRIT_LEVEL -gt 0 ]] && [[ $NUM_CRIT_UPDATES -ge $CRIT_LEVEL ]]; then
|
|
|
|
# If the crit level is 0, that means the user has only set the --warn flag. We'll just ignore the crit level since that's what they did.
|
2024-02-26 20:39:29 -07:00
|
|
|
echo "CRITICAL - $NUM_CRIT_UPDATES critical updates available. | critical_updates=$NUM_CRIT_UPDATES"
|
|
|
|
exit 2
|
|
|
|
elif [[ $NUM_CRIT_UPDATES -ge $WARN_LEVEL ]]; then
|
|
|
|
echo "WARNING - $NUM_CRIT_UPDATES critical updates available. | critical_updates=$NUM_CRIT_UPDATES"
|
|
|
|
exit 1
|
|
|
|
else
|
|
|
|
echo "OK - $NUM_CRIT_UPDATES critical updates available. | critical_updates=$NUM_CRIT_UPDATES"
|
|
|
|
exit 0
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
echo "CRITICAL - $NUM_CRIT_UPDATES critical updates available. | critical_updates=$NUM_CRIT_UPDATES"
|
|
|
|
exit 2
|
|
|
|
fi
|