X-Git-Url: http://git.indexdata.com/?a=blobdiff_plain;f=aptcheck%2Faptcheck.pl;h=b6353002b7b7128cc8c18268fe2442db7ea7aabd;hb=12ca199577b3174589205147fe1b2365d231ab85;hp=2b769f22c9860c2ac2bf6610b06844a5046e6ba5;hpb=69a6a467da589cfa124afba38c964635d38396e8;p=git-tools-moved-to-github.git diff --git a/aptcheck/aptcheck.pl b/aptcheck/aptcheck.pl index 2b769f2..b635300 100755 --- a/aptcheck/aptcheck.pl +++ b/aptcheck/aptcheck.pl @@ -19,20 +19,21 @@ # 11-Mar-2011 Heikki: Started this # 22-Mar-2011 Heikki: Adding manually maintained packages # 15-Aug-2011 Heikki: Adding a total in the headline, for nagiosgrapher +# 21-May-2012 Heikki: Added a date since when a package has been pending +# 31-May-2012 Heikki: Pointing to the new wiki +# 01-Jan-2013 Heikki: Get hosts from nagios-us as well. # # TODO: Assumes that we release our restricted packages for all versions # and architectures at the same time. Gets only the highest version from # all, and reports anything less than this. Good enough for now. # -# TODO: Get the dates from ls --full-time /var/cache/apt/archives/ -# and display next to the packages, so we can see how long they have -# been lingering. Boldface them if older than some limit #### Init use strict; my $debug= $ARGV[0] || 0; # 0=none, 1=some, 2=more, 3=much my $year =`date +%Y`; -my $wikilink = 'http://twiki.indexdata.dk/cgi-bin/twiki/view/ID/'; +#my $wikilink = 'http://twiki.indexdata.dk/cgi-bin/twiki/view/ID/'; +my $wikilink = 'https://twiki.indexdata.com/twiki/bin/view/ID/'; my $restrictedpackages = "ssh -q kebab cat /home/ftp/pub/debian/dists/*/restricted/*/Packages"; #### Host comments @@ -49,10 +50,15 @@ my %hostcomments = ( # I could use a hard-coded list, but I would forget to maintain it. # Nagios knows most of our hosts. It even knows which are worth # checking, they have a command to check apts! +print "Getting hostlist from nagios\n" if $debug; +my $hostlist1 = `ssh nagios grep -l Apt /etc/nagios3/indexdata-conf.d/*.cfg` + or die "Could not get host list from nagios (dk)"; -my $hostlist = `ssh nagios grep -l Apt /etc/nagios3/indexdata-conf.d/*.cfg` - or die "Could not get host list"; +print "Getting hostlist from nagios-us\n" if $debug; +my $hostlist2 = `ssh nagios-us grep -l Apt /etc/nagios3/indexdata-conf.d/*.cfg` + or die "Could not get host list from nagios (dk)"; +my $hostlist = $hostlist1 . $hostlist2; print "Got list:\n$hostlist\n" if $debug>2; ###### Get list of packages that can be manually maintained @@ -76,7 +82,7 @@ for my $pline ( split("\n",$restplines) ) { print "found $pname, first version $pver\n" if $debug>1; } else { my $bver = $restrpkgs{$pname}; - `dpkg --compare-versions "$bver" lt "$pver" `; + `dpkg --compare-versions "$bver" lt "$pver" 2>/dev/null `; if ( ! $? ) { print "found $pname, better version $pver (better than $bver)\n" if $debug>1; @@ -91,8 +97,8 @@ for my $pline ( split("\n",$restplines) ) { } } +print "got " . scalar(keys(%restrpkgs)) . " restricted packages\n" if $debug; if ( $debug >1 ) { - print "got " . scalar(keys(%restrpkgs)) . " restricted packages\n"; for $pname ( sort (keys(%restrpkgs)) ) { print " $pname " . $restrpkgs{$pname} . "\n"; } @@ -112,21 +118,53 @@ my $owntot = 0; my $mantot = 0; my $normtot = 0; my %updlinks; +my %debversions; + +# Pending modification dates +my %olddates; # Read in from the file +my %newdates; # To be written in the new version of the file +my $datefilename = "aptcheck.data"; +my $dateoldfilename = "aptcheck.old"; +my $thisdate = "*"; # indicates really old stuff +my $warndate; # Older than this will be boldfaced + +if ( -f $datefilename ) { + print "Reading dates from $datefilename\n" if $debug; + open F, $datefilename or die "Could not open date file $datefilename: $!"; + while () { + chop(); + my ($pkg, $date) = split; + next unless $pkg; # skip empty lines + $olddates{$pkg} = $date; + print "Date for '$pkg' is '$date' \n" if $debug; + } + close F; + $thisdate = `date +%F`; + chomp($thisdate); + $warndate = `date +%F -d "30 days ago"` ; ; + chomp($warndate); + print "Dates: now: '$thisdate' warn: '$warndate'\n" if $debug; +} else { + print "No datefile $datefilename found, starting from scratch\n"; +} + my $table = "\n"; -for my $hline ( split("\n",$hostlist) ) { +#for my $hline ( split("\n",$hostlist) ) { +for my $hline ( sort( split("\n",$hostlist) ) ) { next unless ( $hline =~ /\/([a-z0-9-]+)\.cfg$/ ); my $H = $1; next if ($H =~ /^commands/ ); next if ($H =~ /^servicegroups/ ); print "Checking $H\n" if $debug; $allhosts{$H}=1; + my $cmd0 = "cat /etc/debian_version"; my $cmd1 = "apt-cache -q policy " . join(" ",sort(keys(%restrpkgs))); my $cmd2 = "apt-get upgrade -s -o 'Debug::NoLocking=true' "; # Note, do not append -qq, we want some output even when nothing to do - print "ssh -q $H \"$cmd1 ; $cmd2 \" 2>/dev/null" if ($debug>1); - my $apt = `ssh -q $H "$cmd1 ; $cmd2 " 2>/dev/null`; + print "ssh -q $H \"$cmd0; $cmd1 ; $cmd2 \" 2>/dev/null \n" if ($debug>1); + my $apt = `ssh -q $H "$cmd0; $cmd1 ; $cmd2 " 2>/dev/null`; if ( !$apt ) { $table .= "\n"; $table .= ""; $det .= ""; $det .= ""; + my $datekey = "$H:$restrname"; + if ( $olddates{$datekey} ) { + $newdates{$datekey} = $olddates{$datekey}; + } else { + $newdates{$datekey} = $thisdate; + } + my $dispdate = $newdates{$datekey}; + # if ( $dispdate lt $warndate ) { + if ( 0 ) { # manual packages don't need to be highlighted + $dispdate = "$dispdate !"; + } + $det .= ""; $det .= "\n"; my $key = "$restrname"; if ( !$summary{$key} ) { @@ -211,10 +272,22 @@ for my $hline ( split("\n",$hostlist) ) { $det .= " "; $det .= " "; $det .= " "; + my $datekey = "$H:$pkg"; + if ( $olddates{$datekey} ) { + $newdates{$datekey} = $olddates{$datekey}; + } else { + $newdates{$datekey} = $thisdate; + } + my $dispdate = $newdates{$datekey}; + if ( ( $dispdate lt $warndate ) && ( $src =~ /Security/) ) { + $dispdate = "$dispdate !"; + } + $det .= ""; $det .= "\n"; + } - $table .= "\n"; - $table .= "\n"; + $table .= "\n"; $table .= "\n" if ( $hostcomments{$H} ); @@ -240,6 +314,20 @@ for my $hline ( split("\n",$hostlist) ) { } $table .= "
 
$H (skipped)\n"; @@ -142,7 +180,18 @@ for my $hline ( split("\n",$hostlist) ) { my $restrname = ""; my $restrinst = ""; my $restrcand = ""; + my $debver = 0; for my $p ( split("\n",$apt) ) { + if ( !$debver ) { # first line + $debver = 1; + $p =~ s/(5[0-9.]+)/$1 LENNY !!!/; + $p =~ s/(6[0-9.]+)/$1 squeeze/; + $p =~ s/(7[0-9.]+)/$1 wheezy/; + $p = " Debian $p"; + $debversions{$H} = $p; + print "Deb version for $H is $p\n" if ($debug>1); + next; + } # parse apt-cache output $restrname = $1 if $p =~ /^(\S+):$/; $restrinst = $1 if $p =~ /^\s+Installed:\s+(\S+)$/; @@ -153,7 +202,7 @@ for my $hline ( split("\n",$hostlist) ) { ( $restrinst ne $bver ) ) { # if different, it is a regular apt upgrade, and will be seen # later. AND we want to have a different version in our repo - `dpkg --compare-versions "$bver" lt "$restrinst" `; + `dpkg --compare-versions "$bver" lt "$restrinst" 2>/dev/null`; if ( $? ) { # It was not a downgrade # manual packages may be ahead of the repo! $mantot++; @@ -165,6 +214,18 @@ for my $hline ( split("\n",$hostlist) ) { $det .= "  $restrname (M)". strdiff($bver,$restrinst)."". strdiff($restrinst,$bver)."" . $dispdate . "
$cur$new" . $dispdate . "
 
$H  \n"; + $table .= "
 
$H  \n"; if ( $pkgs ) { $table .= "$pkgs packages to upgrade. "; $table .= "$secs security. " if $secs; @@ -231,6 +304,7 @@ for my $hline ( split("\n",$hostlist) ) { $updlink =~ s/Opencontent-solrUpdates/OpenContentSolrUpdates/; $updlinks{$H} = $updlink; $table .= " Upd"; + $table .= " " . $debversions{$H}; $table .= "
$hostcomments{$H}
\n"; +# Save the date file +if ( ! $debug ) { + `mv -f $datefilename $dateoldfilename`; + open F, ">$datefilename" or die "Could not open date file $datefilename for writing"; + for my $k (sort(keys(%newdates)) ) { + print F "$k " . $newdates{$k}. "\n"; + print "date for '$k' '" . $newdates{$k}. "'\n" if $debug; + } + close F + or die "Could not close date file $datefilename: $!"; +} else { + print "Not updating the date file, this is a debug run\n"; +} + # Page header my $outfile = "/tmp/aptcheck.html"; open F, ">$outfile" @@ -356,6 +444,9 @@ if ( 1 ) { } print F "\n"; +print F "

" . ( $sectot + $owntot + $mantot + $normtot ) . + " packages pending ($sectot critical) \n"; + # Graph #my $secs = 60*60*24 * 7 * 2; # 2 weeks in secods #my $secs = "1m"; # one month, let nagios do the math