2009-11-07 Sancho Lerena <slerena@artica.es>

* pandora_server_installer: A few bunch of upgrades for SUSE, added
	logrotate.d and some minor fixes.

	* pandora_server_upgrade: Some minor fixes.

	* PandoraFMS/Tools.pm: Fixes to internal SMTP Auth mechanism. 

	* util/pandora_logrotate: Much better configuration for pandora 
	logrotate config, this also rotate pandora_server.error and delete
	files after 5 days.

	* util/pandora_server: more fixes and small improvements to daemon
	script: Removed Mysql dependency on LSB, added variable for let user
	to choose timeout before KILL, and now checks for especific .conf file
	on detecting PID, this should work with several servers running in the
	same server.

	* util/plugin/ssh_pandoraplugin.sh: rewritten to use real parameters
	and be more verbose and easy to integrate in Pandora FMS Plugin server.

	* util/plugin/udp_nmap_plugin.sh: Same as above.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2097 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
slerena 2009-11-08 01:38:04 +00:00
parent fe8b57d4d4
commit d6065cb576
9 changed files with 215 additions and 56 deletions

View File

@ -1,3 +1,27 @@
2009-11-07 Sancho Lerena <slerena@artica.es>
* pandora_server_installer: A few bunch of upgrades for SUSE, added
logrotate.d and some minor fixes.
* pandora_server_upgrade: Some minor fixes.
* PandoraFMS/Tools.pm: Fixes to internal SMTP Auth mechanism.
* util/pandora_logrotate: Much better configuration for pandora
logrotate config, this also rotate pandora_server.error and delete
files after 5 days.
* util/pandora_server: more fixes and small improvements to daemon
script: Removed Mysql dependency on LSB, added variable for let user
to choose timeout before KILL, and now checks for especific .conf file
on detecting PID, this should work with several servers running in the
same server.
* util/plugin/ssh_pandoraplugin.sh: rewritten to use real parameters
and be more verbose and easy to integrate in Pandora FMS Plugin server.
* util/plugin/udp_nmap_plugin.sh: Same as above.
2009-11-06 Raul Mateos <raulofpandora@gmail.com> 2009-11-06 Raul Mateos <raulofpandora@gmail.com>
* lib/PandoraFMS/Config.pm: Changed string from RC1 to RC2. * lib/PandoraFMS/Config.pm: Changed string from RC1 to RC2.

View File

@ -154,7 +154,11 @@ sub pandora_daemonize {
# param4 - Email Message body # param4 - Email Message body
########################################################################## ##########################################################################
sub pandora_sendmail { # added in 2.0 version sub pandora_sendmail {
#WARNING: To use MTA Auth is needed v0.79_16 or higer of Mail:Sendmail
#http://cpansearch.perl.org/src/MIVKOVIC/Mail-Sendmail-0.79_16/Sendmail.pm
my $pa_config = $_[0]; my $pa_config = $_[0];
my $to_address = $_[1]; my $to_address = $_[1];
my $subject = $_[2]; my $subject = $_[2];
@ -163,21 +167,23 @@ sub pandora_sendmail { # added in 2.0 version
my %mail = ( To => $to_address, my %mail = ( To => $to_address,
Message => $message, Message => $message,
Subject => $subject, Subject => $subject,
'X-Mailer' => "Pandora FMS",
Smtp => $pa_config->{"mta_address"}, Smtp => $pa_config->{"mta_address"},
Port => $pa_config->{"mta_port"}, Port => $pa_config->{"mta_port"},
From => $pa_config->{"mta_from"}, From => $pa_config->{"mta_from"},
); );
if ($pa_config->{"mta_user"} ne ""){ if ($pa_config->{"mta_user"} ne ""){
$mail{auth} = {user=>$config->{"mta_user"}, password=>$config->{"mta_pass"}, method=>$config->{"mta_auth"}, required=>0 } $mail{auth} = {user=>$pa_config->{"mta_user"}, password=>$pa_config->{"mta_pass"}, method=>$pa_config->{"mta_auth"}, required=>1 };
} }
eval {
sendmail(%mail); if (sendmail %mail) {
}; return;
if ($@){ } else {
logger ($pa_config, "[ERROR] Sending email to $to_address with subject $subject", 1); logger ($pa_config, "[ERROR] Sending email to $to_address with subject $subject", 1);
logger ($pa_config, "ERROR Code: $@", 4); logger ($pa_config, "ERROR Code: $Mail::Sendmail::error", 5);
} }
} }
########################################################################## ##########################################################################

View File

@ -87,6 +87,8 @@ install () {
echo " " echo " "
echo " $ yum perl-XML-SAX* perl-Tie* perl-XML-Simple* perl-IO-Socket* perl-Time-modules* perl-NetAddr-IP* perl-DateTime* perl-ExtUtils perl-DBI" echo " $ yum perl-XML-SAX* perl-Tie* perl-XML-Simple* perl-IO-Socket* perl-Time-modules* perl-NetAddr-IP* perl-DateTime* perl-ExtUtils perl-DBI"
echo " " echo " "
echo " You also will need to install xprobe2 and wmiclient from rpm (download from our website)"
echo " "
echo "To get it from source through CPAN do" echo "To get it from source through CPAN do"
echo " " echo " "
echo " $ cpan Digest::MD5 Time::Local DBI XML::Simple IO::Socket Time::HiRes Time::Format NetAddr::IP Mail::Sendmail Net::Traceroute::PurePerl HTML::Entities" echo " $ cpan Digest::MD5 Time::Local DBI XML::Simple IO::Socket Time::HiRes Time::Format NetAddr::IP Mail::Sendmail Net::Traceroute::PurePerl HTML::Entities"
@ -182,9 +184,20 @@ install () {
echo "Linking startup script to /etc/rc2.d" echo "Linking startup script to /etc/rc2.d"
ln -s /etc/init.d/pandora_server /etc/rc2.d/S90pandora_server ln -s /etc/init.d/pandora_server /etc/rc2.d/S90pandora_server
else else
INITLV=`cat /etc/inittab | grep "[0-9]\:initdefault" | cut -f 2 -d ":"` if [ "$DISTRO" == "SUSE" ]
echo "Linking startup script to /etc/rc.d/rc$INITLV.d" then
ln -s /etc/init.d/pandora_server /etc/rc.d/rc$INITLV.d/S90pandora_server echo "Creating startup daemons"
insserv pandora_server
else
# Pandora FMS Server install (Other Distros)
INITLV=`cat /etc/inittab | grep "[0-9]\:initdefault" | cut -f 2 -d ":"`
if [ -z "$INITLV" ]
then
INITLV=2
fi
echo "Linking startup script to /etc/rc.d/rc$INITLV.d"
ln -s /etc/init.d/pandora_server /etc/rc.d/rc$INITLV.d/S90pandora_server
fi
fi fi
fi fi
@ -207,11 +220,19 @@ install () {
cp util/tentacle_serverd /etc/init.d/tentacle_serverd cp util/tentacle_serverd /etc/init.d/tentacle_serverd
ln -s /etc/init.d/tentacle_serverd /etc/rc2.d/S80tentacle_serverd ln -s /etc/init.d/tentacle_serverd /etc/rc2.d/S80tentacle_serverd
else else
# Tentacle server install (SUSE) if [ "$DISTRO" == "SUSE" ]
echo "Installing tentacle server in /etc/rc.d/rc$INITLV.d/S80tentacle_serverd" then
cp bin/tentacle_server /usr/local/bin echo "Creating Tentacle startup daemon"
cp util/tentacle_serverd /etc/init.d/tentacle_serverd cp bin/tentacle_server /usr/local/bin
ln -s /etc/init.d/tentacle_serverd /etc/rc.d/rc$INITLV.d/S80tentacle_serverd cp util/tentacle_serverd /etc/init.d/tentacle_serverd
insserv tentacle_serverd
else
# Tentacle server install (Other Distros)
echo "Installing tentacle server in /etc/rc.d/rc$INITLV.d/S80tentacle_serverd"
cp bin/tentacle_server /usr/local/bin
cp util/tentacle_serverd /etc/init.d/tentacle_serverd
ln -s /etc/init.d/tentacle_serverd /etc/rc.d/rc$INITLV.d/S80tentacle_serverd
fi
fi fi
fi fi
fi fi
@ -234,6 +255,12 @@ install () {
echo "Now you have to edit your /etc/pandora/pandora_server.conf file to change the database password (default is pandora) with the one set in include/config.php of your Pandora FMS Console." echo "Now you have to edit your /etc/pandora/pandora_server.conf file to change the database password (default is pandora) with the one set in include/config.php of your Pandora FMS Console."
echo "After setting password you can start your Pandora FMS Server!!" echo "After setting password you can start your Pandora FMS Server!!"
rm output rm output
if [ -d "/etc/logrotate.d" ]
then
echo "Managing Pandora FMS logs with logrotate (Distro independent)"
cp -aRf util/pandora_logrotate /etc/logrotate.d/pandora
fi
fi fi
} }
@ -249,8 +276,8 @@ uninstall () {
echo " userdel pandora" echo " userdel pandora"
echo " rm -Rf /home/pandora/" echo " rm -Rf /home/pandora/"
## Just to clarify here. Some people (like me) are using the pandora user ## Just to clarify here. Some people (like me) are using the pandora user
## for other purposes and/or using an LDAP-based user management ## for other purposes and/or using an LDAP-based user management
## I would hate to have a script clear out this users' information without any notification ## I would hate to have a script clear out this users' information without any notification
rm -Rf /var/log/pandora/ 2> /dev/null rm -Rf /var/log/pandora/ 2> /dev/null
@ -262,6 +289,7 @@ uninstall () {
rm -Rf /usr/bin/pandora_server 2> /dev/null rm -Rf /usr/bin/pandora_server 2> /dev/null
rm -Rf /usr/share/pandora_server rm -Rf /usr/share/pandora_server
rm -Rf /etc/cron.daily/pandora_db rm -Rf /etc/cron.daily/pandora_db
rm -Rf /etc/logrotate.d/pandora
echo "Done" echo "Done"
} }

View File

@ -19,15 +19,18 @@ install () {
chmod 750 bin/* chmod 750 bin/*
chmod 750 pandora_* chmod 750 pandora_*
chmod 750 util/*.pl chmod 750 util/*.pl
chmod 750 util/*.sh
chmod 750 util/pandora_exec chmod 750 util/pandora_exec
chmod 750 util/SLES10/* chmod 750 util/tentacle_serverd
chmod 750 util/pandora_server
chmod 750 util/plugin/* chmod 750 util/plugin/*
echo "Copying utilities...." echo "Copying utilities...."
cp -R util /usr/share/pandora cp -R util /usr/share/pandora_server
echo "Copying startup scripts to /etc/init.d...." echo "Copying startup scripts to /etc/init.d...."
cp pandora_* /etc/init.d cp pandora_server /etc/init.d
cp util/tentacle_serverd /etc/init.d
if [ ! -e /etc/cron.daily/pandora_purge_db ] if [ ! -e /etc/cron.daily/pandora_purge_db ]
then then
@ -37,7 +40,7 @@ install () {
fi fi
echo " " echo " "
echo "DONE!. Don't forget to restart all your Pandora FMS servers" echo "DONE!. Don't forget to restart all your Pandora FMS servers running in this machine"
echo " " echo " "
} }

View File

@ -1,9 +1,10 @@
/var/log/pandora/* { /var/log/pandora/pandora*.log /var/log/pandora/pandora_server.error {
weekly weekly
missingok missingok
rotate 52 size 262144
rotate 5
maxage 15
compress compress
delaycompress
notifempty notifempty
create 640 root root create 640 root root
sharedscripts sharedscripts

View File

@ -9,20 +9,28 @@
# #
### BEGIN INIT INFO ### BEGIN INIT INFO
# Provides: pandora_server # Provides: pandora_server
# Required-Start: $syslog mysql cron # Required-Start: $syslog cron
# Should-Start: $network cron # Should-Start: $network cron
# Required-Stop: $syslog mysql # Required-Stop: $syslog
# Should-Stop: $network mysql # Should-Stop: $network
# Default-Start: 2 3 5 # Default-Start: 2 3 5
# Default-Stop: 0 1 6 # Default-Stop: 0 1 6
# Short-Description: Pandora FMS Server startup script # Short-Description: Pandora FMS Server startup script
# Description: Pandora FMS Server startup script # Description: Pandora FMS Server startup script
### END INIT INFO ### END INIT INFO
# If you want to run several pandora servers in this machine, just copy
# this script to another name, editing PANDORA_HOME to the new .conf
export PANDORA_HOME="/etc/pandora/pandora_server.conf" export PANDORA_HOME="/etc/pandora/pandora_server.conf"
export PANDORA_DAEMON=/usr/local/bin/pandora_server export PANDORA_DAEMON=/usr/local/bin/pandora_server
# Uses a wait limit before sending a KILL signal, before trying to stop
# Pandora FMS server nicely. Some big systems need some time before close
# all pending tasks / threads.
export MAXWAIT=60
# Check for SUSE status scripts # Check for SUSE status scripts
if [ -f /etc/rc.status ] if [ -f /etc/rc.status ]
then then
@ -39,11 +47,11 @@ fi
# This function replace pidof, not working in the same way in different linux distros # This function replace pidof, not working in the same way in different linux distros
function pidof_pandora () ( function pidof_pandora () (
# This sets COLUMNS to 200 chars, because if command is run # This sets COLUMNS to XXX chars, because if command is run
# in a "strech" term, ps aux don't report more than COLUMNS # in a "strech" term, ps aux don't report more than COLUMNS
# characters and this will not work. # characters and this will not work.
COLUMNS=200 COLUMNS=300
PANDORA_PID=`ps aux | grep "$PANDORA_DAEMON" | grep -v grep | tail -1 | awk '{ print $2 }'` PANDORA_PID=`ps aux | grep "$PANDORA_DAEMON $PANDORA_HOME" | grep -v grep | tail -1 | awk '{ print $2 }'`
echo $PANDORA_PID echo $PANDORA_PID
) )
@ -93,12 +101,12 @@ case "$1" in
kill $PANDORA_PID > /dev/null 2>&1 kill $PANDORA_PID > /dev/null 2>&1
COUNTER=0 COUNTER=0
while [ $COUNTER -lt 60 ] while [ $COUNTER -lt $MAXWAIT ]
do do
PANDORA_PID=`pidof_pandora` PANDORA_PID=`pidof_pandora`
if [ -z "$PANDORA_PID" ] if [ -z "$PANDORA_PID" ]
then then
COUNTER=60 COUNTER=$MAXWAIT
fi fi
COUNTER=`expr $COUNTER + 1` COUNTER=`expr $COUNTER + 1`
sleep 1 sleep 1
@ -126,7 +134,6 @@ case "$1" in
;; ;;
force-reload|restart) force-reload|restart)
$0 stop $0 stop
sleep 10
$0 start $0 start
;; ;;
*) *)

View File

@ -1,7 +1,64 @@
#!/bin/bash #!/bin/bash
# Generic SSH Exec Pandora FMS Server plugin
# (c) Sancho Lerena 2008-2009
HOST=$2 # Default values
USER=$4 USER=""
COMMAND=$5 HOST=""
COMMAND=""
PORT=22
ssh $USER@$HOST $COMMAND function help {
echo -e "Generic SSH Execution plugion for Pandora FMS Plugin server. http://pandorafms.com"
echo -e "Syntax:"
echo -e "\t\t-u user"
echo -e "\t\t-p SSH port (by default 22)"
echo -e "\t\t-t Hostname / Target IP Address"
echo -e "\t\t-c Commnand"
echo -e "Samples:"
echo " ./ssh_pandoraplugin.sh -t 192.168.5.20 -u root -c \"ls -la /etc/myfile.conf | wc -l\""
echo ""
echo -e "Please note that before use this plugin you need to export user publickey of "
echo -e "Pandora running user on the server destination of the command, and make the host"
echo -e "key autenthication first"
exit
}
if [ $# -eq 0 ]
then
help
fi
# Main parsing code
while getopts ":hp:t:c:u:" optname
do
case "$optname" in
"h")
help
;;
"u")
PORT=$OPTARG
;;
"t")
HOST=$OPTARG
;;
"c")
COMMAND=$OPTARG
;;
"p")
PORT=$OPTARG
;;
?)
help
;;
default)
help
;;
esac
done
ssh -p $PORT $USER@$HOST $COMMAND

View File

@ -1,5 +1,54 @@
#!/bin/bash #!/bin/bash
# This is called like -p xxx -h xxxx # UDP Scan (using nmap) Pandora FMS Server plugin
HOST=$4 # (c) Sancho Lerena 2008-2009
PORT=$2
# Default values
PORT=""
HOST=""
function help {
echo -e "UDP Port Plugin for Pandora FMS Plugin server. http://pandorafms.com"
echo -e "Syntax:"
echo -e "\t\t-p port"
echo -e "\t\t-t hostname / target IP"
echo -e "Samples:"
echo " ./udp_nmap_plugin.sh -p 137 -t 192.168.5.20"
echo ""
echo -e "Please note that -p accepts nmap multiport syntax (like: 135,138,139,200-300)\n\n"
exit
}
if [ $# -eq 0 ]
then
help
fi
# Main parsing code
while getopts ":hp:t:" optname
do
case "$optname" in
"h")
help
;;
"p")
PORT=$OPTARG
;;
"t")
HOST=$OPTARG
;;
?)
help
;;
default)
help
;;
esac
done
# execution
nmap -T5 -p $PORT -sU $HOST | grep open | wc -l nmap -T5 -p $PORT -sU $HOST | grep open | wc -l

View File

@ -1,16 +0,0 @@
#!/usr/bin/perl
use strict;
use IO::Socket;
# Copyright (c) 2007 Artica Soluciones Tecnologicas S.L.
if ($#ARGV != 2) {
print "Usage: $0 <ip address> <port> <command>\n";
exit 1;
}
my $sock = IO::Socket::INET->new(Proto => 'udp',
PeerAddr => $ARGV[0],
PeerPort => $ARGV[1])
or die "Creating socket: $!\n";
$sock->send($ARGV[2]) or die "[error] $!";