-
Notifications
You must be signed in to change notification settings - Fork 0
/
check_opkg
executable file
·60 lines (52 loc) · 1.7 KB
/
check_opkg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#!/bin/ash
# check_opkg - check for available upgrades on OpenWRT (https://openwrt.org/)
# prerequisites: make sure you have NRPE up and running, so you can call this script from your
# remote nagios/icinga instance
#
# check goes WARNING, if there are any packages to be upgraded
# check goes CRITICAL, if one of the packages in $CRITICAL_PACKAGES is not up to date
EXIT=3
MESSAGE="UNKNOWN"
UPGRADABLE_CRITICAL=""
UPGRADABLE_NORMAL=""
CRITICAL_PACKAGES="iptables
dropbear
nrpe
uhttpd
"
# just make sure package database is updated
OPKG_UPDATE_OUTPUT=$(opkg --verbosity=0 update 2>&1)
OPKG_UPDATE_EXIT_CODE=$?
if [[ "$OPKG_UPDATE_EXIT_CODE" -ne "0" ]]; then
echo -e "CRITICAL - package database could not be updated.\nReason: $OPKG_UPDATE_OUTPUT"
exit 2
fi
UPGRADABLE_PACKAGES=$(opkg list-upgradable | cut -d" " -f1)
if [[ -z "$UPGRADABLE_PACKAGES" ]]; then
echo "OK - there are no upgrades available"
exit 0
else
for PKG in $UPGRADABLE_PACKAGES; do
for CRIT_PKG in $CRITICAL_PACKAGES; do
if [[ "$PKG" == "$CRIT_PKG" ]]; then
UPGRADABLE_CRITICAL="$PKG\n$UPGRADABLE_CRITICAL"
else
UPGRADABLE_NORMAL="$PKG\n$UPGRADABLE_NORMAL"
fi
done
done
fi
UPGRADABLE_CRITICAL=$(echo -e $UPGRADABLE_CRITICAL | uniq)
UPGRADABLE_NORMAL=$(echo -e $UPGRADABLE_NORMAL | uniq)
if [[ -z "$UPGRADABLE_CRITICAL" ]]; then
EXIT=1
MESSAGE="WARNING - the following packages are not up to date: $UPGRADABLE_NORMAL"
else
EXIT=2
MESSAGE="CRITICAL - the following packages are not up to date and are defined to be critical for overall system security: $UPGRADABLE_CRITICAL"
if [[ -n "$UPGRADABLE_NORMAL" ]]; then
MESSAGE="$MESSAGE. All packages that have updates: $UPGRADABLE_NORMAL"
fi
fi
echo $MESSAGE
exit $EXIT