#!/usr/bin/env perl use strict; use Getopt::Long; my ($file, $run_apt); my $critical = 0; my ($filelist, $num_upg, $num_new, $num_del, $num_noupg); GetOptions ('file=s' => \$file, 'run-apt' => \$run_apt, 'help' => sub { &usage() } ); if (defined($run_apt)) { open STDIN, "apt-get -q -s upgrade |" or die "UNKNOWN - apt-get upgrade : $!\n"; } elsif (defined($file)) { open STDIN, "< $file" or die "UNKNOWN - $file : $!\n"; } while (<>) { if (/The following packages will be upgraded:/) { while (<>) { last if not /^\s+\w+.*/; chop($_); $filelist .= $_; } ## Remove extra spaces $filelist =~ s/\s+/ /g; $filelist .= " "; } if (/^Inst ([^\s]+).*security.*\)$/) { $critical++; $filelist =~ s/ ($1) / $1\[S\] /g; } if (/(\d+) upgraded, (\d+) newly installed, (\d+) to remove and (\d+) not upgraded/) { ($num_upg, $num_new, $num_del, $num_noupg) = ($1, $2, $3, $4); } } my $ret; if (! defined($num_upg)) { print ("UNKNOWN - could not parse \"apt-get upgrade\" output\n"); $ret = 3; } elsif ($critical > 0) { print ("CRITICAL - $critical security updates available:$filelist\n"); $ret = 2; } elsif ($num_upg > 0) { print ("WARNING - $num_upg updates available:$filelist\n"); $ret = 1; } else { print ("OK - system is up to date\n"); $ret = 0; } exit $ret; # =========== sub usage() { printf(" Nagios SNMP check for Debian / Ubuntu package updates Author: Michal Ludvig <michal\@logix.cz> (c) 2006 http://www.logix.cz/michal/devel/nagios Usage: check-apt-upgrade.pl [options] --help Guess what's it for ;-) --file=<file> File with output of \"apt-get -s upgrade\" --run-apt Run \"apt-get -s upgrade\" directly. Option --run-apt has precedence over --file, i.e. no file is read if apt-get is run internally. If none of these options is given use standard input by default (e.g. to read from external command through a pipe). Return value (according to Nagios expectations): * If no updates are found, returns OK. * If there are only non-security updates, return WARNING. * If there are security updates, return CRITICAL. "); exit (1); }