{ "info": { "author": "Jean-Philippe Camguilhem", "author_email": "jpcw__at__camguilhem.net", "bugtrack_url": null, "classifiers": [ "Development Status :: 5 - Production/Stable", "Environment :: Plugins", "Intended Audience :: Developers", "Intended Audience :: System Administrators", "License :: OSI Approved :: BSD License", "Operating System :: POSIX :: BSD :: FreeBSD", "Programming Language :: Python", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3.3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", "Topic :: Software Development :: Libraries :: Python Modules", "Topic :: System :: Monitoring" ], "description": "==========================================================\nCheck FreeBSD pkg audit Nagios|Icinga|shinken|etc plugin.\n==========================================================\n\n.. image:: https://img.shields.io/pypi/l/checkpkgaudit.svg\n :target: https://pypi.python.org/pypi/checkpkgaudit/\n\n.. image:: https://img.shields.io/pypi/implementation/checkpkgaudit.svg\n :target: https://pypi.python.org/pypi/checkpkgaudit/\n\n.. image:: https://img.shields.io/pypi/pyversions/checkpkgaudit.svg\n :target: https://pypi.python.org/pypi/checkpkgaudit/\n\n.. image:: https://img.shields.io/pypi/v/checkpkgaudit.svg\n :target: https://pypi.python.org/pypi/checkpkgaudit/\n\n.. image:: https://img.shields.io/pypi/status/checkpkgaudit.svg\n :target: https://pypi.python.org/pypi/checkpkgaudit/\n\n.. image:: https://img.shields.io/coveralls/jpcw/checkpkgaudit.svg\n :target: https://coveralls.io/r/jpcw/checkpkgaudit\n\n.. image:: https://api.travis-ci.org/jpcw/checkpkgaudit.svg?branch=master\n :target: http://travis-ci.org/jpcw/checkpkgaudit\n\n+ Source: https://github.com/jpcw/checkpkgaudit\n\n+ Bugtracker: https://github.com/jpcw/checkpkgaudit/issues\n\n.. contents::\n\nusage\n-------\n\nThis check runs pkg audit over your host and its running jails\n\nsample outputs :\n\n+ Ok\n \n ::\n \n CHECKPKGAUDIT OK - 0 vulnerabilities found ! | 'host.domain.tld'=0;;@1:;0 http=0;;@1:;0 masterdns=0;;@1:;0 ns0=0;;@1:;0 ns1=0;;@1:;0 ns2=0;;@1:;0 smtp=0;;@1:;0\n \n\n+ Critical\n \n Critical state is reached with first vulnerable pkg. No warning, no configurable threasold, why waiting 2 or more vulnerabilities ?\n \n We are talking about security vulnerabilities !\n \n Of course, the plugin sum all the vulnerabilities and details each host|jail concerned\n\n \n ::\n \n CHECKPKGAUDIT CRITICAL - found 2 vulnerable(s) pkg(s) in : ns2, ns3 | 'host.domain.tld'=0;;@1:;0 http=0;;@1:;0 masterdns=0;;@1:;0 ns0=0;;@1:;0 ns1=0;;@1:;0 ns2=1;;@1:;0 ns3=1;;@1:;0 smtp=0;;@1:;0\n \n Notice that summary returns the total amount problems :\n \n found **2** vulnerable(s) pkg(s) in : **ns2, ns3** but performance data is detailled by host|jail\n\n+ Unknown\n \n if an error occured during pkg audit, the plugin raises a check error, which returns an UNKNOWN state.\n \n typically UNKNOWN causes\n \n + *pkg audit -F* has not been runned on host or a jail\n \n ::\n \n CHECKPKGAUDIT UNKNOWN - jailname Try running 'pkg audit -F' first | 'host.domain.tld'=0;;@1:;0 http=0;;@1:;0 masterdns=0;;@1:;0 ns0=0;;@1:;0 ns1=0;;@1:;0 ns2=0;;@1:;0 smtp=0;;@1:;0\n \n + *pkg -j jailname audit* runned as a non sudoer user\n \n ::\n \n CHECKPKGAUDIT UNKNOWN - jailname pkg: jail_attach(jailname): Operation not permitted | 'host.domain.tld'=0;;@1:;0\n \n If you have running jails, sudo is your friend to run this plugin with an unprivileged user. A sample config here ::\n \n icinga ALL = NOPASSWD: /usr/local/bin/check_pkgaudit\n \n\nInstall\n------------\n\n**checkpkgaudit** can be installed via \neither **easy_install** or **pip** .\n\nWithin or not a virtualenv:\n\n.. code-block:: console \n\n easy_install checkpkgaudit \n # or\n pip install checkpkgaudit\n\n**check_pkgaudit** is located at /usr/local/bin/check_pkgaudit\n\n.. warning:: SSL certificate error\n\n If you encountered an ssl certificate error with easy_install,\n you probably need to install the Root certificate bundle \n from the Mozilla Project:\n\n.. code-block:: console\n \n pkg install -y ca_root_nss\n ln -s /usr/local/share/certs/ca-root-nss.crt /etc/ssl/cert.pem\n\n\nNagios|icinga like configuration\n-----------------------------------\n\n**check_pkgaudit** could be called localy or remotely \nvia **check_by_ssh** or **NRPE**.\n\n**check_by_ssh**\n\nhere a sample definition to check remotely by ssh \n\nCommand definition ::\n \n define command{\n command_name check_ssh_pkgaudit\n command_line $USER1$/check_by_ssh -H $HOSTADDRESS$ -i /var/spool/icinga/.ssh/id_rsa -C \"sudo /usr/local/bin/check_pkgaudit\"\n }\n\nthe service itself ::\n \n define service{\n use my-service\n host_name hostname\n service_description pkg audit\n check_command check_ssh_pkgaudit!\n }\n \nicinga2 command ::\n \n\tobject CheckCommand \"pkgaudit\" {\n import \"plugin-check-command\"\n import \"ipv4-or-ipv6\"\n command = [ PluginDir + \"/check_by_ssh\" ]\n arguments = {\n \"-H\" = \"$address$\"\n \"-i\" = \"$ssh_id$\"\n \"-p\" = \"$ssh_port$\"\n \"-C\" = \"$ssh_command$\"\n \t }\n vars.address = \"$check_address$\"\n vars.ssh_id = \"/var/spool/icinga/.ssh/id_rsa\"\n vars.ssh_port = \"$vars.ssh_port$\"\n vars.ssh_command = \"sudo /usr/local/bin/check_pkgaudit\"\n\t}\n\nicinga2 service ::\n\t\n\tapply Service \"pkgaudit\" {\n \t check_command = \"pkgaudit\"\n \t assign where host.name == \"hostname\"\n\t}\n \n\n**NRPE**\n\nadd this line to /usr/local/etc/nrpe.cfg ::\n \n ...\n command[check_pkgaudit]=/usr/local/bin/check_pkgaudit\n ...\n\nnagios command definition ::\n \n define command{\n command_name check_nrpe_pkgaudit\n command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_pkgaudit\n }\n\nthe service itself ::\n \n define service{\n use my-service\n host_name hostname\n service_description pkg audit\n check_command check_nrpe_pkgaudit\n } \n\ntesting\n---------\n\n.. code-block:: shell\n\n python bootstrap-buildout.py --setuptools-version=33.1.1 --buildout-version=2.5.2\n bin/buildout -N\n bin/test\n\n\n\nChangelog\n=========\n\n0.7.2 (2017-06-05)\n------------------\n\n- fix python3 support https://github.com/jpcw/checkpkgaudit/issues/10\n\n\n0.7.1 (2017-03-08)\n------------------\n\n- README improvment -- Lcaracol\n\n\n0.7 (2017-03-07)\n----------------\n\n- fix missing ip jls output with vnet jails https://github.com/jpcw/checkpkgaudit/issues/4 -- blQn\n- remove py2.6, py32 and add py3.6 support\n\n\n0.6 (2016-03-14)\n----------------\n\n- add exclusion for hastd -- voileux\n\n\n0.5 (2016-03-11)\n----------------\n\n- add support for jails with different jails and hostnames -- StbX\n\n\n0.4 (2015-03-21)\n----------------\n\n- improve README with possible pypi ssl certificate problem, provide a workaround\n\n\n0.3 (2015-03-21)\n----------------\n\n- fix install README typo -- Nicolas RAHIR nox\n\n- add NRPE conf sample -- Nicolas RAHIR nox\n\n\n0.2 (2015-03-06)\n----------------\n\n- fix badges\n\n\n0.1 (2015-03-06)\n----------------\n\n- Jean-Philippe Camguilhem \n\n\n\nContributors\n==============\nMathias : Lcaracol\n\nDamien LACOSTE : Dam64\n\nThomas BALDAQUIN : blQn\n\nSimon RECHER : voileux\n\nSteffen Brandemann : StbX\n\nNicolas RAHIR : nox\n\nJean-Philippe Camguilhem, Author", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/jpcw/check_pkgaudit", "keywords": "Nagios Icinga plugin check pkg audit monitoring", "license": "BSD", "maintainer": "", "maintainer_email": "", "name": "checkpkgaudit", "package_url": "https://pypi.org/project/checkpkgaudit/", "platform": "any", "project_url": "https://pypi.org/project/checkpkgaudit/", "project_urls": { "Homepage": "https://github.com/jpcw/check_pkgaudit" }, "release_url": "https://pypi.org/project/checkpkgaudit/0.7.2/", "requires_dist": null, "requires_python": "", "summary": "Check FreeBSD pkg audit Nagios|Icinga|shinken|etc plugin.", "version": "0.7.2" }, "last_serial": 2927386, "releases": { "0.1": [ { "comment_text": "", "digests": { "md5": "27f531bd5a83b57a422766bc64c6cca6", "sha256": "63665f20b65ee3f05b0d266bcfd94e6aeef2b33a4ec903bfe310b51a4bfd619c" }, "downloads": -1, "filename": "checkpkgaudit-0.1.zip", "has_sig": false, "md5_digest": "27f531bd5a83b57a422766bc64c6cca6", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15020, "upload_time": "2015-03-06T21:40:04", "url": "https://files.pythonhosted.org/packages/c3/eb/638d6300e6b2e6847026b19ae0cc1bcec3fd49bd1c7e3fc5e93fff433cac/checkpkgaudit-0.1.zip" } ], "0.2": [ { "comment_text": "", "digests": { "md5": "d70bf22cc161c413d1e1b64da2dd48ee", "sha256": "9146eec69d881bfd236dbf6ac2d7856e9e70f6b2065f1914655cd72c9d92e431" }, "downloads": -1, "filename": "checkpkgaudit-0.2.zip", "has_sig": false, "md5_digest": "d70bf22cc161c413d1e1b64da2dd48ee", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15026, "upload_time": "2015-03-06T21:46:04", "url": "https://files.pythonhosted.org/packages/1f/3a/dd26c7f08d70acb8889e37d5a3a893e52abd77b69f4ccc653b68eb8d42b3/checkpkgaudit-0.2.zip" } ], "0.3": [ { "comment_text": "", "digests": { "md5": "22798d78611abe74e3f2cfb481e55147", "sha256": "e59279442586a8d564a2d72ffd0bd89f4912141b4381f6415db894359ecb752f" }, "downloads": -1, "filename": "checkpkgaudit-0.3.zip", "has_sig": false, "md5_digest": "22798d78611abe74e3f2cfb481e55147", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15318, "upload_time": "2015-03-21T12:31:49", "url": "https://files.pythonhosted.org/packages/5e/ef/b84e7d543d6f820772b025feb48d6b0354f205379bd3e8bb21575473c0dc/checkpkgaudit-0.3.zip" } ], "0.4": [ { "comment_text": "", "digests": { "md5": "81f90f4b5ddb00fb924aff00e7d66f74", "sha256": "0bbe105d08085c63961314cd04894c33693b83e2e6c8dfdcd70c330bc9840070" }, "downloads": -1, "filename": "checkpkgaudit-0.4.zip", "has_sig": false, "md5_digest": "81f90f4b5ddb00fb924aff00e7d66f74", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15750, "upload_time": "2015-03-21T13:48:16", "url": "https://files.pythonhosted.org/packages/6e/84/8d9cf7c91ebafcc0bfa141fc5f4b063996f1102687548ff77308a7be0749/checkpkgaudit-0.4.zip" } ], "0.5": [ { "comment_text": "", "digests": { "md5": "4861227d49577ec4a03338681910b13a", "sha256": "3acfd43521ccee56ac862eda2bea104bda79b9307115cab13e6acef999b233bf" }, "downloads": -1, "filename": "checkpkgaudit-0.5.zip", "has_sig": false, "md5_digest": "4861227d49577ec4a03338681910b13a", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15965, "upload_time": "2016-03-11T00:32:01", "url": "https://files.pythonhosted.org/packages/13/d4/b39ce273a34db32a316a582b317ec08b6db93ee9e38ba48028ebc1989b96/checkpkgaudit-0.5.zip" } ], "0.6": [ { "comment_text": "", "digests": { "md5": "afd1ad6e5c883fe4d94f37092c34d7af", "sha256": "517b3b28001d8b6c45a58dd7ade05f1e683db22b2229ca1869982ca176bd9dae" }, "downloads": -1, "filename": "checkpkgaudit-0.6.zip", "has_sig": false, "md5_digest": "afd1ad6e5c883fe4d94f37092c34d7af", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 16139, "upload_time": "2016-03-14T12:38:50", "url": "https://files.pythonhosted.org/packages/73/27/93c2175dc5e7f719427590b4a6abdffeed4035ca6432cb366ead9bb7e2f8/checkpkgaudit-0.6.zip" } ], "0.7": [ { "comment_text": "", "digests": { "md5": "8287bfa11948815cab0d55a3501e6020", "sha256": "704291fa78d43ed3da77e4bb52ae94b01bbdef99ed0ea8691f5830503335a74a" }, "downloads": -1, "filename": "checkpkgaudit-0.7.tar.gz", "has_sig": false, "md5_digest": "8287bfa11948815cab0d55a3501e6020", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 11376, "upload_time": "2017-03-07T14:05:31", "url": "https://files.pythonhosted.org/packages/a5/07/1e29f0a63ec2becf1e44b8c99752a54959b5ae83913d423b94b4666c3bf9/checkpkgaudit-0.7.tar.gz" } ], "0.7.1": [ { "comment_text": "", "digests": { "md5": "76920c290a02134076218d96d61be364", "sha256": "dc76f7ae42d5a593dd85539bd275683699c650f4d2781cb471d7428ca16f26c0" }, "downloads": -1, "filename": "checkpkgaudit-0.7.1.tar.gz", "has_sig": false, "md5_digest": "76920c290a02134076218d96d61be364", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 10954, "upload_time": "2017-03-08T13:42:27", "url": "https://files.pythonhosted.org/packages/17/a4/f326e8e97b249716e234b64c8e8292c5d1e7067fc012d2f0e53b2544f7ae/checkpkgaudit-0.7.1.tar.gz" } ], "0.7.2": [ { "comment_text": "", "digests": { "md5": "de38241f0799796f49058791c857d75f", "sha256": "c348bb617a7da5d72e5db5d515f4856b064a8ed867dcad6be98e538bcce62156" }, "downloads": -1, "filename": "checkpkgaudit-0.7.2.tar.gz", "has_sig": false, "md5_digest": "de38241f0799796f49058791c857d75f", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 9491, "upload_time": "2017-06-05T19:38:46", "url": "https://files.pythonhosted.org/packages/01/d9/66cfb677f4d82934f8fdbd31fa66e59650bc6ee324003ba2f6c235336d93/checkpkgaudit-0.7.2.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "de38241f0799796f49058791c857d75f", "sha256": "c348bb617a7da5d72e5db5d515f4856b064a8ed867dcad6be98e538bcce62156" }, "downloads": -1, "filename": "checkpkgaudit-0.7.2.tar.gz", "has_sig": false, "md5_digest": "de38241f0799796f49058791c857d75f", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 9491, "upload_time": "2017-06-05T19:38:46", "url": "https://files.pythonhosted.org/packages/01/d9/66cfb677f4d82934f8fdbd31fa66e59650bc6ee324003ba2f6c235336d93/checkpkgaudit-0.7.2.tar.gz" } ] }