Skip to content
Snippets Groups Projects
Commit f62ac072 authored by Hahn Axel (hahn)'s avatar Hahn Axel (hahn)
Browse files

check_cepho_osd harden su command execution

parent 7e509e4e
No related branches found
No related tags found
1 merge request!1926723 sudo
Hide whitespace changes
Inline Side-by-side
check_ceph_osd
+ 3
2
View file @ f62ac072
...@@ -27,11 +27,12 @@ ...@@ -27,11 +27,12 @@
# 2023-04-24 v1.4 <axel.hahn@unibe.ch> update for newer ceph versions # 2023-04-24 v1.4 <axel.hahn@unibe.ch> update for newer ceph versions
# 2023-06-19 v1.5 <axel.hahn@unibe.ch> add help and param support; no more tmpfile # 2023-06-19 v1.5 <axel.hahn@unibe.ch> add help and param support; no more tmpfile
# 2023-07-27 v1.6 <axel.hahn@unibe.ch> shorten ceph exec; show output on error; shell fixes # 2023-07-27 v1.6 <axel.hahn@unibe.ch> shorten ceph exec; show output on error; shell fixes
# 2023-10-20 v1.7 <axel.hahn@unibe.ch> harden sudo command execution
# ====================================================================== # ======================================================================
. $(dirname $0)/inc_pluginfunctions . $(dirname $0)/inc_pluginfunctions
export self_APPVERSION=1.6 export self_APPVERSION=1.7
# column number in output where to find the up/ down info # column number in output where to find the up/ down info
iColUpDown=5 iColUpDown=5
...@@ -87,7 +88,7 @@ case "$1" in ...@@ -87,7 +88,7 @@ case "$1" in
*) *)
esac esac
if ! data=$( sudo /bin/ceph osd tree 2>&1 ); then if ! data=$( sudo -n /bin/ceph osd tree 2>&1 ); then
echo "$data" echo "$data"
ph.abort "UNKNOWN: ceph is not available or no sudo permissions to execute ceph commands." ph.abort "UNKNOWN: ceph is not available or no sudo permissions to execute ceph commands."
fi fi
......
docs/20_Checks/check_ceph_io.md
+ 14
14
View file @ f62ac072
...@@ -18,35 +18,35 @@ icingaclient ALL=(ALL) NOPASSWD: /bin/ceph ...@@ -18,35 +18,35 @@ icingaclient ALL=(ALL) NOPASSWD: /bin/ceph
```txt ```txt
______________________________________________________________________ ______________________________________________________________________
CHECK_CEPH_IO CHECK_CEPH_OSD
v1.5 v1.7
(c) Institute for Medical Education - University of Bern (c) Institute for Medical Education - University of Bern
Licence: GNU GPL 3 Licence: GNU GPL 3
https://os-docs.iml.unibe.ch/icinga-checks/Checks/check_ceph_io.html https://os-docs.iml.unibe.ch/icinga-checks/Checks/check_ceph_osd.html
______________________________________________________________________ ______________________________________________________________________
Show cheph IO as read and written bytes per second. Show cheph osd status: how many OSDs exist and how many are up/ down.
This check sends performance data. This check sends performance data.
On your cluster you might want to increase the values for warning and
critical level.
SYNTAX: SYNTAX:
check_ceph_io check_ceph_osd [-w WARN_LIMIT] [-c CRITICAL_LIMIT]
OPTIONS: OPTIONS:
-h or --help show this help. -h or --help show this help.
-t [STRING] test a value; for debugging purposes -w VALUE warning level (default: 1)
Without a string internally stored values will be tested -c VALUE critical level (default: 2)
EXAMPLE: EXAMPLE:
check_ceph_io check_ceph_osd
no parameters; normal usage to get the ceph io data no parameters; normal usage to get the ceph osd status
check_ceph_io -t
Run a few builtin tests
check_ceph_io -t " client: 255 B/s rd, 0 op/s rd, 0 op/s wr" check_ceph_osd -c 10
Test a given string change to critical level if 10 osds are down.
``` ```
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment