From 02a85b40912a2c2b6637ff37c180e10073799aa0 Mon Sep 17 00:00:00 2001 From: mhoellein Date: Wed, 19 May 2021 08:27:18 +0200 Subject: [PATCH] committing changes in /etc made by "apt install icinga2 monitoring-plugins" Package changes: +icinga2 2.11.2-1ubuntu3 amd64 +icinga2-bin 2.11.2-1ubuntu3 amd64 +icinga2-common 2.11.2-1ubuntu3 all +icinga2-doc 2.11.2-1ubuntu3 all +libarchive13 3.4.0-2ubuntu1 amd64 +libavahi-client3 0.7-4ubuntu7 amd64 +libavahi-common-data 0.7-4ubuntu7 amd64 +libavahi-common3 0.7-4ubuntu7 amd64 +libboost-context1.71.0 1.71.0-6ubuntu6 amd64 +libboost-coroutine1.71.0 1.71.0-6ubuntu6 amd64 +libboost-filesystem1.71.0 1.71.0-6ubuntu6 amd64 +libboost-program-options1.71.0 1.71.0-6ubuntu6 amd64 +libboost-regex1.71.0 1.71.0-6ubuntu6 amd64 +libboost-thread1.71.0 1.71.0-6ubuntu6 amd64 +libcups2 2.3.1-9ubuntu1.1 amd64 +libdbi1 0.9.0-5 amd64 +libgpgme11 1.13.1-7ubuntu2 amd64 +libldb2 2:2.0.10-0ubuntu0.20.04.3 amd64 +libnet-snmp-perl 6.0.1-5 all +libpq5 12.6-0ubuntu0.20.04.1 amd64 +libradcli4 1.2.6-4build1 amd64 +libsensors-config 1:3.6.0-2ubuntu1 all +libsensors5 1:3.6.0-2ubuntu1 amd64 +libsmbclient 2:4.11.6+dfsg-0ubuntu1.8 amd64 +libsnmp-base 5.8+dfsg-2ubuntu2.3 all +libsnmp35 5.8+dfsg-2ubuntu2.3 amd64 +libtalloc2 2.3.0-3ubuntu1 amd64 +libtevent0 0.10.1-4 amd64 +libtirpc-common 1.2.5-1 all +libtirpc3 1.2.5-1 amd64 +libwbclient0 2:4.11.6+dfsg-0ubuntu1.8 amd64 +monitoring-plugins 2.2-6ubuntu1.1 all +monitoring-plugins-basic 2.2-6ubuntu1.1 amd64 +monitoring-plugins-common 2.2-6ubuntu1.1 amd64 +monitoring-plugins-standard 2.2-6ubuntu1.1 amd64 +python3-crypto 2.6.1-13ubuntu2 amd64 +python3-gpg 1.13.1-7ubuntu2 amd64 +python3-ldb 2:2.0.10-0ubuntu0.20.04.3 amd64 +python3-samba 2:4.11.6+dfsg-0ubuntu1.8 amd64 +python3-talloc 2.3.0-3ubuntu1 amd64 +python3-tdb 1.4.2-3build1 amd64 +rpcbind 1.2.5-8 amd64 +samba-common 2:4.11.6+dfsg-0ubuntu1.8 all +samba-common-bin 2:4.11.6+dfsg-0ubuntu1.8 amd64 +samba-dsdb-modules 2:4.11.6+dfsg-0ubuntu1.8 amd64 +samba-libs 2:4.11.6+dfsg-0ubuntu1.8 amd64 +smbclient 2:4.11.6+dfsg-0ubuntu1.8 amd64 +snmp 5.8+dfsg-2ubuntu2.3 amd64 --- .etckeeper | 113 ++++ default/icinga2 | 3 + default/rpcbind | 12 + dhcp/dhclient-enter-hooks.d/samba | 85 +++ group | 1 + group- | 2 +- gshadow | 1 + gshadow- | 2 +- icinga2/conf.d/app.conf | 1 + icinga2/conf.d/apt.conf | 7 + icinga2/conf.d/commands.conf | 187 ++++++ icinga2/conf.d/downtimes.conf | 20 + icinga2/conf.d/groups.conf | 37 ++ icinga2/conf.d/hosts.conf | 52 ++ icinga2/conf.d/notifications.conf | 33 ++ icinga2/conf.d/services.conf | 117 ++++ icinga2/conf.d/templates.conf | 83 +++ icinga2/conf.d/timeperiods.conf | 35 ++ icinga2/conf.d/users.conf | 17 + icinga2/constants.conf | 28 + icinga2/features-available/api.conf | 10 + icinga2/features-available/checker.conf | 5 + icinga2/features-available/command.conf | 7 + icinga2/features-available/compatlog.conf | 7 + icinga2/features-available/debuglog.conf | 10 + icinga2/features-available/elasticsearch.conf | 8 + icinga2/features-available/gelf.conf | 10 + icinga2/features-available/graphite.conf | 9 + icinga2/features-available/influxdb.conf | 25 + icinga2/features-available/livestatus.conf | 6 + icinga2/features-available/mainlog.conf | 8 + icinga2/features-available/notification.conf | 5 + icinga2/features-available/opentsdb.conf | 9 + icinga2/features-available/perfdata.conf | 6 + icinga2/features-available/statusdata.conf | 8 + icinga2/features-available/syslog.conf | 8 + icinga2/features-enabled/checker.conf | 1 + icinga2/features-enabled/mainlog.conf | 1 + icinga2/features-enabled/notification.conf | 1 + icinga2/icinga2.conf | 57 ++ icinga2/scripts/mail-host-notification.sh | 171 ++++++ icinga2/scripts/mail-service-notification.sh | 176 ++++++ icinga2/zones.conf | 63 ++ icinga2/zones.d/README | 2 + init.d/icinga2 | 239 ++++++++ init.d/rpcbind | 101 ++++ insserv.conf.d/rpcbind | 1 + logrotate.d/icinga2 | 23 + nagios-plugins/config/apt.cfg | 12 + nagios-plugins/config/breeze.cfg | 5 + nagios-plugins/config/dhcp.cfg | 15 + nagios-plugins/config/disk-smb.cfg | 54 ++ nagios-plugins/config/disk.cfg | 27 + nagios-plugins/config/dns.cfg | 11 + nagios-plugins/config/dummy.cfg | 29 + nagios-plugins/config/flexlm.cfg | 6 + nagios-plugins/config/fping.cfg | 5 + nagios-plugins/config/ftp.cfg | 15 + nagios-plugins/config/games.cfg | 14 + nagios-plugins/config/hppjd.cfg | 6 + nagios-plugins/config/http.cfg | 111 ++++ nagios-plugins/config/ifstatus.cfg | 23 + nagios-plugins/config/ldap.cfg | 31 + nagios-plugins/config/load.cfg | 6 + nagios-plugins/config/mail.cfg | 77 +++ nagios-plugins/config/mailq.cfg | 24 + nagios-plugins/config/mrtg.cfg | 14 + nagios-plugins/config/mysql.cfg | 24 + nagios-plugins/config/netware.cfg | 84 +++ nagios-plugins/config/news.cfg | 15 + nagios-plugins/config/nt.cfg | 15 + nagios-plugins/config/ntp.cfg | 17 + nagios-plugins/config/pgsql.cfg | 15 + nagios-plugins/config/ping.cfg | 72 +++ nagios-plugins/config/procs.cfg | 20 + nagios-plugins/config/radius.cfg | 6 + nagios-plugins/config/real.cfg | 13 + nagios-plugins/config/rpc-nfs.cfg | 14 + nagios-plugins/config/snmp.cfg | 132 +++++ nagios-plugins/config/ssh.cfg | 27 + nagios-plugins/config/tcp_udp.cfg | 27 + nagios-plugins/config/telnet.cfg | 15 + nagios-plugins/config/users.cfg | 6 + netconfig | 19 + pam.d/samba | 3 + passwd | 2 + passwd- | 2 + radcli/dictionary | 308 ++++++++++ radcli/dictionary.ascend | 297 ++++++++++ radcli/dictionary.compat | 47 ++ radcli/dictionary.merit | 17 + radcli/dictionary.microsoft | 81 +++ radcli/dictionary.roaringpenguin | 21 + radcli/dictionary.sip | 77 +++ radcli/radiusclient.conf | 62 ++ radcli/servers | 10 + rc0.d/K01icinga2 | 1 + rc0.d/K01rpcbind | 1 + rc1.d/K01icinga2 | 1 + rc1.d/K01rpcbind | 1 + rc2.d/S01icinga2 | 1 + rc3.d/S01icinga2 | 1 + rc4.d/S01icinga2 | 1 + rc5.d/S01icinga2 | 1 + rc6.d/K01icinga2 | 1 + rc6.d/K01rpcbind | 1 + rcS.d/S01rpcbind | 1 + samba/gdbcommands | 2 + samba/smb.conf | 242 ++++++++ sensors.d/.placeholder | 0 sensors3.conf | 536 ++++++++++++++++++ shadow | 2 + shadow- | 2 + snmp/snmp.conf | 10 + .../multi-user.target.wants/icinga2.service | 1 + .../multi-user.target.wants/rpcbind.service | 1 + .../sockets.target.wants/rpcbind.socket | 1 + 117 files changed, 4552 insertions(+), 2 deletions(-) create mode 100644 default/icinga2 create mode 100644 default/rpcbind create mode 100755 dhcp/dhclient-enter-hooks.d/samba create mode 100644 icinga2/conf.d/app.conf create mode 100644 icinga2/conf.d/apt.conf create mode 100644 icinga2/conf.d/commands.conf create mode 100644 icinga2/conf.d/downtimes.conf create mode 100644 icinga2/conf.d/groups.conf create mode 100644 icinga2/conf.d/hosts.conf create mode 100644 icinga2/conf.d/notifications.conf create mode 100644 icinga2/conf.d/services.conf create mode 100644 icinga2/conf.d/templates.conf create mode 100644 icinga2/conf.d/timeperiods.conf create mode 100644 icinga2/conf.d/users.conf create mode 100644 icinga2/constants.conf create mode 100644 icinga2/features-available/api.conf create mode 100644 icinga2/features-available/checker.conf create mode 100644 icinga2/features-available/command.conf create mode 100644 icinga2/features-available/compatlog.conf create mode 100644 icinga2/features-available/debuglog.conf create mode 100644 icinga2/features-available/elasticsearch.conf create mode 100644 icinga2/features-available/gelf.conf create mode 100644 icinga2/features-available/graphite.conf create mode 100644 icinga2/features-available/influxdb.conf create mode 100644 icinga2/features-available/livestatus.conf create mode 100644 icinga2/features-available/mainlog.conf create mode 100644 icinga2/features-available/notification.conf create mode 100644 icinga2/features-available/opentsdb.conf create mode 100644 icinga2/features-available/perfdata.conf create mode 100644 icinga2/features-available/statusdata.conf create mode 100644 icinga2/features-available/syslog.conf create mode 120000 icinga2/features-enabled/checker.conf create mode 120000 icinga2/features-enabled/mainlog.conf create mode 120000 icinga2/features-enabled/notification.conf create mode 100644 icinga2/icinga2.conf create mode 100755 icinga2/scripts/mail-host-notification.sh create mode 100755 icinga2/scripts/mail-service-notification.sh create mode 100644 icinga2/zones.conf create mode 100644 icinga2/zones.d/README create mode 100755 init.d/icinga2 create mode 100755 init.d/rpcbind create mode 100644 insserv.conf.d/rpcbind create mode 100644 logrotate.d/icinga2 create mode 100644 nagios-plugins/config/apt.cfg create mode 100644 nagios-plugins/config/breeze.cfg create mode 100644 nagios-plugins/config/dhcp.cfg create mode 100644 nagios-plugins/config/disk-smb.cfg create mode 100644 nagios-plugins/config/disk.cfg create mode 100644 nagios-plugins/config/dns.cfg create mode 100644 nagios-plugins/config/dummy.cfg create mode 100644 nagios-plugins/config/flexlm.cfg create mode 100644 nagios-plugins/config/fping.cfg create mode 100644 nagios-plugins/config/ftp.cfg create mode 100644 nagios-plugins/config/games.cfg create mode 100644 nagios-plugins/config/hppjd.cfg create mode 100644 nagios-plugins/config/http.cfg create mode 100644 nagios-plugins/config/ifstatus.cfg create mode 100644 nagios-plugins/config/ldap.cfg create mode 100644 nagios-plugins/config/load.cfg create mode 100644 nagios-plugins/config/mail.cfg create mode 100644 nagios-plugins/config/mailq.cfg create mode 100644 nagios-plugins/config/mrtg.cfg create mode 100644 nagios-plugins/config/mysql.cfg create mode 100644 nagios-plugins/config/netware.cfg create mode 100644 nagios-plugins/config/news.cfg create mode 100644 nagios-plugins/config/nt.cfg create mode 100644 nagios-plugins/config/ntp.cfg create mode 100644 nagios-plugins/config/pgsql.cfg create mode 100644 nagios-plugins/config/ping.cfg create mode 100644 nagios-plugins/config/procs.cfg create mode 100644 nagios-plugins/config/radius.cfg create mode 100644 nagios-plugins/config/real.cfg create mode 100644 nagios-plugins/config/rpc-nfs.cfg create mode 100644 nagios-plugins/config/snmp.cfg create mode 100644 nagios-plugins/config/ssh.cfg create mode 100644 nagios-plugins/config/tcp_udp.cfg create mode 100644 nagios-plugins/config/telnet.cfg create mode 100644 nagios-plugins/config/users.cfg create mode 100644 netconfig create mode 100644 pam.d/samba create mode 100644 radcli/dictionary create mode 100644 radcli/dictionary.ascend create mode 100644 radcli/dictionary.compat create mode 100644 radcli/dictionary.merit create mode 100644 radcli/dictionary.microsoft create mode 100644 radcli/dictionary.roaringpenguin create mode 100644 radcli/dictionary.sip create mode 100644 radcli/radiusclient.conf create mode 100644 radcli/servers create mode 120000 rc0.d/K01icinga2 create mode 120000 rc0.d/K01rpcbind create mode 120000 rc1.d/K01icinga2 create mode 120000 rc1.d/K01rpcbind create mode 120000 rc2.d/S01icinga2 create mode 120000 rc3.d/S01icinga2 create mode 120000 rc4.d/S01icinga2 create mode 120000 rc5.d/S01icinga2 create mode 120000 rc6.d/K01icinga2 create mode 120000 rc6.d/K01rpcbind create mode 120000 rcS.d/S01rpcbind create mode 100644 samba/gdbcommands create mode 100644 samba/smb.conf create mode 100644 sensors.d/.placeholder create mode 100644 sensors3.conf create mode 100644 snmp/snmp.conf create mode 120000 systemd/system/multi-user.target.wants/icinga2.service create mode 120000 systemd/system/multi-user.target.wants/rpcbind.service create mode 120000 systemd/system/sockets.target.wants/rpcbind.socket diff --git a/.etckeeper b/.etckeeper index 38a786e..3acab71 100755 --- a/.etckeeper +++ b/.etckeeper @@ -11,6 +11,7 @@ mkdir -p './ca-certificates/update.d' mkdir -p './dbus-1/session.d' mkdir -p './dpkg/dpkg.cfg.d' mkdir -p './gss/mech.d' +mkdir -p './icinga2/pki' mkdir -p './initramfs-tools/conf.d' mkdir -p './initramfs-tools/hooks' mkdir -p './initramfs-tools/scripts/init-bottom' @@ -35,6 +36,7 @@ mkdir -p './opt' mkdir -p './postfix/dynamicmaps.cf.d' mkdir -p './postfix/postfix-files.d' mkdir -p './postfix/sasl' +mkdir -p './samba/tls' mkdir -p './security/limits.d' mkdir -p './security/namespace.d' mkdir -p './ssh/ssh_config.d' @@ -528,6 +530,7 @@ maybe chmod 0644 'default/dovecot' maybe chmod 0644 'default/grub' maybe chmod 0755 'default/grub.d' maybe chmod 0644 'default/grub.d/init-select.cfg' +maybe chmod 0644 'default/icinga2' maybe chmod 0644 'default/intel-microcode' maybe chmod 0644 'default/irqbalance' maybe chmod 0644 'default/keyboard' @@ -536,6 +539,7 @@ maybe chmod 0644 'default/motd-news.wasremoved' maybe chmod 0644 'default/named' maybe chmod 0644 'default/networkd-dispatcher' maybe chmod 0644 'default/nss' +maybe chmod 0644 'default/rpcbind' maybe chmod 0644 'default/rsync' maybe chmod 0644 'default/ssh' maybe chmod 0644 'default/ufw' @@ -547,6 +551,7 @@ maybe chmod 0755 'dhcp' maybe chmod 0644 'dhcp/debug' maybe chmod 0755 'dhcp/dhclient-enter-hooks.d' maybe chmod 0755 'dhcp/dhclient-enter-hooks.d/resolved' +maybe chmod 0755 'dhcp/dhclient-enter-hooks.d/samba' maybe chmod 0755 'dhcp/dhclient-exit-hooks.d' maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes' maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/timesyncd' @@ -740,6 +745,52 @@ maybe chmod 0644 'hostname' maybe chmod 0644 'hosts' maybe chmod 0644 'hosts.allow' maybe chmod 0644 'hosts.deny' +maybe chown 'nagios' 'icinga2' +maybe chgrp 'nagios' 'icinga2' +maybe chmod 0750 'icinga2' +maybe chmod 0755 'icinga2/conf.d' +maybe chmod 0644 'icinga2/conf.d/app.conf' +maybe chmod 0644 'icinga2/conf.d/apt.conf' +maybe chmod 0644 'icinga2/conf.d/commands.conf' +maybe chmod 0644 'icinga2/conf.d/downtimes.conf' +maybe chmod 0644 'icinga2/conf.d/groups.conf' +maybe chmod 0644 'icinga2/conf.d/hosts.conf' +maybe chmod 0644 'icinga2/conf.d/notifications.conf' +maybe chmod 0644 'icinga2/conf.d/services.conf' +maybe chmod 0644 'icinga2/conf.d/templates.conf' +maybe chmod 0644 'icinga2/conf.d/timeperiods.conf' +maybe chmod 0644 'icinga2/conf.d/users.conf' +maybe chmod 0644 'icinga2/constants.conf' +maybe chmod 0755 'icinga2/features-available' +maybe chmod 0644 'icinga2/features-available/api.conf' +maybe chmod 0644 'icinga2/features-available/checker.conf' +maybe chmod 0644 'icinga2/features-available/command.conf' +maybe chmod 0644 'icinga2/features-available/compatlog.conf' +maybe chmod 0644 'icinga2/features-available/debuglog.conf' +maybe chmod 0644 'icinga2/features-available/elasticsearch.conf' +maybe chmod 0644 'icinga2/features-available/gelf.conf' +maybe chmod 0644 'icinga2/features-available/graphite.conf' +maybe chmod 0644 'icinga2/features-available/influxdb.conf' +maybe chmod 0644 'icinga2/features-available/livestatus.conf' +maybe chmod 0644 'icinga2/features-available/mainlog.conf' +maybe chmod 0644 'icinga2/features-available/notification.conf' +maybe chmod 0644 'icinga2/features-available/opentsdb.conf' +maybe chmod 0644 'icinga2/features-available/perfdata.conf' +maybe chmod 0644 'icinga2/features-available/statusdata.conf' +maybe chmod 0644 'icinga2/features-available/syslog.conf' +maybe chown 'nagios' 'icinga2/features-enabled' +maybe chgrp 'nagios' 'icinga2/features-enabled' +maybe chmod 0750 'icinga2/features-enabled' +maybe chmod 0644 'icinga2/icinga2.conf' +maybe chown 'nagios' 'icinga2/pki' +maybe chgrp 'nagios' 'icinga2/pki' +maybe chmod 0700 'icinga2/pki' +maybe chmod 0755 'icinga2/scripts' +maybe chmod 0755 'icinga2/scripts/mail-host-notification.sh' +maybe chmod 0755 'icinga2/scripts/mail-service-notification.sh' +maybe chmod 0644 'icinga2/zones.conf' +maybe chmod 0755 'icinga2/zones.d' +maybe chmod 0644 'icinga2/zones.d/README' maybe chmod 0755 'init' maybe chmod 0755 'init.d' maybe chmod 0755 'init.d/acpid' @@ -752,6 +803,7 @@ maybe chmod 0755 'init.d/dbus' maybe chmod 0755 'init.d/dovecot' maybe chmod 0755 'init.d/grub-common' maybe chmod 0755 'init.d/hwclock.sh' +maybe chmod 0755 'init.d/icinga2' maybe chmod 0755 'init.d/irqbalance' maybe chmod 0755 'init.d/keyboard-setup.sh' maybe chmod 0755 'init.d/kmod' @@ -761,6 +813,7 @@ maybe chmod 0755 'init.d/plymouth' maybe chmod 0755 'init.d/plymouth-log' maybe chmod 0755 'init.d/postfix' maybe chmod 0755 'init.d/procps' +maybe chmod 0755 'init.d/rpcbind' maybe chmod 0755 'init.d/rsync' maybe chmod 0755 'init.d/rsyslog' maybe chmod 0755 'init.d/screen-cleanup' @@ -791,6 +844,7 @@ maybe chmod 0644 'inputrc' maybe chmod 0755 'insserv.conf.d' maybe chmod 0644 'insserv.conf.d/bind9' maybe chmod 0644 'insserv.conf.d/postfix' +maybe chmod 0644 'insserv.conf.d/rpcbind' maybe chmod 0755 'iproute2' maybe chmod 0644 'iproute2/bpf_pinning' maybe chmod 0644 'iproute2/ematch_map' @@ -859,6 +913,7 @@ maybe chmod 0644 'logrotate.d/bootlog' maybe chmod 0644 'logrotate.d/btmp' maybe chmod 0644 'logrotate.d/dbconfig-common' maybe chmod 0644 'logrotate.d/dpkg' +maybe chmod 0644 'logrotate.d/icinga2' maybe chmod 0644 'logrotate.d/mysql-server' maybe chmod 0644 'logrotate.d/rsyslog' maybe chmod 0644 'logrotate.d/ubuntu-advantage-tools' @@ -899,7 +954,45 @@ maybe chmod 0755 'mysql/mysql.conf.d' maybe chmod 0644 'mysql/mysql.conf.d/mysql.cnf' maybe chmod 0644 'mysql/mysql.conf.d/mysqld.cnf' maybe chmod 0644 'mysql/mysql.conf.d/mysqld_safe_syslog.cnf' +maybe chmod 0755 'nagios-plugins' +maybe chmod 0755 'nagios-plugins/config' +maybe chmod 0644 'nagios-plugins/config/apt.cfg' +maybe chmod 0644 'nagios-plugins/config/breeze.cfg' +maybe chmod 0644 'nagios-plugins/config/dhcp.cfg' +maybe chmod 0644 'nagios-plugins/config/disk-smb.cfg' +maybe chmod 0644 'nagios-plugins/config/disk.cfg' +maybe chmod 0644 'nagios-plugins/config/dns.cfg' +maybe chmod 0644 'nagios-plugins/config/dummy.cfg' +maybe chmod 0644 'nagios-plugins/config/flexlm.cfg' +maybe chmod 0644 'nagios-plugins/config/fping.cfg' +maybe chmod 0644 'nagios-plugins/config/ftp.cfg' +maybe chmod 0644 'nagios-plugins/config/games.cfg' +maybe chmod 0644 'nagios-plugins/config/hppjd.cfg' +maybe chmod 0644 'nagios-plugins/config/http.cfg' +maybe chmod 0644 'nagios-plugins/config/ifstatus.cfg' +maybe chmod 0644 'nagios-plugins/config/ldap.cfg' +maybe chmod 0644 'nagios-plugins/config/load.cfg' +maybe chmod 0644 'nagios-plugins/config/mail.cfg' +maybe chmod 0644 'nagios-plugins/config/mailq.cfg' +maybe chmod 0644 'nagios-plugins/config/mrtg.cfg' +maybe chmod 0644 'nagios-plugins/config/mysql.cfg' +maybe chmod 0644 'nagios-plugins/config/netware.cfg' +maybe chmod 0644 'nagios-plugins/config/news.cfg' +maybe chmod 0644 'nagios-plugins/config/nt.cfg' +maybe chmod 0644 'nagios-plugins/config/ntp.cfg' +maybe chmod 0644 'nagios-plugins/config/pgsql.cfg' +maybe chmod 0644 'nagios-plugins/config/ping.cfg' +maybe chmod 0644 'nagios-plugins/config/procs.cfg' +maybe chmod 0644 'nagios-plugins/config/radius.cfg' +maybe chmod 0644 'nagios-plugins/config/real.cfg' +maybe chmod 0644 'nagios-plugins/config/rpc-nfs.cfg' +maybe chmod 0644 'nagios-plugins/config/snmp.cfg' +maybe chmod 0644 'nagios-plugins/config/ssh.cfg' +maybe chmod 0644 'nagios-plugins/config/tcp_udp.cfg' +maybe chmod 0644 'nagios-plugins/config/telnet.cfg' +maybe chmod 0644 'nagios-plugins/config/users.cfg' maybe chmod 0644 'nanorc' +maybe chmod 0644 'netconfig' maybe chmod 0755 'netplan' maybe chmod 0644 'netplan/01-netcfg.yaml' maybe chmod 0755 'network' @@ -941,6 +1034,7 @@ maybe chmod 0644 'pam.d/other' maybe chmod 0644 'pam.d/passwd' maybe chmod 0644 'pam.d/runuser' maybe chmod 0644 'pam.d/runuser-l' +maybe chmod 0644 'pam.d/samba' maybe chmod 0644 'pam.d/sshd' maybe chmod 0644 'pam.d/su' maybe chmod 0644 'pam.d/su-l' @@ -1030,6 +1124,16 @@ maybe chmod 0755 'python3' maybe chmod 0755 'python3.8' maybe chmod 0644 'python3.8/sitecustomize.py' maybe chmod 0644 'python3/debian_config' +maybe chmod 0755 'radcli' +maybe chmod 0644 'radcli/dictionary' +maybe chmod 0644 'radcli/dictionary.ascend' +maybe chmod 0644 'radcli/dictionary.compat' +maybe chmod 0644 'radcli/dictionary.merit' +maybe chmod 0644 'radcli/dictionary.microsoft' +maybe chmod 0644 'radcli/dictionary.roaringpenguin' +maybe chmod 0644 'radcli/dictionary.sip' +maybe chmod 0644 'radcli/radiusclient.conf' +maybe chmod 0644 'radcli/servers' maybe chmod 0755 'rc0.d' maybe chmod 0755 'rc1.d' maybe chmod 0755 'rc2.d' @@ -1047,6 +1151,10 @@ maybe chmod 0755 'rsyslog.d' maybe chmod 0644 'rsyslog.d/20-ufw.conf' maybe chmod 0644 'rsyslog.d/50-default.conf' maybe chmod 0644 'rsyslog.d/postfix.conf' +maybe chmod 0755 'samba' +maybe chmod 0644 'samba/gdbcommands' +maybe chmod 0644 'samba/smb.conf' +maybe chmod 0755 'samba/tls' maybe chmod 0644 'screenrc' maybe chmod 0755 'security' maybe chmod 0644 'security/access.conf' @@ -1063,6 +1171,9 @@ maybe chmod 0644 'security/sepermit.conf' maybe chmod 0644 'security/time.conf' maybe chmod 0755 'selinux' maybe chmod 0644 'selinux/semanage.conf' +maybe chmod 0755 'sensors.d' +maybe chmod 0644 'sensors.d/.placeholder' +maybe chmod 0644 'sensors3.conf' maybe chmod 0644 'services' maybe chgrp 'shadow' 'shadow' maybe chmod 0640 'shadow' @@ -1073,6 +1184,8 @@ maybe chmod 0755 'skel' maybe chmod 0644 'skel/.bash_logout' maybe chmod 0644 'skel/.bashrc' maybe chmod 0644 'skel/.profile' +maybe chmod 0755 'snmp' +maybe chmod 0644 'snmp/snmp.conf' maybe chmod 0755 'ssh' maybe chmod 0644 'ssh/moduli' maybe chmod 0644 'ssh/ssh_config' diff --git a/default/icinga2 b/default/icinga2 new file mode 100644 index 0000000..c452408 --- /dev/null +++ b/default/icinga2 @@ -0,0 +1,3 @@ +# default settings for icinga2's initscript + +#DAEMON_ARGS="-e /var/log/icinga2/icinga2.err" diff --git a/default/rpcbind b/default/rpcbind new file mode 100644 index 0000000..67a9654 --- /dev/null +++ b/default/rpcbind @@ -0,0 +1,12 @@ +# /etc/init.d/rpcbind + +OPTIONS="" + +# Cause rpcbind to do a "warm start" utilizing a state file (default) +OPTIONS="-w" + +# Uncomment the following line to restrict rpcbind to localhost only for UDP requests +# OPTIONS="${OPTIONS} -h 127.0.0.1 -h ::1" + +# Uncomment the following line to enable libwrap TCP-Wrapper connection logging +# OPTIONS="${OPTIONS} -l " diff --git a/dhcp/dhclient-enter-hooks.d/samba b/dhcp/dhclient-enter-hooks.d/samba new file mode 100755 index 0000000..81ab791 --- /dev/null +++ b/dhcp/dhclient-enter-hooks.d/samba @@ -0,0 +1,85 @@ +#!/bin/sh + +SAMBA_DHCP_CONF=/var/lib/samba/dhcp.conf + +netbios_setup() { + # No need to continue if we're called with an unsupported option + + case $reason in + BOUND|RENEW|REBIND|REBOOT|EXPIRE|FAIL|RELEASE|STOP) + ;; + *) + return + ;; + esac + + umask 022 + + local other_servers="" + local serverlist="" + + # the destination file won't exist yet on the first run after + # installing samba + if [ -e $SAMBA_DHCP_CONF ] && [ -s $SAMBA_DHCP_CONF ] + then + # don't continue if no settings have changed + if [ "$new_netbios_name_servers" = "$old_netbios_name_servers" ] \ + && [ "$new_netbios_scope" = "$old_netbios_scope" ] \ + && [ -n "$new_netbios_name_servers" ] + then + return + fi + + # reparse our own file + other_servers=`sed -n -e"s/[[:space:]]$interface:[^[:space:]]*//g; \ + s/^[[:space:]]*wins server[[:space:]]*=[[:space:]]*//pi" \ + $SAMBA_DHCP_CONF` + + serverlist="$other_servers" + fi + + for server in $new_netbios_name_servers + do + serverlist="$serverlist $interface:$server" + done + + echo -n > ${SAMBA_DHCP_CONF}.new + + # If we're updating on failure/expire, AND there are no WINS + # servers for other interfaces, leave the file empty. + if [ -z "$other_servers" ] + then + if [ "$reason" = FAIL ] || [ "$reason" = EXPIRE ] + then + mv ${SAMBA_DHCP_CONF}.new $SAMBA_DHCP_CONF + return + fi + fi + + if [ -n "$serverlist" ] + then + echo " wins server =$serverlist" >> ${SAMBA_DHCP_CONF}.new + fi + if [ -n "$new_netbios_scope" ] + then + echo " netbios scope = $new_netbios_scope" >> ${SAMBA_DHCP_CONF}.new + fi + mv ${SAMBA_DHCP_CONF}.new $SAMBA_DHCP_CONF + + # reload the samba server + # We don't necessarily have the samba package installed. #414841 + if [ -x /etc/init.d/smbd ] + then + if [ -d /run/systemd/system ] + then + if systemctl is-enabled smbd.service --quiet + then + systemctl try-reload-or-restart smbd.service + fi + else + /usr/sbin/invoke-rc.d smbd reload + fi + fi +} + +netbios_setup diff --git a/group b/group index 0df99de..0f320a4 100644 --- a/group +++ b/group @@ -60,3 +60,4 @@ dovecot:x:118: dovenull:x:119: render:x:120: tcpdump:x:121: +nagios:x:122: diff --git a/group- b/group- index b2192e5..0df99de 100644 --- a/group- +++ b/group- @@ -3,7 +3,7 @@ daemon:x:1: bin:x:2: sys:x:3: adm:x:4:syslog -tty:x:5: +tty:x:5:syslog disk:x:6: lp:x:7: mail:x:8: diff --git a/gshadow b/gshadow index 9379783..df404a8 100644 --- a/gshadow +++ b/gshadow @@ -60,3 +60,4 @@ dovecot:!:: dovenull:!:: render:!:: tcpdump:!:: +nagios:!:: diff --git a/gshadow- b/gshadow- index 693c6e3..9379783 100644 --- a/gshadow- +++ b/gshadow- @@ -3,7 +3,7 @@ daemon:*:: bin:*:: sys:*:: adm:*::syslog -tty:*:: +tty:*::syslog disk:*:: lp:*:: mail:*:: diff --git a/icinga2/conf.d/app.conf b/icinga2/conf.d/app.conf new file mode 100644 index 0000000..3e4be0d --- /dev/null +++ b/icinga2/conf.d/app.conf @@ -0,0 +1 @@ +object IcingaApplication "app" { } diff --git a/icinga2/conf.d/apt.conf b/icinga2/conf.d/apt.conf new file mode 100644 index 0000000..b2c77a0 --- /dev/null +++ b/icinga2/conf.d/apt.conf @@ -0,0 +1,7 @@ +apply Service "apt" { + import "generic-service" + + check_command = "apt" + + assign where host.name == NodeName +} diff --git a/icinga2/conf.d/commands.conf b/icinga2/conf.d/commands.conf new file mode 100644 index 0000000..bd511ce --- /dev/null +++ b/icinga2/conf.d/commands.conf @@ -0,0 +1,187 @@ +/* Command objects */ + +/* Notification Commands + * + * Please check the documentation for all required and + * optional parameters. + */ + +object NotificationCommand "mail-host-notification" { + command = [ ConfigDir + "/scripts/mail-host-notification.sh" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-f" = { + value = "$notification_from$" + description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_hostoutput$" + } + "-r" = { + required = true + value = "$notification_useremail$" + } + "-s" = { + required = true + value = "$notification_hoststate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-v" = "$notification_logtosyslog$" + } + + vars += { + notification_address = "$address$" + notification_address6 = "$address6$" + notification_author = "$notification.author$" + notification_comment = "$notification.comment$" + notification_type = "$notification.type$" + notification_date = "$icinga.long_date_time$" + notification_hostname = "$host.name$" + notification_hostdisplayname = "$host.display_name$" + notification_hostoutput = "$host.output$" + notification_hoststate = "$host.state$" + notification_useremail = "$user.email$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ ConfigDir + "/scripts/mail-service-notification.sh" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-e" = { + required = true + value = "$notification_servicename$" + } + "-f" = { + value = "$notification_from$" + description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_serviceoutput$" + } + "-r" = { + required = true + value = "$notification_useremail$" + } + "-s" = { + required = true + value = "$notification_servicestate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-u" = { + required = true + value = "$notification_servicedisplayname$" + } + "-v" = "$notification_logtosyslog$" + } + + vars += { + notification_address = "$address$" + notification_address6 = "$address6$" + notification_author = "$notification.author$" + notification_comment = "$notification.comment$" + notification_type = "$notification.type$" + notification_date = "$icinga.long_date_time$" + notification_hostname = "$host.name$" + notification_hostdisplayname = "$host.display_name$" + notification_servicename = "$service.name$" + notification_serviceoutput = "$service.output$" + notification_servicestate = "$service.state$" + notification_useremail = "$user.email$" + notification_servicedisplayname = "$service.display_name$" + } +} + +/* + * If you prefer to use the notification scripts with environment + * variables instead of command line parameters, you can use + * the following commands. They have been updated from < 2.7 + * to support the new notification scripts and should help + * with an upgrade. + * Remove the comment blocks and comment the notification commands above. + */ + +/* + +object NotificationCommand "mail-host-notification" { + command = [ ConfigDir + "/scripts/mail-host-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + HOSTDISPLAYNAME = "$host.display_name$" + HOSTNAME = "$host.name$" + HOSTADDRESS = "$address$" + HOSTSTATE = "$host.state$" + LONGDATETIME = "$icinga.long_date_time$" + HOSTOUTPUT = "$host.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + USEREMAIL = "$user.email$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ ConfigDir + "/scripts/mail-service-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + SERVICENAME = "$service.name$" + HOSTNAME = "$host.name$" + HOSTDISPLAYNAME = "$host.display_name$" + HOSTADDRESS = "$address$" + SERVICESTATE = "$service.state$" + LONGDATETIME = "$icinga.long_date_time$" + SERVICEOUTPUT = "$service.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + SERVICEDISPLAYNAME = "$service.display_name$" + USEREMAIL = "$user.email$" + } +} + +*/ + diff --git a/icinga2/conf.d/downtimes.conf b/icinga2/conf.d/downtimes.conf new file mode 100644 index 0000000..0bed647 --- /dev/null +++ b/icinga2/conf.d/downtimes.conf @@ -0,0 +1,20 @@ +/** + * The example downtime apply rule. + */ + +apply ScheduledDowntime "backup-downtime" to Service { + author = "icingaadmin" + comment = "Scheduled downtime for backup" + + ranges = { + monday = service.vars.backup_downtime + tuesday = service.vars.backup_downtime + wednesday = service.vars.backup_downtime + thursday = service.vars.backup_downtime + friday = service.vars.backup_downtime + saturday = service.vars.backup_downtime + sunday = service.vars.backup_downtime + } + + assign where service.vars.backup_downtime != "" +} diff --git a/icinga2/conf.d/groups.conf b/icinga2/conf.d/groups.conf new file mode 100644 index 0000000..e6004a3 --- /dev/null +++ b/icinga2/conf.d/groups.conf @@ -0,0 +1,37 @@ +/** + * Host group examples. + */ + +object HostGroup "linux-servers" { + display_name = "Linux Servers" + + assign where host.vars.os == "Linux" +} + +object HostGroup "windows-servers" { + display_name = "Windows Servers" + + assign where host.vars.os == "Windows" +} + +/** + * Service group examples. + */ + +object ServiceGroup "ping" { + display_name = "Ping Checks" + + assign where match("ping*", service.name) +} + +object ServiceGroup "http" { + display_name = "HTTP Checks" + + assign where match("http*", service.check_command) +} + +object ServiceGroup "disk" { + display_name = "Disk Checks" + + assign where match("disk*", service.check_command) +} diff --git a/icinga2/conf.d/hosts.conf b/icinga2/conf.d/hosts.conf new file mode 100644 index 0000000..0118f03 --- /dev/null +++ b/icinga2/conf.d/hosts.conf @@ -0,0 +1,52 @@ +/* + * Host definitions with object attributes + * used for apply rules for Service, Notification, + * Dependency and ScheduledDowntime objects. + * + * Tip: Use `icinga2 object list --type Host` to + * list all host objects after running + * configuration validation (`icinga2 daemon -C`). + */ + +/* + * This is an example host based on your + * local host's FQDN. Specify the NodeName + * constant in `constants.conf` or use your + * own description, e.g. "db-host-1". + */ + +object Host NodeName { + /* Import the default host template defined in `templates.conf`. */ + import "generic-host" + + /* Specify the address attributes for checks e.g. `ssh` or `http`. */ + address = "127.0.0.1" + address6 = "::1" + + /* Set custom variable `os` for hostgroup assignment in `groups.conf`. */ + vars.os = "Linux" + + /* Define http vhost attributes for service apply rules in `services.conf`. */ + vars.http_vhosts["http"] = { + http_uri = "/" + } + /* Uncomment if you've sucessfully installed Icinga Web 2. */ + //vars.http_vhosts["Icinga Web 2"] = { + // http_uri = "/icingaweb2" + //} + + /* Define disks and attributes for service apply rules in `services.conf`. */ + vars.disks["disk"] = { + /* No parameters. */ + } + vars.disks["disk /"] = { + disk_partitions = "/" + } + + /* Define notification mail attributes for notification apply rules in `notifications.conf`. */ + vars.notification["mail"] = { + /* The UserGroup `icingaadmins` is defined in `users.conf`. */ + groups = [ "icingaadmins" ] + } +} + diff --git a/icinga2/conf.d/notifications.conf b/icinga2/conf.d/notifications.conf new file mode 100644 index 0000000..ac65875 --- /dev/null +++ b/icinga2/conf.d/notifications.conf @@ -0,0 +1,33 @@ +/** + * The example notification apply rules. + * + * Only applied if host/service objects have + * the custom variable `notification` defined + * and containing `mail` as key. + * + * Check `hosts.conf` for an example. + */ + +apply Notification "mail-icingaadmin" to Host { + import "mail-host-notification" + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + //interval = 2h + + //vars.notification_logtosyslog = true + + assign where host.vars.notification.mail +} + +apply Notification "mail-icingaadmin" to Service { + import "mail-service-notification" + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + //interval = 2h + + //vars.notification_logtosyslog = true + + assign where host.vars.notification.mail +} diff --git a/icinga2/conf.d/services.conf b/icinga2/conf.d/services.conf new file mode 100644 index 0000000..c8e1b3c --- /dev/null +++ b/icinga2/conf.d/services.conf @@ -0,0 +1,117 @@ +/* + * Service apply rules. + * + * The CheckCommand objects `ping4`, `ping6`, etc + * are provided by the plugin check command templates. + * Check the documentation for details. + * + * Tip: Use `icinga2 object list --type Service` to + * list all service objects after running + * configuration validation (`icinga2 daemon -C`). + */ + +/* + * This is an example host based on your + * local host's FQDN. Specify the NodeName + * constant in `constants.conf` or use your + * own description, e.g. "db-host-1". + */ + +/* + * These are generic `ping4` and `ping6` + * checks applied to all hosts having the + * `address` resp. `address6` attribute + * defined. + */ +apply Service "ping4" { + import "generic-service" + + check_command = "ping4" + + assign where host.address +} + +apply Service "ping6" { + import "generic-service" + + check_command = "ping6" + + assign where host.address6 +} + +/* + * Apply the `ssh` service to all hosts + * with the `address` attribute defined and + * the custom variable `os` set to `Linux`. + */ +apply Service "ssh" { + import "generic-service" + + check_command = "ssh" + + assign where (host.address || host.address6) && host.vars.os == "Linux" +} + + + +apply Service for (http_vhost => config in host.vars.http_vhosts) { + import "generic-service" + + check_command = "http" + + vars += config +} + +apply Service for (disk => config in host.vars.disks) { + import "generic-service" + + check_command = "disk" + + vars += config +} + +apply Service "icinga" { + import "generic-service" + + check_command = "icinga" + + assign where host.name == NodeName +} + +apply Service "load" { + import "generic-service" + + check_command = "load" + + /* Used by the ScheduledDowntime apply rule in `downtimes.conf`. */ + vars.backup_downtime = "02:00-03:00" + + assign where host.name == NodeName +} + +apply Service "procs" { + import "generic-service" + + check_command = "procs" + + assign where host.name == NodeName +} + +apply Service "swap" { + import "generic-service" + + check_command = "swap" + + assign where host.name == NodeName +} + +apply Service "users" { + import "generic-service" + + check_command = "users" + + assign where host.name == NodeName +} + + + diff --git a/icinga2/conf.d/templates.conf b/icinga2/conf.d/templates.conf new file mode 100644 index 0000000..5655e3f --- /dev/null +++ b/icinga2/conf.d/templates.conf @@ -0,0 +1,83 @@ +/* + * Generic template examples. + */ + + +/** + * Provides default settings for hosts. By convention + * all hosts should import this template. + * + * The CheckCommand object `hostalive` is provided by + * the plugin check command templates. + * Check the documentation for details. + */ +template Host "generic-host" { + max_check_attempts = 3 + check_interval = 1m + retry_interval = 30s + + check_command = "hostalive" +} + +/** + * Provides default settings for services. By convention + * all services should import this template. + */ +template Service "generic-service" { + max_check_attempts = 5 + check_interval = 1m + retry_interval = 30s +} + +/** + * Provides default settings for users. By convention + * all users should inherit from this template. + */ + +template User "generic-user" { + +} + +/** + * Provides default settings for host notifications. + * By convention all host notifications should import + * this template. + */ +template Notification "mail-host-notification" { + command = "mail-host-notification" + + states = [ Up, Down ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + vars += { + // notification_icingaweb2url = "https://www.example.com/icingaweb2" + // notification_from = "Icinga 2 Host Monitoring " + notification_logtosyslog = false + } + + period = "24x7" +} + +/** + * Provides default settings for service notifications. + * By convention all service notifications should import + * this template. + */ +template Notification "mail-service-notification" { + command = "mail-service-notification" + + states = [ OK, Warning, Critical, Unknown ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + vars += { + // notification_icingaweb2url = "https://www.example.com/icingaweb2" + // notification_from = "Icinga 2 Service Monitoring " + notification_logtosyslog = false + } + + period = "24x7" +} diff --git a/icinga2/conf.d/timeperiods.conf b/icinga2/conf.d/timeperiods.conf new file mode 100644 index 0000000..ea162ff --- /dev/null +++ b/icinga2/conf.d/timeperiods.conf @@ -0,0 +1,35 @@ +/** + * Sample timeperiods for Icinga 2. + * Check the documentation for details. + */ + +object TimePeriod "24x7" { + display_name = "Icinga 2 24x7 TimePeriod" + ranges = { + "monday" = "00:00-24:00" + "tuesday" = "00:00-24:00" + "wednesday" = "00:00-24:00" + "thursday" = "00:00-24:00" + "friday" = "00:00-24:00" + "saturday" = "00:00-24:00" + "sunday" = "00:00-24:00" + } +} + +object TimePeriod "9to5" { + display_name = "Icinga 2 9to5 TimePeriod" + ranges = { + "monday" = "09:00-17:00" + "tuesday" = "09:00-17:00" + "wednesday" = "09:00-17:00" + "thursday" = "09:00-17:00" + "friday" = "09:00-17:00" + } +} + +object TimePeriod "never" { + display_name = "Icinga 2 never TimePeriod" + ranges = { + } +} + diff --git a/icinga2/conf.d/users.conf b/icinga2/conf.d/users.conf new file mode 100644 index 0000000..aa31e27 --- /dev/null +++ b/icinga2/conf.d/users.conf @@ -0,0 +1,17 @@ +/** + * The example user 'icingaadmin' and the example + * group 'icingaadmins'. + */ + +object User "icingaadmin" { + import "generic-user" + + display_name = "Icinga 2 Admin" + groups = [ "icingaadmins" ] + + email = "root@localhost" +} + +object UserGroup "icingaadmins" { + display_name = "Icinga 2 Admin Group" +} diff --git a/icinga2/constants.conf b/icinga2/constants.conf new file mode 100644 index 0000000..29232d6 --- /dev/null +++ b/icinga2/constants.conf @@ -0,0 +1,28 @@ +/** + * This file defines global constants which can be used in + * the other configuration files. + */ + +/* The directory which contains the plugins from the Monitoring Plugins project. */ +const PluginDir = "/usr/lib/nagios/plugins" + +/* The directory which contains the Manubulon plugins. + * Check the documentation, chapter "SNMP Manubulon Plugin Check Commands", for details. + */ +const ManubulonPluginDir = "/usr/lib/nagios/plugins" + +/* The directory which you use to store additional plugins which ITL provides user contributed command definitions for. + * Check the documentation, chapter "Plugins Contribution", for details. + */ +const PluginContribDir = "/usr/lib/nagios/plugins" + +/* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`. + * This should be the common name from the API certificate. + */ +//const NodeName = "localhost" + +/* Our local zone name. */ +const ZoneName = NodeName + +/* Secret key for remote node tickets */ +const TicketSalt = "" diff --git a/icinga2/features-available/api.conf b/icinga2/features-available/api.conf new file mode 100644 index 0000000..b072a44 --- /dev/null +++ b/icinga2/features-available/api.conf @@ -0,0 +1,10 @@ +/** + * The API listener is used for distributed monitoring setups. + */ + +object ApiListener "api" { + //accept_config = false + //accept_commands = false + + ticket_salt = TicketSalt +} diff --git a/icinga2/features-available/checker.conf b/icinga2/features-available/checker.conf new file mode 100644 index 0000000..6f003b8 --- /dev/null +++ b/icinga2/features-available/checker.conf @@ -0,0 +1,5 @@ +/** + * The checker component takes care of executing service checks. + */ + +object CheckerComponent "checker" { } diff --git a/icinga2/features-available/command.conf b/icinga2/features-available/command.conf new file mode 100644 index 0000000..ffdd143 --- /dev/null +++ b/icinga2/features-available/command.conf @@ -0,0 +1,7 @@ +/** + * The ExternalCommandListener implements support for the external + * commands pipe. + */ + +object ExternalCommandListener "command" { } + diff --git a/icinga2/features-available/compatlog.conf b/icinga2/features-available/compatlog.conf new file mode 100644 index 0000000..6f5cf5f --- /dev/null +++ b/icinga2/features-available/compatlog.conf @@ -0,0 +1,7 @@ +/** + * The CompatLogger type is responsible for writing log files in a format + * that is compatible with Icinga 1.x. + */ + +object CompatLogger "compatlog" { } + diff --git a/icinga2/features-available/debuglog.conf b/icinga2/features-available/debuglog.conf new file mode 100644 index 0000000..e66518f --- /dev/null +++ b/icinga2/features-available/debuglog.conf @@ -0,0 +1,10 @@ +/** + * The FileLogger type writes log information to a log file. + * Unlike the mainlog feature this sets up a logger + * with severity "debug". + */ + +object FileLogger "debug-file" { + severity = "debug" + path = LogDir + "/debug.log" +} diff --git a/icinga2/features-available/elasticsearch.conf b/icinga2/features-available/elasticsearch.conf new file mode 100644 index 0000000..8014913 --- /dev/null +++ b/icinga2/features-available/elasticsearch.conf @@ -0,0 +1,8 @@ +object ElasticsearchWriter "elasticsearch" { + //host = "127.0.0.1" + //port = 9200 + //index = "icinga2" + //enable_send_perfdata = false + //flush_threshold = 1024 + //flush_interval = 10s +} diff --git a/icinga2/features-available/gelf.conf b/icinga2/features-available/gelf.conf new file mode 100644 index 0000000..c14c864 --- /dev/null +++ b/icinga2/features-available/gelf.conf @@ -0,0 +1,10 @@ +/** + * The GelfWriter type writes event log entries + * to a GELF tcp socket provided by Graylog, + * Logstash or any other receiver. + */ + +object GelfWriter "gelf" { + //host = "127.0.0.1" + //port = 12201 +} diff --git a/icinga2/features-available/graphite.conf b/icinga2/features-available/graphite.conf new file mode 100644 index 0000000..ae8a928 --- /dev/null +++ b/icinga2/features-available/graphite.conf @@ -0,0 +1,9 @@ +/** + * The GraphiteWriter type writes check result metrics and + * performance data to a graphite tcp socket. + */ + +object GraphiteWriter "graphite" { + //host = "127.0.0.1" + //port = 2003 +} diff --git a/icinga2/features-available/influxdb.conf b/icinga2/features-available/influxdb.conf new file mode 100644 index 0000000..af84235 --- /dev/null +++ b/icinga2/features-available/influxdb.conf @@ -0,0 +1,25 @@ +/** + * The InfluxdbWriter type writes check result metrics and + * performance data to an InfluxDB HTTP API + */ + +object InfluxdbWriter "influxdb" { + //host = "127.0.0.1" + //port = 8086 + //database = "icinga2" + //flush_threshold = 1024 + //flush_interval = 10s + //host_template = { + // measurement = "$host.check_command$" + // tags = { + // hostname = "$host.name$" + // } + //} + //service_template = { + // measurement = "$service.check_command$" + // tags = { + // hostname = "$host.name$" + // service = "$service.name$" + // } + //} +} diff --git a/icinga2/features-available/livestatus.conf b/icinga2/features-available/livestatus.conf new file mode 100644 index 0000000..246c085 --- /dev/null +++ b/icinga2/features-available/livestatus.conf @@ -0,0 +1,6 @@ +/** + * The LivestatusListener type implements the Livestatus query protocol. + */ + +object LivestatusListener "livestatus" { } + diff --git a/icinga2/features-available/mainlog.conf b/icinga2/features-available/mainlog.conf new file mode 100644 index 0000000..a3bb19d --- /dev/null +++ b/icinga2/features-available/mainlog.conf @@ -0,0 +1,8 @@ +/** + * The FileLogger type writes log information to a file. + */ + +object FileLogger "main-log" { + severity = "information" + path = LogDir + "/icinga2.log" +} diff --git a/icinga2/features-available/notification.conf b/icinga2/features-available/notification.conf new file mode 100644 index 0000000..3f9a88e --- /dev/null +++ b/icinga2/features-available/notification.conf @@ -0,0 +1,5 @@ +/** + * The notification component is responsible for sending notifications. + */ + +object NotificationComponent "notification" { } diff --git a/icinga2/features-available/opentsdb.conf b/icinga2/features-available/opentsdb.conf new file mode 100644 index 0000000..540556c --- /dev/null +++ b/icinga2/features-available/opentsdb.conf @@ -0,0 +1,9 @@ +/** + * The OpenTsdbWriter type writes check result metrics and + * performance data to a OpenTSDB tcp socket. + */ + +object OpenTsdbWriter "opentsdb" { + //host = "127.0.0.1" + //port = 4242 +} diff --git a/icinga2/features-available/perfdata.conf b/icinga2/features-available/perfdata.conf new file mode 100644 index 0000000..3ba8635 --- /dev/null +++ b/icinga2/features-available/perfdata.conf @@ -0,0 +1,6 @@ +/** + * The PerfdataWriter type writes performance data files and rotates + * them in a regular interval. + */ + +object PerfdataWriter "perfdata" { } diff --git a/icinga2/features-available/statusdata.conf b/icinga2/features-available/statusdata.conf new file mode 100644 index 0000000..bb81c96 --- /dev/null +++ b/icinga2/features-available/statusdata.conf @@ -0,0 +1,8 @@ +/** + * The StatusDataWriter type periodically updates the status.dat and objects.cache + * files. These are used by the Icinga 1.x CGIs to display the state of + * hosts and services. + */ + +object StatusDataWriter "status" { } + diff --git a/icinga2/features-available/syslog.conf b/icinga2/features-available/syslog.conf new file mode 100644 index 0000000..3b794b4 --- /dev/null +++ b/icinga2/features-available/syslog.conf @@ -0,0 +1,8 @@ +/** + * The SyslogLogger type writes log information to syslog. + */ + +object SyslogLogger "syslog" { + severity = "warning" +} + diff --git a/icinga2/features-enabled/checker.conf b/icinga2/features-enabled/checker.conf new file mode 120000 index 0000000..d51cf79 --- /dev/null +++ b/icinga2/features-enabled/checker.conf @@ -0,0 +1 @@ +../features-available/checker.conf \ No newline at end of file diff --git a/icinga2/features-enabled/mainlog.conf b/icinga2/features-enabled/mainlog.conf new file mode 120000 index 0000000..6bda4a5 --- /dev/null +++ b/icinga2/features-enabled/mainlog.conf @@ -0,0 +1 @@ +../features-available/mainlog.conf \ No newline at end of file diff --git a/icinga2/features-enabled/notification.conf b/icinga2/features-enabled/notification.conf new file mode 120000 index 0000000..c31d3b4 --- /dev/null +++ b/icinga2/features-enabled/notification.conf @@ -0,0 +1 @@ +../features-available/notification.conf \ No newline at end of file diff --git a/icinga2/icinga2.conf b/icinga2/icinga2.conf new file mode 100644 index 0000000..17513a3 --- /dev/null +++ b/icinga2/icinga2.conf @@ -0,0 +1,57 @@ +/** + * Icinga 2 configuration file + * - this is where you define settings for the Icinga application including + * which hosts/services to check. + * + * For an overview of all available configuration options please refer + * to the documentation that is distributed as part of Icinga 2. + */ + +/** + * The constants.conf defines global constants. + */ +include "constants.conf" + +/** + * The zones.conf defines zones for a cluster setup. + * Not required for single instance setups. + */ +include "zones.conf" + +/** + * The Icinga Template Library (ITL) provides a number of useful templates + * and command definitions. + * Common monitoring plugin command definitions are included separately. + */ +include +include +include +include + +/** + * This includes the Icinga 2 Windows plugins. These command definitions + * are required on a master node when a client is used as command endpoint. + */ +include + +/** + * This includes the NSClient++ check commands. These command definitions + * are required on a master node when a client is used as command endpoint. + */ +include + +/** + * The features-available directory contains a number of configuration + * files for features which can be enabled and disabled using the + * icinga2 feature enable / icinga2 feature disable CLI commands. + * These commands work by creating and removing symbolic links in + * the features-enabled directory. + */ +include "features-enabled/*.conf" + +/** + * Although in theory you could define all your objects in this file + * the preferred way is to create separate directories and files in the conf.d + * directory. Each of these files must have the file extension ".conf". + */ +include_recursive "conf.d" diff --git a/icinga2/scripts/mail-host-notification.sh b/icinga2/scripts/mail-host-notification.sh new file mode 100755 index 0000000..93f942e --- /dev/null +++ b/icinga2/scripts/mail-host-notification.sh @@ -0,0 +1,171 @@ +#!/bin/sh +# Icinga 2 | (c) 2012 Icinga GmbH | GPLv2+ +# Except of function urlencode which is Copyright (C) by Brian White (brian@aljex.com) used under MIT license + +PROG="`basename $0`" +ICINGA2HOST="`hostname`" +MAILBIN="mail" + +if [ -z "`which $MAILBIN`" ] ; then + echo "$MAILBIN not found in \$PATH. Consider installing it." + exit 1 +fi + +## Function helpers +Usage() { +cat << EOF + +Required parameters: + -d LONGDATETIME (\$icinga.long_date_time\$) + -l HOSTNAME (\$host.name\$) + -n HOSTDISPLAYNAME (\$host.display_name\$) + -o HOSTOUTPUT (\$host.output\$) + -r USEREMAIL (\$user.email\$) + -s HOSTSTATE (\$host.state\$) + -t NOTIFICATIONTYPE (\$notification.type\$) + +Optional parameters: + -4 HOSTADDRESS (\$address\$) + -6 HOSTADDRESS6 (\$address6\$) + -b NOTIFICATIONAUTHORNAME (\$notification.author\$) + -c NOTIFICATIONCOMMENT (\$notification.comment\$) + -i ICINGAWEB2URL (\$notification_icingaweb2url\$, Default: unset) + -f MAILFROM (\$notification_mailfrom\$, requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)) + -v (\$notification_sendtosyslog\$, Default: false) + +EOF +} + +Help() { + Usage; + exit 0; +} + +Error() { + if [ "$1" ]; then + echo $1 + fi + Usage; + exit 1; +} + +urlencode() { + local LANG=C i=0 c e s="$1" + + while [ $i -lt ${#1} ]; do + [ "$i" -eq 0 ] || s="${s#?}" + c=${s%"${s#?}"} + [ -z "${c#[[:alnum:].~_-]}" ] || c=$(printf '%%%02X' "'$c") + e="${e}${c}" + i=$((i + 1)) + done + echo "$e" +} + +## Main +while getopts 4:6::b:c:d:f:hi:l:n:o:r:s:t:v: opt +do + case "$opt" in + 4) HOSTADDRESS=$OPTARG ;; + 6) HOSTADDRESS6=$OPTARG ;; + b) NOTIFICATIONAUTHORNAME=$OPTARG ;; + c) NOTIFICATIONCOMMENT=$OPTARG ;; + d) LONGDATETIME=$OPTARG ;; # required + f) MAILFROM=$OPTARG ;; + h) Help ;; + i) ICINGAWEB2URL=$OPTARG ;; + l) HOSTNAME=$OPTARG ;; # required + n) HOSTDISPLAYNAME=$OPTARG ;; # required + o) HOSTOUTPUT=$OPTARG ;; # required + r) USEREMAIL=$OPTARG ;; # required + s) HOSTSTATE=$OPTARG ;; # required + t) NOTIFICATIONTYPE=$OPTARG ;; # required + v) VERBOSE=$OPTARG ;; + \?) echo "ERROR: Invalid option -$OPTARG" >&2 + Error ;; + :) echo "Missing option argument for -$OPTARG" >&2 + Error ;; + *) echo "Unimplemented option: -$OPTARG" >&2 + Error ;; + esac +done + +shift $((OPTIND - 1)) + +## Keep formatting in sync with mail-service-notification.sh +for P in LONGDATETIME HOSTNAME HOSTDISPLAYNAME HOSTOUTPUT HOSTSTATE USEREMAIL NOTIFICATIONTYPE ; do + eval "PAR=\$${P}" + + if [ ! "$PAR" ] ; then + Error "Required parameter '$P' is missing." + fi +done + +## Build the message's subject +SUBJECT="[$NOTIFICATIONTYPE] Host $HOSTDISPLAYNAME is $HOSTSTATE!" + +## Build the notification message +NOTIFICATION_MESSAGE=`cat << EOF +***** Host Monitoring on $ICINGA2HOST ***** + +$HOSTDISPLAYNAME is $HOSTSTATE! + +Info: $HOSTOUTPUT + +When: $LONGDATETIME +Host: $HOSTNAME +EOF +` + +## Check whether IPv4 was specified. +if [ -n "$HOSTADDRESS" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv4: $HOSTADDRESS" +fi + +## Check whether IPv6 was specified. +if [ -n "$HOSTADDRESS6" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv6: $HOSTADDRESS6" +fi + +## Check whether author and comment was specified. +if [ -n "$NOTIFICATIONCOMMENT" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +Comment by $NOTIFICATIONAUTHORNAME: + $NOTIFICATIONCOMMENT" +fi + +## Check whether Icinga Web 2 URL was specified. +if [ -n "$ICINGAWEB2URL" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +$ICINGAWEB2URL/monitoring/host/show?host=$(urlencode "$HOSTNAME")" +fi + +## Check whether verbose mode was enabled and log to syslog. +if [ "$VERBOSE" == "true" ] ; then + logger "$PROG sends $SUBJECT => $USEREMAIL" +fi + +## Send the mail using the $MAILBIN command. +## If an explicit sender was specified, try to set it. +if [ -n "$MAILFROM" ] ; then + + ## Modify this for your own needs! + + ## Debian/Ubuntu use mailutils which requires `-a` to append the header + if [ -f /etc/debian_version ]; then + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -a "From: $MAILFROM" -s "$SUBJECT" $USEREMAIL + ## Other distributions (RHEL/SUSE/etc.) prefer mailx which sets a sender address with `-r` + else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -r "$MAILFROM" -s "$SUBJECT" $USEREMAIL + fi + +else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -s "$SUBJECT" $USEREMAIL +fi diff --git a/icinga2/scripts/mail-service-notification.sh b/icinga2/scripts/mail-service-notification.sh new file mode 100755 index 0000000..8ccb8d4 --- /dev/null +++ b/icinga2/scripts/mail-service-notification.sh @@ -0,0 +1,176 @@ +#!/bin/sh +# Icinga 2 | (c) 2012 Icinga GmbH | GPLv2+ +# Except of function urlencode which is Copyright (C) by Brian White (brian@aljex.com) used under MIT license + +PROG="`basename $0`" +ICINGA2HOST="`hostname`" +MAILBIN="mail" + +if [ -z "`which $MAILBIN`" ] ; then + echo "$MAILBIN not found in \$PATH. Consider installing it." + exit 1 +fi + +## Function helpers +Usage() { +cat << EOF + +Required parameters: + -d LONGDATETIME (\$icinga.long_date_time\$) + -e SERVICENAME (\$service.name\$) + -l HOSTNAME (\$host.name\$) + -n HOSTDISPLAYNAME (\$host.display_name\$) + -o SERVICEOUTPUT (\$service.output\$) + -r USEREMAIL (\$user.email\$) + -s SERVICESTATE (\$service.state\$) + -t NOTIFICATIONTYPE (\$notification.type\$) + -u SERVICEDISPLAYNAME (\$service.display_name\$) + +Optional parameters: + -4 HOSTADDRESS (\$address\$) + -6 HOSTADDRESS6 (\$address6\$) + -b NOTIFICATIONAUTHORNAME (\$notification.author\$) + -c NOTIFICATIONCOMMENT (\$notification.comment\$) + -i ICINGAWEB2URL (\$notification_icingaweb2url\$, Default: unset) + -f MAILFROM (\$notification_mailfrom\$, requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)) + -v (\$notification_sendtosyslog\$, Default: false) + +EOF +} + +Help() { + Usage; + exit 0; +} + +Error() { + if [ "$1" ]; then + echo $1 + fi + Usage; + exit 1; +} + +urlencode() { + local LANG=C i=0 c e s="$1" + + while [ $i -lt ${#1} ]; do + [ "$i" -eq 0 ] || s="${s#?}" + c=${s%"${s#?}"} + [ -z "${c#[[:alnum:].~_-]}" ] || c=$(printf '%%%02X' "'$c") + e="${e}${c}" + i=$((i + 1)) + done + echo "$e" +} + +## Main +while getopts 4:6:b:c:d:e:f:hi:l:n:o:r:s:t:u:v: opt +do + case "$opt" in + 4) HOSTADDRESS=$OPTARG ;; + 6) HOSTADDRESS6=$OPTARG ;; + b) NOTIFICATIONAUTHORNAME=$OPTARG ;; + c) NOTIFICATIONCOMMENT=$OPTARG ;; + d) LONGDATETIME=$OPTARG ;; # required + e) SERVICENAME=$OPTARG ;; # required + f) MAILFROM=$OPTARG ;; + h) Usage ;; + i) ICINGAWEB2URL=$OPTARG ;; + l) HOSTNAME=$OPTARG ;; # required + n) HOSTDISPLAYNAME=$OPTARG ;; # required + o) SERVICEOUTPUT=$OPTARG ;; # required + r) USEREMAIL=$OPTARG ;; # required + s) SERVICESTATE=$OPTARG ;; # required + t) NOTIFICATIONTYPE=$OPTARG ;; # required + u) SERVICEDISPLAYNAME=$OPTARG ;; # required + v) VERBOSE=$OPTARG ;; + \?) echo "ERROR: Invalid option -$OPTARG" >&2 + Usage ;; + :) echo "Missing option argument for -$OPTARG" >&2 + Usage ;; + *) echo "Unimplemented option: -$OPTARG" >&2 + Usage ;; + esac +done + +shift $((OPTIND - 1)) + +## Keep formatting in sync with mail-host-notification.sh +for P in LONGDATETIME HOSTNAME HOSTDISPLAYNAME SERVICENAME SERVICEDISPLAYNAME SERVICEOUTPUT SERVICESTATE USEREMAIL NOTIFICATIONTYPE ; do + eval "PAR=\$${P}" + + if [ ! "$PAR" ] ; then + Error "Required parameter '$P' is missing." + fi +done + +## Build the message's subject +SUBJECT="[$NOTIFICATIONTYPE] $SERVICEDISPLAYNAME on $HOSTDISPLAYNAME is $SERVICESTATE!" + +## Build the notification message +NOTIFICATION_MESSAGE=`cat << EOF +***** Service Monitoring on $ICINGA2HOST ***** + +$SERVICEDISPLAYNAME on $HOSTDISPLAYNAME is $SERVICESTATE! + +Info: $SERVICEOUTPUT + +When: $LONGDATETIME +Service: $SERVICENAME +Host: $HOSTNAME +EOF +` + +## Check whether IPv4 was specified. +if [ -n "$HOSTADDRESS" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv4: $HOSTADDRESS" +fi + +## Check whether IPv6 was specified. +if [ -n "$HOSTADDRESS6" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv6: $HOSTADDRESS6" +fi + +## Check whether author and comment was specified. +if [ -n "$NOTIFICATIONCOMMENT" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +Comment by $NOTIFICATIONAUTHORNAME: + $NOTIFICATIONCOMMENT" +fi + +## Check whether Icinga Web 2 URL was specified. +if [ -n "$ICINGAWEB2URL" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +$ICINGAWEB2URL/monitoring/service/show?host=$(urlencode "$HOSTNAME")&service=$(urlencode "$SERVICENAME")" +fi + +## Check whether verbose mode was enabled and log to syslog. +if [ "$VERBOSE" == "true" ] ; then + logger "$PROG sends $SUBJECT => $USEREMAIL" +fi + +## Send the mail using the $MAILBIN command. +## If an explicit sender was specified, try to set it. +if [ -n "$MAILFROM" ] ; then + + ## Modify this for your own needs! + + ## Debian/Ubuntu use mailutils which requires `-a` to append the header + if [ -f /etc/debian_version ]; then + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -a "From: $MAILFROM" -s "$SUBJECT" $USEREMAIL + ## Other distributions (RHEL/SUSE/etc.) prefer mailx which sets a sender address with `-r` + else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -r "$MAILFROM" -s "$SUBJECT" $USEREMAIL + fi + +else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -s "$SUBJECT" $USEREMAIL +fi diff --git a/icinga2/zones.conf b/icinga2/zones.conf new file mode 100644 index 0000000..70ac766 --- /dev/null +++ b/icinga2/zones.conf @@ -0,0 +1,63 @@ +/* + * Endpoint and Zone configuration for a cluster setup + * This local example requires `NodeName` defined in + * constants.conf. + */ + +object Endpoint NodeName { + host = NodeName +} + +object Zone ZoneName { + endpoints = [ NodeName ] +} + +/* + * Defines a global zone for distributed setups with masters, + * satellites and clients. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "global-templates" { + global = true +} + +/* + * Defines a global zone for the Icinga Director. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "director-global" { + global = true +} + +/* + * Read the documentation on how to configure + * a cluster setup with multiple zones. + */ + +/* +object Endpoint "master.example.org" { + host = "master.example.org" +} + +object Endpoint "satellite.example.org" { + host = "satellite.example.org" +} + +object Zone "master" { + endpoints = [ "master.example.org" ] +} + +object Zone "satellite" { + parent = "master" + endpoints = [ "satellite.example.org" ] +} +*/ + diff --git a/icinga2/zones.d/README b/icinga2/zones.d/README new file mode 100644 index 0000000..e378eae --- /dev/null +++ b/icinga2/zones.d/README @@ -0,0 +1,2 @@ +Please check the documentation for more details: +https://icinga.com/docs/icinga2/latest/doc/06-distributed-monitoring/ diff --git a/init.d/icinga2 b/init.d/icinga2 new file mode 100755 index 0000000..3abca95 --- /dev/null +++ b/init.d/icinga2 @@ -0,0 +1,239 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: icinga2 +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: icinga2 host/service/network monitoring and management system +# Description: icinga2 is a monitoring and management system for hosts, services and networks. +### END INIT INFO + +# Author: Alexander Wirt +# Markus Frosch + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="icinga2 monitoring daemon" +NAME=icinga2 +DAEMON=/usr/sbin/icinga2 +DAEMON_CONFIG="/etc/icinga2/icinga2.conf" +DAEMON_USER=nagios +DAEMON_GROUP=nagios +DAEMON_CMDGROUP=www-data +DAEMON_ARGS="-e /var/log/icinga2/icinga2.err" +STARTUP_LOG="/var/log/icinga2/startup.log" +PIDFILE=/run/icinga2/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME + +# Block/ignore SIGPIPE inside Icinga2 +# Workaround for a known bug in 2.6.0 +# see https://github.com/Icinga/icinga2/issues/4867#issuecomment-273109525 +trap '' 13 # SIGPIPE + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.2-14) to ensure that this file is present +# and status_of_proc is working. +. /lib/lsb/init-functions + +# check run directory +check_run () { + test -d '/run/icinga2' || mkdir /run/icinga2 + test -d '/run/icinga2/cmd' || mkdir /run/icinga2/cmd + + chown "$DAEMON_USER":"$DAEMON_GROUP" /run/icinga2 + chmod 0755 /run/icinga2 + + chown "$DAEMON_USER":"$DAEMON_CMDGROUP" /run/icinga2/cmd + chmod 2710 /run/icinga2/cmd +} + +check_config () { + $DAEMON daemon --validate +} + +# +# Function that starts the daemon/service +# +do_start() +{ + check_run + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ + daemon -d $DAEMON_ARGS \ + || return 2 + # Add code here, if necessary, that waits for the process to be ready + # to handle requests from services started subsequently which depend + # on this one. As a last resort, sleep for some time. +} + +# +# Function that starts the daemon/service in foreground for debugging +# +do_foreground() +{ + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test \ + || return 1 + start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON -- \ + daemon $DAEMON_ARGS \ + || return 2 +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +# +# Function that sends a SIGHUP to the daemon/service +# +do_reload() { + # + # If the daemon can reload its configuration without + # restarting (for example, when it is sent a SIGHUP), + # then implement that here. + # + start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME + return 0 +} + +do_check_config () { + DOEXITONOK="$1" + log_begin_msg "checking Icinga2 configuration" + if ! check_config >$STARTUP_LOG 2>&1; then + echo + [ -n "$DOEXITONOK" ] && cat $STARTUP_LOG + log_failure_msg "checking Icinga2 configuration. Check '$STARTUP_LOG' for details." + exit 1 + else + log_end_msg 0 + [ -n "$DOEXITONOK" ] && exit 0 + fi +} + +case "$1" in + start) + do_check_config + log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) log_end_msg 0 ;; + 2) log_end_msg 1 ;; + esac + ;; + foreground) + do_check_config + log_action_msg "Starting $DESC in foreground" + status=0 + trap 'status=2;' INT # handle intr here + for i in 1 2; do + do_foreground || status="$?" + case "$status" in + 0) + log_success_msg "$NAME ended graceful" + break + ;; + 1) + if [ "$i" -eq 1 ]; then + log_warning_msg "$NAME already running!" + log_begin_msg "Do you want to stop $NAME before going foreground? [y/N] " + read -r question + if [ "$question" = "y" ] || [ "$question" = "yes" ]; then + do_stop + continue + fi + fi + log_failure_msg "$NAME already running! Please stop before starting in foreground!" + break + ;; + 2) + log_failure_msg "$NAME ended" + break + ;; + esac + done + exit $status + ;; + stop) + log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) log_end_msg 0 ;; + 2) log_end_msg 1 ;; + esac + ;; + status) + status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" && exit 0 || exit $? + ;; + reload|force-reload) + do_check_config + status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" || exit $? + log_daemon_msg "Reloading $DESC" "$NAME" + do_reload + log_end_msg $? + ;; + restart) + do_check_config + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + checkconfig) + do_check_config 1 + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|status|reload|force-reload|restart|checkconfig|foreground}" >&2 + exit 3 + ;; +esac + +# vi: ts=2 sw=2 expandtab : +: diff --git a/init.d/rpcbind b/init.d/rpcbind new file mode 100755 index 0000000..4f56d0f --- /dev/null +++ b/init.d/rpcbind @@ -0,0 +1,101 @@ +#!/bin/sh +# +# start/stop rpcbind daemon. + +### BEGIN INIT INFO +# Provides: rpcbind portmap +# Required-Start: $network $local_fs +# Required-Stop: $network $local_fs +# Default-Start: S +# Default-Stop: 0 1 6 +# Short-Description: RPC portmapper replacement +# Description: rpcbind is a server that converts RPC (Remote +# Procedure Call) program numbers into DARPA +# protocol port numbers. It must be running in +# order to make RPC calls. Services that use +# RPC include NFS and NIS. +### END INIT INFO + +test -f /sbin/rpcbind || exit 0 + +. /lib/lsb/init-functions + +OPTIONS="-w" +STATEDIR=/run/rpcbind +PIDFILE=/run/rpcbind.pid + +if [ -f /etc/default/rpcbind ] +then + . /etc/default/rpcbind +elif [ -f /etc/rpcbind.conf ] +then + . /etc/rpcbind.conf +fi + +start () +{ + if [ ! -d $STATEDIR ] ; then + mkdir $STATEDIR + chown _rpc:root $STATEDIR + chmod 0755 $STATEDIR + fi + if [ `ls -dl "$STATEDIR" | grep -cE '^drwxr-xr-x [0-9]+ _rpc root '` -lt 1 ] ; then + log_begin_msg "$STATEDIR not owned by root" + log_end_msg 1 + exit 1 + fi + [ -x /sbin/restorecon ] && /sbin/restorecon $STATEDIR + pid=$( pidofproc /sbin/rpcbind ) + if [ -n "$pid" ] + then + log_action_msg "Already running: rpcbind" + exit 0 + fi + log_daemon_msg "Starting RPC port mapper daemon" "rpcbind" + start-stop-daemon --start --quiet --oknodo --exec /sbin/rpcbind -- "$@" + pid=$( pidofproc /sbin/rpcbind ) + echo -n "$pid" >"$PIDFILE" + # /run/sendsigs.omit.d is created by /etc/init.d/mountkernfs.sh + ln -sf "$PIDFILE" /run/sendsigs.omit.d/rpcbind + log_end_msg $? + +} + +stop () +{ + log_daemon_msg "Stopping RPC port mapper daemon" "rpcbind" + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --oknodo --exec /sbin/rpcbind + rm -f "$PIDFILE" + log_end_msg $? +} + +case "$1" in + start) + if init_is_upstart; then + exit 1 + fi + start $OPTIONS + ;; + stop) + if init_is_upstart; then + exit 0 + fi + stop + ;; + restart|force-reload) + if init_is_upstart; then + exit 1 + fi + stop + start $OPTIONS + ;; + status) + status_of_proc /sbin/rpcbind rpcbind && exit 0 || exit $? + ;; + *) + log_success_msg "Usage: /etc/init.d/rpcbind {start|stop|force-reload|restart|status}" + exit 1 + ;; +esac + +exit 0 diff --git a/insserv.conf.d/rpcbind b/insserv.conf.d/rpcbind new file mode 100644 index 0000000..5e930f5 --- /dev/null +++ b/insserv.conf.d/rpcbind @@ -0,0 +1 @@ +$portmap rpcbind diff --git a/logrotate.d/icinga2 b/logrotate.d/icinga2 new file mode 100644 index 0000000..df45df7 --- /dev/null +++ b/logrotate.d/icinga2 @@ -0,0 +1,23 @@ +/var/log/icinga2/icinga2.log /var/log/icinga2/debug.log { + daily + rotate 7 + compress + delaycompress + missingok + notifempty + create 644 nagios nagios + postrotate + /bin/kill -USR1 $(cat /run/icinga2/icinga2.pid 2> /dev/null) 2> /dev/null || true + endscript +} + +/var/log/icinga2/error.log { + daily + rotate 90 + compress + delaycompress + missingok + notifempty + create 644 nagios nagios + # TODO: figure out how to get Icinga to re-open this log file +} diff --git a/nagios-plugins/config/apt.cfg b/nagios-plugins/config/apt.cfg new file mode 100644 index 0000000..d3ceb7c --- /dev/null +++ b/nagios-plugins/config/apt.cfg @@ -0,0 +1,12 @@ +# 'check_apt' command definition +define command{ + command_name check_apt + command_line /usr/lib/nagios/plugins/check_apt + } + +# 'check_apt_distupgrade' command definition +define command{ + command_name check_apt_distupgrade + command_line /usr/lib/nagios/plugins/check_apt -d + } + diff --git a/nagios-plugins/config/breeze.cfg b/nagios-plugins/config/breeze.cfg new file mode 100644 index 0000000..2e89650 --- /dev/null +++ b/nagios-plugins/config/breeze.cfg @@ -0,0 +1,5 @@ +# 'check_breeze' command definition +define command { + command_name check_breeze + command_line /usr/lib/nagios/plugins/check_breeze -H '$HOSTADDRESS$' -w '$ARG1$' -c '$ARG2$' +} diff --git a/nagios-plugins/config/dhcp.cfg b/nagios-plugins/config/dhcp.cfg new file mode 100644 index 0000000..a6c0c02 --- /dev/null +++ b/nagios-plugins/config/dhcp.cfg @@ -0,0 +1,15 @@ +# note: these plugins require root privilege. see README.Debian for +# more information on how it is recommended that you do this. + +# 'check_dhcp' command definition +define command{ + command_name check_dhcp + command_line /usr/lib/nagios/plugins/check_dhcp -s '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_dhcp_interface' command definition +define command{ + command_name check_dhcp_interface + command_line /usr/lib/nagios/plugins/check_dhcp -s '$HOSTADDRESS$' -i '$ARG1$' '$ARG2$' + } + diff --git a/nagios-plugins/config/disk-smb.cfg b/nagios-plugins/config/disk-smb.cfg new file mode 100644 index 0000000..d3cee35 --- /dev/null +++ b/nagios-plugins/config/disk-smb.cfg @@ -0,0 +1,54 @@ +# 'check_disk_smb' command definition +define command{ + command_name check_disk_smb + command_line /usr/lib/nagios/plugins/check_disk_smb -H '$ARG1$' -s '$ARG2$' + } + + +# 'check_disk_smb_workgroup' command definition +define command{ + command_name check_disk_smb_workgroup + command_line /usr/lib/nagios/plugins/check_disk_smb -H '$ARG1$' -s '$ARG2$' -W '$ARG3$' + } + + +# 'check_disk_smb_host' command definition +define command{ + command_name check_disk_smb_host + command_line /usr/lib/nagios/plugins/check_disk_smb -a '$HOSTADDRESS$' -H '$ARG1$' -s '$ARG2$' + } + + +# 'check_disk_smb_workgroup_host' command definition +define command{ + command_name check_disk_smb_workgroup_host + command_line /usr/lib/nagios/plugins/check_disk_smb -a '$HOSTADDRESS$' -H '$ARG1$' -s '$ARG2$' -W '$ARG3$' + } + + +# 'check_disk_smb_user' command definition +define command{ + command_name check_disk_smb_user + command_line /usr/lib/nagios/plugins/check_disk_smb -H '$ARG1$' -s '$ARG2$' -u '$ARG3$' -p '$ARG4$' -w '$ARG5$' -c '$ARG6$' + } + + +# 'check_disk_smb_workgroup_user' command definition +define command{ + command_name check_disk_smb_workgroup_user + command_line /usr/lib/nagios/plugins/check_disk_smb -H '$ARG1$' -s '$ARG2$' -W '$ARG3$' -u '$ARG4$' -p '$ARG5$' + } + + +# 'check_disk_smb_host_user' command definition +define command{ + command_name check_disk_smb_host_user + command_line /usr/lib/nagios/plugins/check_disk_smb -a '$HOSTADDRESS$' -H '$ARG1$' -s '$ARG2$' -u '$ARG3$' -p '$ARG4$' + } + + +# 'check_disk_smb_workgroup_host_user' command definition +define command{ + command_name check_disk_smb_workgroup_host_user + command_line /usr/lib/nagios/plugins/check_disk_smb -a '$HOSTADDRESS$' -H '$ARG1$' -s '$ARG2$' -W '$ARG3$' -u '$ARG4$' -p '$ARG5$' + } diff --git a/nagios-plugins/config/disk.cfg b/nagios-plugins/config/disk.cfg new file mode 100644 index 0000000..3f5fcaf --- /dev/null +++ b/nagios-plugins/config/disk.cfg @@ -0,0 +1,27 @@ +# 'check_disk' command definition +define command{ + command_name check_disk + command_line /usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e -p '$ARG3$' + } + +# 'check_all_disks' command definition +define command{ + command_name check_all_disks + command_line /usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e + } + +# 'ssh_disk' command definition +define command{ + command_name ssh_disk + command_line /usr/lib/nagios/plugins/check_by_ssh -H '$HOSTADDRESS$' -C "/usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e -p '$ARG3$'" + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'ssh_disk_4' command definition +define command{ + command_name ssh_disk_4 + command_line /usr/lib/nagios/plugins/check_by_ssh -H '$HOSTADDRESS$' -C "/usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e -p '$ARG3$'" -4 + } diff --git a/nagios-plugins/config/dns.cfg b/nagios-plugins/config/dns.cfg new file mode 100644 index 0000000..d2363bf --- /dev/null +++ b/nagios-plugins/config/dns.cfg @@ -0,0 +1,11 @@ +# 'check_dns' command definition +define command{ + command_name check_dns + command_line /usr/lib/nagios/plugins/check_dns -H www.google.com -s '$HOSTADDRESS$' '$ARG1$' +} + +# 'check_dig' command definition +define command{ + command_name check_dig + command_line /usr/lib/nagios/plugins/check_dig -H '$HOSTADDRESS$' -l '$ARG1$' '$ARG2$' +} diff --git a/nagios-plugins/config/dummy.cfg b/nagios-plugins/config/dummy.cfg new file mode 100644 index 0000000..bfb7ef4 --- /dev/null +++ b/nagios-plugins/config/dummy.cfg @@ -0,0 +1,29 @@ +# return-ok definition +define command { + command_name return-ok + command_line /usr/lib/nagios/plugins/check_dummy 0 +} + +# return-warning definition +define command { + command_name return-warning + command_line /usr/lib/nagios/plugins/check_dummy 1 +} + +# return-critical definition +define command { + command_name return-critical + command_line /usr/lib/nagios/plugins/check_dummy 2 +} + +# return-unknown definition +define command { + command_name return-unknown + command_line /usr/lib/nagios/plugins/check_dummy 3 +} + +# return-numeric definition +define command { + command_name return-numeric + command_line /usr/lib/nagios/plugins/check_dummy '$ARG1$' +} diff --git a/nagios-plugins/config/flexlm.cfg b/nagios-plugins/config/flexlm.cfg new file mode 100644 index 0000000..678f044 --- /dev/null +++ b/nagios-plugins/config/flexlm.cfg @@ -0,0 +1,6 @@ +# 'check_flexlm' command definition +define command{ + command_name check_flexlm + command_line /usr/lib/nagios/plugins/check_flexlm -F '$ARG1$' + } + diff --git a/nagios-plugins/config/fping.cfg b/nagios-plugins/config/fping.cfg new file mode 100644 index 0000000..bf3baf6 --- /dev/null +++ b/nagios-plugins/config/fping.cfg @@ -0,0 +1,5 @@ +# 'check-fast-alive' command definition +define command{ + command_name check-fast-alive + command_line /usr/lib/nagios/plugins/check_fping -H '$HOSTADDRESS$' + } diff --git a/nagios-plugins/config/ftp.cfg b/nagios-plugins/config/ftp.cfg new file mode 100644 index 0000000..79bf2fd --- /dev/null +++ b/nagios-plugins/config/ftp.cfg @@ -0,0 +1,15 @@ +# 'check_ftp' command definition +define command{ + command_name check_ftp + command_line /usr/lib/nagios/plugins/check_ftp -H '$HOSTADDRESS$' '$ARG1$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_ftp_4' command definition +define command{ + command_name check_ftp_4 + command_line /usr/lib/nagios/plugins/check_ftp -H '$HOSTADDRESS$' -4 '$ARG1$' + } diff --git a/nagios-plugins/config/games.cfg b/nagios-plugins/config/games.cfg new file mode 100644 index 0000000..0ada476 --- /dev/null +++ b/nagios-plugins/config/games.cfg @@ -0,0 +1,14 @@ +# 'check_quake' command definition +define command{ + command_name check_quake + command_line /usr/lib/nagios/plugins/check_game qs '$HOSTADDRESS$' + } + + +# 'check_unreal' command definition +define command{ + command_name check_unreal + command_line /usr/lib/nagios/plugins/check_game uns '$HOSTADDRESS$' -P '$ARG1$' -p 8 + } + + diff --git a/nagios-plugins/config/hppjd.cfg b/nagios-plugins/config/hppjd.cfg new file mode 100644 index 0000000..cb15b5b --- /dev/null +++ b/nagios-plugins/config/hppjd.cfg @@ -0,0 +1,6 @@ +# 'check_hpjd' command definition +define command{ + command_name check_hpjd + command_line /usr/lib/nagios/plugins/check_hpjd -H '$HOSTADDRESS$' -C public + } + diff --git a/nagios-plugins/config/http.cfg b/nagios-plugins/config/http.cfg new file mode 100644 index 0000000..16072de --- /dev/null +++ b/nagios-plugins/config/http.cfg @@ -0,0 +1,111 @@ +# 'check_http' command definition +define command{ + command_name check_http + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_http_hostname' command definition +define command{ + command_name check_httpname + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTNAME$' -I '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_http2' command definition +define command{ + command_name check_http2 + command_line /usr/lib/nagios/plugins/check_http -H '$ARG1$' -I '$HOSTADDRESS$' -w '$ARG2$' -c '$ARG3$' '$ARG4$' + } + +# 'check_squid' command definition +define command{ + command_name check_squid + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTADDRESS$' -p '$ARG1$' -u '$ARG2$' + } + +# 'check_https' command definition +define command{ + command_name check_https + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_https_hostname' command definition +define command{ + command_name check_https_hostname + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTNAME$' -I '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_https_auth' command definition +define command{ + command_name check_https_auth + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' -a '$ARG1$' '$ARG2$' + } + +# 'check_https_auth_hostname' command definition +define command{ + command_name check_https_auth_hostname + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTNAME$' -I '$HOSTADDRESS$' -a '$ARG1$' '$ARG2$' + } + +# 'check_cups' command definition +define command{ + command_name check_cups + command_line /usr/lib/nagios/plugins/check_http -I '$HOSTADDRESS$' -p 631 '$ARG1$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_http_4' command definition +define command{ + command_name check_http_4 + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' -4 '$ARG1$' + } + +# 'check_http_hostname_4' command definition +define command{ + command_name check_httpname_4 + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTNAME$' -I '$HOSTADDRESS$' -4 '$ARG1$' + } + +# 'check_http2_4' command definition +define command{ + command_name check_http2_4 + command_line /usr/lib/nagios/plugins/check_http -H '$ARG1$' -I '$HOSTADDRESS$' -w '$ARG2$' -c '$ARG3$' -4 '$ARG4$' + } + +# 'check_squid_4' command definition +define command{ + command_name check_squid_4 + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTADDRESS$' -p '$ARG1$' -u '$ARG2$' -4 + } + +# 'check_https_4' command definition +define command{ + command_name check_https_4 + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' -4 '$ARG1$' + } + +# 'check_https_hostname_4' command definition +define command{ + command_name check_https_hostname_4 + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTNAME$' -I '$HOSTADDRESS$' -4 '$ARG1$' + } + +# 'check_https_auth_4' command definition +define command{ + command_name check_https_auth_4 + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' -a '$ARG1$' -4 '$ARG2$' + } + +# 'check_https_auth_hostname_4' command definition +define command{ + command_name check_https_auth_hostname_4 + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTNAME' -I '$HOSTADDRESS$' -a '$ARG1$' -4 '$ARG2$' + } + +# 'check_cups_4' command definition +define command{ + command_name check_cups_4 + command_line /usr/lib/nagios/plugins/check_http -I '$HOSTADDRESS$' -p 631 -4 '$ARG1$' + } diff --git a/nagios-plugins/config/ifstatus.cfg b/nagios-plugins/config/ifstatus.cfg new file mode 100644 index 0000000..e3fb54a --- /dev/null +++ b/nagios-plugins/config/ifstatus.cfg @@ -0,0 +1,23 @@ +# 'check_ifstatus' command definition +define command{ + command_name check_ifstatus + command_line /usr/lib/nagios/plugins/check_ifstatus -H '$HOSTADDRESS$' -C '$ARG1$' + } + +# 'check_ifstatus_exclude' command definition +define command{ + command_name check_ifstatus_exclude + command_line /usr/lib/nagios/plugins/check_ifstatus -H '$HOSTADDRESS$' -C '$ARG1$' -x '$ARG2$' + } + +# 'check_ifoperstatus_ifindex' command definition +define command{ + command_name check_ifoperstatus_ifindex + command_line /usr/lib/nagios/plugins/check_ifoperstatus -H '$HOSTADDRESS$' -C '$ARG1$' -k '$ARG2$' + } + +# 'check_ifoperstatus_ifdescr' command definition +define command{ + command_name check_ifoperstatus_ifdescr + command_line /usr/lib/nagios/plugins/check_ifoperstatus -H '$HOSTADDRESS$' -C '$ARG1$' -d '$ARG2$' + } diff --git a/nagios-plugins/config/ldap.cfg b/nagios-plugins/config/ldap.cfg new file mode 100644 index 0000000..ae5bde3 --- /dev/null +++ b/nagios-plugins/config/ldap.cfg @@ -0,0 +1,31 @@ +# 'check_ldap' command definition +define command{ + command_name check_ldap + command_line /usr/lib/nagios/plugins/check_ldap -H '$HOSTADDRESS$' -b '$ARG1$' + } + +# 'check_ldaps' command definition +# This was using 'check_ldaps' in the past which used port 389 and starttls +# mechanism on default, keeped for backward compatibility +define command{ + command_name check_ldaps + command_line /usr/lib/nagios/plugins/check_ldap -H '$HOSTADDRESS$' -T -b '$ARG1$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_ldap_4' command definition +define command{ + command_name check_ldap_4 + command_line /usr/lib/nagios/plugins/check_ldap -H '$HOSTADDRESS$' -b '$ARG1$' -4 + } + +# 'check_ldaps_4' command definition +# This was using 'check_ldaps' in the past which used port 389 and starttls +# mechanism on default, keeped for backward compatibility +define command{ + command_name check_ldaps_4 + command_line /usr/lib/nagios/plugins/check_ldap -H '$HOSTADDRESS$' -T -b '$ARG1$' -4 + } diff --git a/nagios-plugins/config/load.cfg b/nagios-plugins/config/load.cfg new file mode 100644 index 0000000..c87efde --- /dev/null +++ b/nagios-plugins/config/load.cfg @@ -0,0 +1,6 @@ +# 'check_load' command definition +define command{ + command_name check_load + command_line /usr/lib/nagios/plugins/check_load --warning='$ARG1$,$ARG2$,$ARG3$' --critical='$ARG4$,$ARG5$,$ARG6$' + } + diff --git a/nagios-plugins/config/mail.cfg b/nagios-plugins/config/mail.cfg new file mode 100644 index 0000000..1da8050 --- /dev/null +++ b/nagios-plugins/config/mail.cfg @@ -0,0 +1,77 @@ +# 'check_pop' command definition +define command { + command_name check_pop + command_line /usr/lib/nagios/plugins/check_pop -H '$HOSTADDRESS$' '$ARG1$' +} + + +# 'check_smtp' command definition +define command { + command_name check_smtp + command_line /usr/lib/nagios/plugins/check_smtp -H '$HOSTADDRESS$' '$ARG1$' +} + +# 'check_ssmtp' command definition +define command { + command_name check_ssmtp + command_line /usr/lib/nagios/plugins/check_ssmtp -H '$HOSTADDRESS$' '$ARG1$' +} + +# 'check_imap' command definition +define command { + command_name check_imap + command_line /usr/lib/nagios/plugins/check_imap -H '$HOSTADDRESS$' '$ARG1$' +} + +# 'check_spop' command definition +define command { + command_name check_spop + command_line /usr/lib/nagios/plugins/check_pop -p 995 -H '$HOSTADDRESS$' -S '$ARG1$' +} + + +# 'check_simap' command definition +define command { + command_name check_simap + command_line /usr/lib/nagios/plugins/check_imap -p 993 -H '$HOSTADDRESS$' -S '$ARG1$' +} + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_pop_4' command definition +define command { + command_name check_pop_4 + command_line /usr/lib/nagios/plugins/check_pop -H '$HOSTADDRESS$' -4 '$ARG1$' +} + +# 'check_smtp_4' command definition +define command { + command_name check_smtp_4 + command_line /usr/lib/nagios/plugins/check_smtp -H '$HOSTADDRESS$' -4 '$ARG1$' +} + +# 'check_ssmtp_4' command definition +define command { + command_name check_ssmtp_4 + command_line /usr/lib/nagios/plugins/check_ssmtp -H '$HOSTADDRESS$' -4 '$ARG1$' +} + +# 'check_imap_4' command definition +define command { + command_name check_imap_4 + command_line /usr/lib/nagios/plugins/check_imap -H '$HOSTADDRESS$' -4 '$ARG1$' +} + +# 'check_spop_4' command definition +define command { + command_name check_spop_4 + command_line /usr/lib/nagios/plugins/check_pop -p 995 -H '$HOSTADDRESS$' -S -4 '$ARG1$' +} + +# 'check_simap_4' command definition +define command { + command_name check_simap_4 + command_line /usr/lib/nagios/plugins/check_imap -p 993 -H '$HOSTADDRESS$' -S -4 '$ARG1$' +} diff --git a/nagios-plugins/config/mailq.cfg b/nagios-plugins/config/mailq.cfg new file mode 100644 index 0000000..9fb4486 --- /dev/null +++ b/nagios-plugins/config/mailq.cfg @@ -0,0 +1,24 @@ +# 'check-mailq' for sendmail +define command { + command_name check_mailq_sendmail + command_line /usr/lib/nagios/plugins/check_mailq -w '$ARG1$' -c '$ARG2$' -M sendmail +} + +# 'check-mailq' for postfix +define command { + command_name check_mailq_postfix + command_line /usr/lib/nagios/plugins/check_mailq -w '$ARG1$' -c '$ARG2$' -M postfix +} + +# 'check-mailq' for exim +define command { + command_name check_mailq_exim + command_line /usr/lib/nagios/plugins/check_mailq -w '$ARG1$' -c '$ARG2$' -M exim +} + +# 'check-mailq' for qmail +define command { + command_name check_mailq_qmail + command_line /usr/lib/nagios/plugins/check_mailq -w '$ARG1$' -c '$ARG2$' -M qmail +} + diff --git a/nagios-plugins/config/mrtg.cfg b/nagios-plugins/config/mrtg.cfg new file mode 100644 index 0000000..9a4c626 --- /dev/null +++ b/nagios-plugins/config/mrtg.cfg @@ -0,0 +1,14 @@ +# 'check_mrtg' command definition +define command{ + command_name check_mrtg + command_line /usr/lib/nagios/plugins/check_mrtg '$ARG1$' 10 AVG '$ARG2$' '$ARG3$' '$ARG4$' '$ARG5$' '$ARG6$' + } + + +# 'traffic_average' command definition +define command{ + command_name traffic_average + command_line /usr/lib/nagios/plugins/check_mrtgtraf '$ARG1$' 10 AVG '$ARG2$' '$ARG3$' '$ARG4$' '$ARG5$' + } + + diff --git a/nagios-plugins/config/mysql.cfg b/nagios-plugins/config/mysql.cfg new file mode 100644 index 0000000..e8c8a65 --- /dev/null +++ b/nagios-plugins/config/mysql.cfg @@ -0,0 +1,24 @@ +# 'check_mysql' command definition +define command{ + command_name check_mysql + command_line /usr/lib/nagios/plugins/check_mysql -H '$HOSTADDRESS$' '$ARG1$' +} + +# 'check_mysql_cmdlinecred' command definition +define command{ + command_name check_mysql_cmdlinecred + command_line /usr/lib/nagios/plugins/check_mysql -H '$HOSTADDRESS$' -u '$ARG1$' -p '$ARG2$' '$ARG3$' +} + +# 'check_mysql_database' command definition +define command{ + command_name check_mysql_database + command_line /usr/lib/nagios/plugins/check_mysql -d '$ARG3$' -H '$HOSTADDRESS$' -u '$ARG1$' -p '$ARG2$' '$ARG3$' +} + +# 'check_mysql_slave' command definition +define command{ + command_name check_mysql_slave + command_line /usr/lib/nagios/plugins/check_mysql -H '$HOSTADDRESS$' -u '$ARG1$' -p '$ARG2$' -S '$ARG3$' +} + diff --git a/nagios-plugins/config/netware.cfg b/nagios-plugins/config/netware.cfg new file mode 100644 index 0000000..bc5f9d7 --- /dev/null +++ b/nagios-plugins/config/netware.cfg @@ -0,0 +1,84 @@ +# 'check_netware_logins' command definition +define command{ + command_name check_netware_logins + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v "LOGINS" -w '$ARG1$' -c '$ARG2$' + } + + +# 'check_nwstat_conns' command definition +define command{ + command_name check_nwstat_conns + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v CONNS -w '$ARG1$' -c '$ARG2$' + } + + +# 'check_netware_1load' command definition +define command{ + command_name check_netware_1load + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v "LOAD1" -w 70 -c 90 + } + + +# 'check_netware_5load' command definition +define command{ + command_name check_netware_5load + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v "LOAD5" -w 70 -c 90 + } + + +# 'check_netware_15load' command definition +define command{ + command_name check_netware_15load + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v "LOAD15" -w 70 -c 90 + } + + +# 'check_nwstat_vol_p' command definition +define command{ + command_name check_nwstat_vol_p + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v VPF'$ARG1$' -w '$ARG2$' -c '$ARG3$' + } + + +# 'check_nwstat_vol_k' command definition +define command{ + command_name check_nwstat_vol_k + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v VKF'$ARG1$' -w '$ARG2$' -c '$ARG3$' + } + + +# 'check_nwstat_ltch' command definition +define command{ + command_name check_nwstat_ltch + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v LTCH -w '$ARG1$' -c '$ARG2$' + } + + +# 'check_nwstat_puprb' command definition +define command{ + command_name check_nwstat_puprb + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v PUPRB -w '$ARG1$' -c '$ARG2$' + } + + +# 'check_nwstat_dsdb' command definition +define command{ + command_name check_nwstat_dsdb + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v DSDB + } + + +# 'check_netware_abend' command definition +define command{ + command_name check_netware_abend + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v "ABENDS" -w 10 -c 30 + } + + +# 'check_nwstat_csprocs' command definition +define command{ + command_name check_nwstat_csprocs + command_line /usr/lib/nagios/plugins/check_nwstat -H '$HOSTADDRESS$' -v CSPROCS -w '$ARG1$' -c '$ARG2$' + } + + diff --git a/nagios-plugins/config/news.cfg b/nagios-plugins/config/news.cfg new file mode 100644 index 0000000..065b395 --- /dev/null +++ b/nagios-plugins/config/news.cfg @@ -0,0 +1,15 @@ +# 'check_nntp' command definition +define command{ + command_name check_nntp + command_line /usr/lib/nagios/plugins/check_nntp -H '$HOSTADDRESS$' '$ARG1$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_nntp_4' command definition +define command{ + command_name check_nntp_4 + command_line /usr/lib/nagios/plugins/check_nntp -H '$HOSTADDRESS$' -4 '$ARG1$' + } diff --git a/nagios-plugins/config/nt.cfg b/nagios-plugins/config/nt.cfg new file mode 100644 index 0000000..c01000c --- /dev/null +++ b/nagios-plugins/config/nt.cfg @@ -0,0 +1,15 @@ +# If you are confused about this command definition, cause you was +# reading other suggestions, please have a look into +# /usr/share/doc/monitoring-plugins/README.Debian + +# 'check_nt' command definition +define command { + command_name check_nt + command_line /usr/lib/nagios/plugins/check_nt -H '$HOSTADDRESS$' -v '$ARG1$' +} + +# 'check_nscp' command definition +define command { + command_name check_nscp + command_line /usr/lib/nagios/plugins/check_nt -H '$HOSTADDRESS$' -p 12489 -v '$ARG1$' +} diff --git a/nagios-plugins/config/ntp.cfg b/nagios-plugins/config/ntp.cfg new file mode 100644 index 0000000..8668718 --- /dev/null +++ b/nagios-plugins/config/ntp.cfg @@ -0,0 +1,17 @@ +# 'check_ntp' command definition +define command{ + command_name check_ntp + command_line /usr/lib/nagios/plugins/check_ntp_peer -H '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_ntp_ntpq' command definition +define command{ + command_name check_ntp_ntpq + command_line /usr/lib/nagios/plugins/check_ntp_peer -H '$HOSTADDRESS$' -j 10 -k 15 '$ARG1$' + } + +# 'check_time' command definition +define command{ + command_name check_time + command_line /usr/lib/nagios/plugins/check_time -H '$HOSTADDRESS$' '$ARG1$' + } diff --git a/nagios-plugins/config/pgsql.cfg b/nagios-plugins/config/pgsql.cfg new file mode 100644 index 0000000..5c7f87c --- /dev/null +++ b/nagios-plugins/config/pgsql.cfg @@ -0,0 +1,15 @@ +# 'check_pgsql' command definition +define command{ + command_name check_pgsql + command_line /usr/lib/nagios/plugins/check_pgsql -H '$HOSTADDRESS$' '$ARG1$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_pgsql_4' command definition +define command{ + command_name check_pgsql_4 + command_line /usr/lib/nagios/plugins/check_pgsql -H '$HOSTADDRESS$' -4 '$ARG1$' + } diff --git a/nagios-plugins/config/ping.cfg b/nagios-plugins/config/ping.cfg new file mode 100644 index 0000000..4d76cab --- /dev/null +++ b/nagios-plugins/config/ping.cfg @@ -0,0 +1,72 @@ +# 'check_ping' command definition +define command{ + command_name check_ping + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w '$ARG1$' -c '$ARG2$' + } + + +# 'check-host-alive' command definition +define command{ + command_name check-host-alive + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 + } + + +# 'check-printer-alive' command definition +define command{ + command_name check-printer-alive + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 + } + + +# 'check-switch-alive' command definition +define command{ + command_name check-switch-alive + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 + } + + +# 'check-router-alive' command definition +define command{ + command_name check-router-alive + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_ping_4' command definition +define command{ + command_name check_ping_4 + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w '$ARG1$' -c '$ARG2$' -4 + } + + +# 'check-host-alive_4' command definition +define command{ + command_name check-host-alive_4 + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 -4 + } + + +# 'check-printer-alive_4' command definition +define command{ + command_name check-printer-alive_4 + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 -4 + } + + +# 'check-switch-alive_4' command definition +define command{ + command_name check-switch-alive_4 + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 -4 + } + + +# 'check-router-alive_4' command definition +define command{ + command_name check-router-alive_4 + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 -4 + } + diff --git a/nagios-plugins/config/procs.cfg b/nagios-plugins/config/procs.cfg new file mode 100644 index 0000000..47158e4 --- /dev/null +++ b/nagios-plugins/config/procs.cfg @@ -0,0 +1,20 @@ +# 'check_procs' command definition +define command{ + command_name check_procs + command_line /usr/lib/nagios/plugins/check_procs -w '$ARG1$' -c '$ARG2$' + } + + +# 'check_procs_zombie' command definition +define command{ + command_name check_procs_zombie + command_line /usr/lib/nagios/plugins/check_procs -w '$ARG1$' -c '$ARG2$' -s Z + } + + +# 'check_procs_httpd' command definition +define command{ + command_name check_procs_httpd + command_line /usr/lib/nagios/plugins/check_procs -w 5:'$ARG1$' -c 1:'$ARG2$' -C httpd + } + diff --git a/nagios-plugins/config/radius.cfg b/nagios-plugins/config/radius.cfg new file mode 100644 index 0000000..92c3679 --- /dev/null +++ b/nagios-plugins/config/radius.cfg @@ -0,0 +1,6 @@ +# 'check_radius' command definition +define command{ + command_name check_radius + command_line /usr/lib/nagios/plugins/check_radius -F /etc/radcli/radiusclient.conf -H '$HOSTADDRESS$' -P '$ARG4$' -t '$ARG3$' -u '$ARG1$' -p '$ARG2$' + } + diff --git a/nagios-plugins/config/real.cfg b/nagios-plugins/config/real.cfg new file mode 100644 index 0000000..3afb59c --- /dev/null +++ b/nagios-plugins/config/real.cfg @@ -0,0 +1,13 @@ +# 'check_real_url' command definition +define command{ + command_name check_real_url + command_line /usr/lib/nagios/plugins/check_real '$HOSTADDRESS$' -p '$ARG1$' -wt '$ARG2$' -ct '$ARG3$' -to 5 -u '$ARG4$' + } + + +# 'check_real' command definition +define command{ + command_name check_real + command_line /usr/lib/nagios/plugins/check_real '$HOSTADDRESS$' -p '$ARG1$' -wt '$ARG2$' -ct '$ARG3$' -to 5 + } + diff --git a/nagios-plugins/config/rpc-nfs.cfg b/nagios-plugins/config/rpc-nfs.cfg new file mode 100644 index 0000000..0a551f4 --- /dev/null +++ b/nagios-plugins/config/rpc-nfs.cfg @@ -0,0 +1,14 @@ + +# 'check-rpc' command definition +define command{ + command_name check-rpc + command_line /usr/lib/nagios/plugins/check_rpc -H '$HOSTADDRESS$' -C '$ARG1$' + } + + +# 'check-nfs' command definition +define command{ + command_name check-nfs + command_line /usr/lib/nagios/plugins/check_rpc -H '$HOSTADDRESS$' -C nfs -c2,3 + } + diff --git a/nagios-plugins/config/snmp.cfg b/nagios-plugins/config/snmp.cfg new file mode 100644 index 0000000..2be8f8e --- /dev/null +++ b/nagios-plugins/config/snmp.cfg @@ -0,0 +1,132 @@ +# 'snmp_load' command definition +define command{ + command_name snmp_load + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o .1.3.6.1.4.1.2021.10.1.5.1,.1.3.6.1.4.1.2021.10.1.5.2,.1.3.6.1.4.1.2021.10.1.5.3 -w :'$ARG2$',:'$ARG3$',:'$ARG4$' -c :'$ARG5$',:'$ARG6$',:'$ARG7$' -l load + } + + +# 'snmp_cpustats' command definition +define command{ + command_name snmp_cpustats + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o .1.3.6.1.4.1.2021.11.9.0,.1.3.6.1.4.1.2021.11.10.0,.1.3.6.1.4.1.2021.11.11.0 -l 'CPU usage (user system idle)' -u '%' + } + + +# 'snmp_procname' command definition +define command{ + command_name snmp_procname + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o .1.3.6.1.4.1.2021.2.1.5.'$ARG2$' -w '$ARG3$':'$ARG4$' -c '$ARG5$':'$ARG6$' + } + + +# 'snmp_disk' command definition +define command{ + command_name snmp_disk + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o .1.3.6.1.4.1.2021.9.1.7.'$ARG2$',.1.3.6.1.4.1.2021.9.1.9.'$ARG2$' -w '$ARG3$':,:'$ARG4$' -c '$ARG5$':,:'$ARG6$' -u 'kB free (','% used)' -l 'disk space' + } + + +# 'snmp_mem' command definition +define command{ + command_name snmp_mem + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o .1.3.6.1.4.1.2021.4.6.0,.1.3.6.1.4.1.2021.4.5.0 -w '$ARG2$': -c '$ARG3$': + } + + +# 'snmp_swap' command definition +define command{ + command_name snmp_swap + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o .1.3.6.1.4.1.2021.4.4.0,.1.3.6.1.4.1.2021.4.3.0 -w '$ARG2$': -c '$ARG3$': + } + + +# 'snmp_procs' command definition +define command{ + command_name snmp_procs + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o host.hrSystem.hrSystemProcesses -w :'$ARG2$' -c :'$ARG3$' -l processes + } + + +# 'snmp_users' command definition +define command{ + command_name snmp_users + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o host.hrSystem.hrSystemNumUsers -w :'$ARG2$' -c :'$ARG3$' -l users + } + + +# 'snmp_mem2' command definition +define command{ + command_name snmp_mem2 + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.'$ARG2$',host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageSize.'$ARG2$' -w '$ARG3$' -c '$ARG4$' + } + + +# 'snmp_swap2' command definition +define command{ + command_name snmp_swap2 + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.'$ARG2$',host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageSize.'$ARG2$' -w '$ARG3$' -c '$ARG4$' + } + + +# 'snmp_mem3' command definition +define command{ + command_name snmp_mem3 + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.'$ARG2$',host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageSize.'$ARG2$' -w '$ARG3$' -c '$ARG4$' + } + + +# 'snmp_swap3' command definition +define command{ + command_name snmp_swap3 + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.'$ARG2$',host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageSize.'$ARG2$' -w '$ARG3$' -c '$ARG4$' + } + + +# 'snmp_disk2' command definition +define command{ + command_name snmp_disk2 + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o host.hrStorage.hrStorageTable.hrStorageEntry.hrStorageUsed.'$ARG2$' -w '$ARG3$' -c '$ARG4$' + } + + +# 'snmp_tcpopen' command definition +define command{ + command_name snmp_tcpopen + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o tcp.tcpCurrEstab.0 -w '$ARG2$' -c '$ARG3$' + } + + +# 'snmp_tcpstats' command definition +define command{ + command_name snmp_tcpstats + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o tcp.tcpActiveOpens.0,tcp.tcpPassiveOpens.0,tcp.tcpInSegs.0,tcp.tcpOutSegs.0,tcp.tcpRetransSegs.0 -l 'TCP stats' + } + + +# 'check_netapp_uptime' command definition +define command{ + command_name check_netapp_uptime + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o .1.3.6.1.2.1.1.3.0 --delimiter=')' -l "Uptime is" + } + + +# 'check_netapp_cpuload' command definition +define command{ + command_name check_netapp_cpuload + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o .1.3.6.1.4.1.789.1.2.1.3.0 -w 90 -c 95 -u '%' -l "CPU LOAD " + } + + +# 'check_netapp_numdisks' command definition +define command{ + command_name check_netapp_numdisks + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o .1.3.6.1.4.1.789.1.6.4.1.0,.1.3.6.1.4.1.789.1.6.4.2.0,.1.3.6.1.4.1.789.1.6.4.8.0,.1.3.6.1.4.1.789.1.6.4.7.0 -u 'Total Disks','Active','Spare','Failed' -l "" + } + + +# 'check_compaq_thermalCondition' command definition +define command{ + command_name check_compaq_thermalCondition + command_line /usr/lib/nagios/plugins/check_snmp -H '$HOSTADDRESS$' -C '$ARG1$' -o .1.3.6.1.4.1.232.6.2.1.0,.1.3.6.1.4.1.232.6.2.2.0,.1.3.6.1.4.1.232.6.2.3.0,.1.3.6.1.4.1.232.6.2.4.0 -u 'ThermalCondition','ThermalTemp','ThermalSystem','ThermalCPUFan' -w 2:2,2:2,2:2,2:2 -c 1:2,1:2,1:2,1:2 -l "Thermal status " + } + diff --git a/nagios-plugins/config/ssh.cfg b/nagios-plugins/config/ssh.cfg new file mode 100644 index 0000000..29a6d17 --- /dev/null +++ b/nagios-plugins/config/ssh.cfg @@ -0,0 +1,27 @@ +# 'check_ssh' command definition +define command{ + command_name check_ssh + command_line /usr/lib/nagios/plugins/check_ssh '$HOSTADDRESS$' + } + +# 'check_ssh_port' command definition +define command{ + command_name check_ssh_port + command_line /usr/lib/nagios/plugins/check_ssh -p '$ARG1$' '$HOSTADDRESS$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_ssh_4' command definition +define command{ + command_name check_ssh_4 + command_line /usr/lib/nagios/plugins/check_ssh -4 '$HOSTADDRESS$' + } + +# 'check_ssh_port_4' command definition +define command{ + command_name check_ssh_port_4 + command_line /usr/lib/nagios/plugins/check_ssh -4 -p '$ARG1$' '$HOSTADDRESS$' + } diff --git a/nagios-plugins/config/tcp_udp.cfg b/nagios-plugins/config/tcp_udp.cfg new file mode 100644 index 0000000..140e84c --- /dev/null +++ b/nagios-plugins/config/tcp_udp.cfg @@ -0,0 +1,27 @@ +# 'check_tcp' command definition +define command{ + command_name check_tcp + command_line /usr/lib/nagios/plugins/check_tcp -H '$HOSTADDRESS$' -p '$ARG1$' '$ARG2$' + } + +# 'check_udp' command definition +define command{ + command_name check_udp + command_line /usr/lib/nagios/plugins/check_udp -H '$HOSTADDRESS$' -p '$ARG1$' '$ARG2$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_tcp_4' command definition +define command{ + command_name check_tcp_4 + command_line /usr/lib/nagios/plugins/check_tcp -H '$HOSTADDRESS$' -p '$ARG1$' -4 '$ARG2$' + } + +# 'check_udp_4' command definition +define command{ + command_name check_udp_4 + command_line /usr/lib/nagios/plugins/check_udp -H '$HOSTADDRESS$' -p '$ARG1$' -4 '$ARG2$' + } diff --git a/nagios-plugins/config/telnet.cfg b/nagios-plugins/config/telnet.cfg new file mode 100644 index 0000000..a87f842 --- /dev/null +++ b/nagios-plugins/config/telnet.cfg @@ -0,0 +1,15 @@ +# 'check_telnet' command definition +define command{ + command_name check_telnet + command_line /usr/lib/nagios/plugins/check_tcp -H '$HOSTADDRESS$' -p 23 '$ARG1$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_telnet_4' command definition +define command{ + command_name check_telnet_4 + command_line /usr/lib/nagios/plugins/check_tcp -H '$HOSTADDRESS$' -p 23 -4 '$ARG1$' + } diff --git a/nagios-plugins/config/users.cfg b/nagios-plugins/config/users.cfg new file mode 100644 index 0000000..614a622 --- /dev/null +++ b/nagios-plugins/config/users.cfg @@ -0,0 +1,6 @@ +# 'check_users' command definition +define command{ + command_name check_users + command_line /usr/lib/nagios/plugins/check_users -w '$ARG1$' -c '$ARG2$' + } + diff --git a/netconfig b/netconfig new file mode 100644 index 0000000..effc67e --- /dev/null +++ b/netconfig @@ -0,0 +1,19 @@ +# +# The network configuration file. This file is currently only used in +# conjunction with the TI-RPC code in the libtirpc library. +# +# Entries consist of: +# +# \ +# +# +# The and fields are always empty in this +# implementation. +# +udp tpi_clts v inet udp - - +tcp tpi_cots_ord v inet tcp - - +udp6 tpi_clts v inet6 udp - - +tcp6 tpi_cots_ord v inet6 tcp - - +rawip tpi_raw - inet - - - +local tpi_cots_ord - loopback - - - +unix tpi_cots_ord - loopback - - - diff --git a/pam.d/samba b/pam.d/samba new file mode 100644 index 0000000..e6c8ce6 --- /dev/null +++ b/pam.d/samba @@ -0,0 +1,3 @@ +@include common-auth +@include common-account +@include common-session-noninteractive diff --git a/passwd b/passwd index bd5cf08..920012a 100644 --- a/passwd +++ b/passwd @@ -32,3 +32,5 @@ postfix:x:110:116::/var/spool/postfix:/usr/sbin/nologin dovecot:x:111:118:Dovecot mail server,,,:/usr/lib/dovecot:/usr/sbin/nologin dovenull:x:112:119:Dovecot login user,,,:/nonexistent:/usr/sbin/nologin tcpdump:x:113:121::/nonexistent:/usr/sbin/nologin +nagios:x:114:122::/var/lib/nagios:/usr/sbin/nologin +_rpc:x:115:65534::/run/rpcbind:/usr/sbin/nologin diff --git a/passwd- b/passwd- index bd5cf08..920012a 100644 --- a/passwd- +++ b/passwd- @@ -32,3 +32,5 @@ postfix:x:110:116::/var/spool/postfix:/usr/sbin/nologin dovecot:x:111:118:Dovecot mail server,,,:/usr/lib/dovecot:/usr/sbin/nologin dovenull:x:112:119:Dovecot login user,,,:/nonexistent:/usr/sbin/nologin tcpdump:x:113:121::/nonexistent:/usr/sbin/nologin +nagios:x:114:122::/var/lib/nagios:/usr/sbin/nologin +_rpc:x:115:65534::/run/rpcbind:/usr/sbin/nologin diff --git a/radcli/dictionary b/radcli/dictionary new file mode 100644 index 0000000..6b70580 --- /dev/null +++ b/radcli/dictionary @@ -0,0 +1,308 @@ +# +# Updated 97/06/13 to livingston-radius-2.01 miquels@cistron.nl +# +# This file contains dictionary translations for parsing +# requests and generating responses. All transactions are +# composed of Attribute/Value Pairs. The value of each attribute +# is specified as one of 4 data types. Valid data types are: +# +# string - 0-253 octets +# ipv4addr- 4 octets in network byte order +# ipv6addr - 16 octets in network byte order +# ipv6prefix- up to 16 octets in network byte order, plus prefix length +# integer - 32 bit value in big endian order (high byte first) +# date - 32 bit value in big endian order - seconds since +# 00:00:00 GMT, Jan. 1, 1970 +# +# Enumerated values are stored in the user file with dictionary +# VALUE translations for easy administration. +# +# Example: +# +# ATTRIBUTE VALUE +# --------------- ----- +# Framed-Protocol = PPP +# 7 = 1 (integer encoding) +# + +# +# Following are the proper new names. Use these. +# +ATTRIBUTE User-Name 1 string +ATTRIBUTE Password 2 string +ATTRIBUTE CHAP-Password 3 string +ATTRIBUTE NAS-IP-Address 4 ipv4addr +ATTRIBUTE NAS-Port-Id 5 integer +ATTRIBUTE Service-Type 6 integer +ATTRIBUTE Framed-Protocol 7 integer +ATTRIBUTE Framed-IP-Address 8 ipv4addr +ATTRIBUTE Framed-IP-Netmask 9 ipv4addr +ATTRIBUTE Framed-Routing 10 integer +ATTRIBUTE Filter-Id 11 string +ATTRIBUTE Framed-MTU 12 integer +ATTRIBUTE Framed-Compression 13 integer +ATTRIBUTE Login-IP-Host 14 ipv4addr +ATTRIBUTE Login-Service 15 integer +ATTRIBUTE Login-TCP-Port 16 integer +ATTRIBUTE Reply-Message 18 string +ATTRIBUTE Callback-Number 19 string +ATTRIBUTE Callback-Id 20 string +ATTRIBUTE Framed-Route 22 string +ATTRIBUTE Framed-IPX-Network 23 ipv4addr +ATTRIBUTE State 24 string +ATTRIBUTE Class 25 string +ATTRIBUTE Vendor-Specific 26 string +ATTRIBUTE Session-Timeout 27 integer +ATTRIBUTE Idle-Timeout 28 integer +ATTRIBUTE Termination-Action 29 integer +ATTRIBUTE Called-Station-Id 30 string +ATTRIBUTE Calling-Station-Id 31 string +ATTRIBUTE NAS-Identifier 32 string +ATTRIBUTE Proxy-State 33 string +ATTRIBUTE Login-LAT-Service 34 string +ATTRIBUTE Login-LAT-Node 35 string +ATTRIBUTE Login-LAT-Group 36 string +ATTRIBUTE Framed-AppleTalk-Link 37 integer +ATTRIBUTE Framed-AppleTalk-Network 38 integer +ATTRIBUTE Framed-AppleTalk-Zone 39 string +ATTRIBUTE Acct-Status-Type 40 integer +ATTRIBUTE Acct-Delay-Time 41 integer +ATTRIBUTE Acct-Input-Octets 42 integer +ATTRIBUTE Acct-Output-Octets 43 integer +ATTRIBUTE Acct-Session-Id 44 string +ATTRIBUTE Acct-Authentic 45 integer +ATTRIBUTE Acct-Session-Time 46 integer +ATTRIBUTE Acct-Input-Packets 47 integer +ATTRIBUTE Acct-Output-Packets 48 integer +ATTRIBUTE Acct-Terminate-Cause 49 integer +ATTRIBUTE Acct-Multi-Session-Id 50 string +ATTRIBUTE Acct-Link-Count 51 integer +ATTRIBUTE Acct-Input-Gigawords 52 integer +ATTRIBUTE Acct-Output-Gigawords 53 integer +ATTRIBUTE Event-Timestamp 55 integer +ATTRIBUTE Egress-VLANID 56 string +ATTRIBUTE Ingress-Filters 57 integer +ATTRIBUTE Egress-VLAN-Name 58 string +ATTRIBUTE User-Priority-Table 59 string +ATTRIBUTE CHAP-Challenge 60 string +ATTRIBUTE NAS-Port-Type 61 integer +ATTRIBUTE Port-Limit 62 integer +ATTRIBUTE Login-LAT-Port 63 integer +ATTRIBUTE Tunnel-Type 64 string +ATTRIBUTE Tunnel-Medium-Type 65 string +ATTRIBUTE Tunnel-Client-Endpoint 66 string +ATTRIBUTE Tunnel-Server-Endpoint 67 string +ATTRIBUTE Acct-Tunnel-Connection 68 string +ATTRIBUTE Tunnel-Password 69 string +ATTRIBUTE ARAP-Password 70 string +ATTRIBUTE ARAP-Features 71 string +ATTRIBUTE ARAP-Zone-Access 72 integer +ATTRIBUTE ARAP-Security 73 integer +ATTRIBUTE ARAP-Security-Data 74 string +ATTRIBUTE Password-Retry 75 integer +ATTRIBUTE Prompt 76 integer +ATTRIBUTE Connect-Info 77 string +ATTRIBUTE Configuration-Token 78 string +ATTRIBUTE EAP-Message 79 string +ATTRIBUTE Message-Authenticator 80 string +ATTRIBUTE Tunnel-Private-Group-ID 81 string +ATTRIBUTE Tunnel-Assignment-ID 82 string +ATTRIBUTE Tunnel-Preference 83 string +ATTRIBUTE ARAP-Challenge-Response 84 string +ATTRIBUTE Acct-Interim-Interval 85 integer +ATTRIBUTE Acct-Tunnel-Packets-Lost 86 integer +ATTRIBUTE NAS-Port-Id-String 87 string +ATTRIBUTE Framed-Pool 88 string +ATTRIBUTE Chargeable-User-Identity 89 string +ATTRIBUTE Tunnel-Client-Auth-ID 90 string +ATTRIBUTE Tunnel-Server-Auth-ID 91 string +ATTRIBUTE NAS-Filter-Rule 92 string +ATTRIBUTE Originating-Line-Info 94 string +ATTRIBUTE NAS-IPv6-Address 95 ipv6addr +ATTRIBUTE Framed-Interface-Id 96 string +ATTRIBUTE Framed-IPv6-Prefix 97 ipv6prefix +ATTRIBUTE Login-IPv6-Host 98 ipv6addr +ATTRIBUTE Framed-IPv6-Route 99 string +ATTRIBUTE Framed-IPv6-Pool 100 string +ATTRIBUTE Error-Cause 101 integer +ATTRIBUTE EAP-Key-Name 102 string + +# +# RFC6911 IPv6 attributes +# +ATTRIBUTE Delegated-IPv6-Prefix 123 ipv6prefix +ATTRIBUTE Framed-IPv6-Address 168 ipv6addr +ATTRIBUTE DNS-Server-IPv6-Address 169 ipv6addr +ATTRIBUTE Route-IPv6-Information 170 ipv6prefix + +ATTRIBUTE Huntgroup-Name 221 string +# +# Non-Protocol Attributes +# These attributes are used internally by the server +# +ATTRIBUTE Expiration 21 date +ATTRIBUTE Auth-Type 1000 integer +ATTRIBUTE Menu 1001 string +ATTRIBUTE Termination-Menu 1002 string +ATTRIBUTE Prefix 1003 string +ATTRIBUTE Suffix 1004 string +ATTRIBUTE Group 1005 string +ATTRIBUTE Crypt-Password 1006 string +ATTRIBUTE Connect-Rate 1007 integer +ATTRIBUTE User-Category 1029 string +ATTRIBUTE Group-Name 1030 string +ATTRIBUTE Simultaneous-Use 1034 integer +ATTRIBUTE Strip-User-Name 1035 integer +ATTRIBUTE Fall-Through 1036 integer +ATTRIBUTE Add-Port-To-IP-Address 1037 integer +ATTRIBUTE Exec-Program 1038 string +ATTRIBUTE Exec-Program-Wait 1039 string +ATTRIBUTE Hint 1040 string + + +# +# Integer Translations +# + +# User Types + +VALUE Service-Type Login-User 1 +VALUE Service-Type Framed-User 2 +VALUE Service-Type Callback-Login-User 3 +VALUE Service-Type Callback-Framed-User 4 +VALUE Service-Type Outbound-User 5 +VALUE Service-Type Administrative-User 6 +VALUE Service-Type NAS-Prompt-User 7 +VALUE Service-Type Authenticate-Only 8 +VALUE Service-Type Callback-NAS-Prompt 9 +VALUE Service-Type Call-Check 10 +VALUE Service-Type Callback-Administrative 11 + +# Framed Protocols + +VALUE Framed-Protocol PPP 1 +VALUE Framed-Protocol SLIP 2 +VALUE Framed-Protocol ARAP 3 +VALUE Framed-Protocol GANDALF-SLMLP 4 +VALUE Framed-Protocol XYLOGICS-IPX-SLIP 5 +VALUE Framed-Protocol X75 6 + +# Framed Routing Values + +VALUE Framed-Routing None 0 +VALUE Framed-Routing Broadcast 1 +VALUE Framed-Routing Listen 2 +VALUE Framed-Routing Broadcast-Listen 3 + +# Framed Compression Types + +VALUE Framed-Compression None 0 +VALUE Framed-Compression Van-Jacobson-TCP-IP 1 +VALUE Framed-Compression IPX-Header 2 +VALUE Framed-Compression Stac-LZS 3 + +# Login Services + +VALUE Login-Service Telnet 0 +VALUE Login-Service Rlogin 1 +VALUE Login-Service TCP-Clear 2 +VALUE Login-Service PortMaster 3 +VALUE Login-Service LAT 4 +VALUE Login-Service X.25-PAD 5 +VALUE Login-Service X.25-T3POS 6 +VALUE Login-Service TCP-Clear-Quiet 8 + +# Status Types + +VALUE Acct-Status-Type Start 1 +VALUE Acct-Status-Type Stop 2 +VALUE Acct-Status-Type Alive 3 +VALUE Acct-Status-Type Accounting-On 7 +VALUE Acct-Status-Type Accounting-Off 8 + +# Authentication Types + +VALUE Acct-Authentic RADIUS 1 +VALUE Acct-Authentic Local 2 +VALUE Acct-Authentic Remote 3 + +# Termination Options + +VALUE Termination-Action Default 0 +VALUE Termination-Action RADIUS-Request 1 + +# NAS Port Types, available in 3.3.1 and later + +VALUE NAS-Port-Type Async 0 +VALUE NAS-Port-Type Sync 1 +VALUE NAS-Port-Type ISDN 2 +VALUE NAS-Port-Type ISDN-V120 3 +VALUE NAS-Port-Type ISDN-V110 4 +VALUE NAS-Port-Type Virtual 5 +VALUE NAS-Port-Type PIAFS 6 +VALUE NAS-Port-Type HDLC-Clear-Channel 7 +VALUE NAS-Port-Type X.25 8 +VALUE NAS-Port-Type X.75 9 +VALUE NAS-Port-Type G.3-Fax 10 +VALUE NAS-Port-Type SDSL 11 +VALUE NAS-Port-Type ADSL-CAP 12 +VALUE NAS-Port-Type ADSL-DMT 13 +VALUE NAS-Port-Type IDSL 14 +VALUE NAS-Port-Type Ethernet 15 + +# Acct Terminate Causes, available in 3.3.2 and later + +VALUE Acct-Terminate-Cause User-Request 1 +VALUE Acct-Terminate-Cause Lost-Carrier 2 +VALUE Acct-Terminate-Cause Lost-Service 3 +VALUE Acct-Terminate-Cause Idle-Timeout 4 +VALUE Acct-Terminate-Cause Session-Timeout 5 +VALUE Acct-Terminate-Cause Admin-Reset 6 +VALUE Acct-Terminate-Cause Admin-Reboot 7 +VALUE Acct-Terminate-Cause Port-Error 8 +VALUE Acct-Terminate-Cause NAS-Error 9 +VALUE Acct-Terminate-Cause NAS-Request 10 +VALUE Acct-Terminate-Cause NAS-Reboot 11 +VALUE Acct-Terminate-Cause Port-Unneeded 12 +VALUE Acct-Terminate-Cause Port-Preempted 13 +VALUE Acct-Terminate-Cause Port-Suspended 14 +VALUE Acct-Terminate-Cause Service-Unavailable 15 +VALUE Acct-Terminate-Cause Callback 16 +VALUE Acct-Terminate-Cause User-Error 17 +VALUE Acct-Terminate-Cause Host-Request 18 + +# +# Non-Protocol Integer Translations +# + +VALUE Auth-Type Local 0 +VALUE Auth-Type System 1 +VALUE Auth-Type SecurID 2 +VALUE Auth-Type Crypt-Local 3 +VALUE Auth-Type Reject 4 + +# +# Cistron extensions +# +VALUE Auth-Type Pam 253 +VALUE Auth-Type Accept 254 + +# +# Experimental Non-Protocol Integer Translations for Cistron-Radiusd +# +VALUE Fall-Through No 0 +VALUE Fall-Through Yes 1 +VALUE Add-Port-To-IP-Address No 0 +VALUE Add-Port-To-IP-Address Yes 1 + +# +# Configuration Values +# uncomment these two lines to turn account expiration on +# + +#VALUE Server-Config Password-Expiration 30 +#VALUE Server-Config Password-Warning 5 + +#$INCLUDE /etc/radcli/dictionary.microsoft +#$INCLUDE /etc/radcli/dictionary.roaringpenguin + diff --git a/radcli/dictionary.ascend b/radcli/dictionary.ascend new file mode 100644 index 0000000..74ce516 --- /dev/null +++ b/radcli/dictionary.ascend @@ -0,0 +1,297 @@ +# +# Ascend dictionary. +# +# Enable by putting the line "$INCLUDE dictionary.ascend" into +# the main dictionary file. +# +# Version: 1.00 21-Jul-1997 Jens Glaser +# + + +# +# Ascend specific extensions +# Used by ASCEND MAX/Pipeline products +# +ATTRIBUTE Ascend-FCP-Parameter 119 string +ATTRIBUTE Ascend-Modem-PortNo 120 integer +ATTRIBUTE Ascend-Modem-SlotNo 121 integer +ATTRIBUTE Ascend-Modem-ShelfNo 122 integer +ATTRIBUTE Ascend-Call-Attempt-Limit 123 integer +ATTRIBUTE Ascend-Call-Block-Duration 124 integer +ATTRIBUTE Ascend-Maximum-Call-Duration 125 integer +ATTRIBUTE Ascend-Temporary-Rtes 126 integer +ATTRIBUTE Tunneling-Protocol 127 integer +ATTRIBUTE Ascend-Shared-Profile-Enable 128 integer +ATTRIBUTE Ascend-Primary-Home-Agent 129 string +ATTRIBUTE Ascend-Secondary-Home-Agent 130 string +ATTRIBUTE Ascend-Dialout-Allowed 131 integer +ATTRIBUTE Ascend-Client-Gateway 132 ipv4addr +ATTRIBUTE Ascend-BACP-Enable 133 integer +ATTRIBUTE Ascend-DHCP-Maximum-Leases 134 integer +ATTRIBUTE Ascend-Client-Primary-DNS 135 ipv4addr +ATTRIBUTE Ascend-Client-Secondary-DNS 136 ipv4addr +ATTRIBUTE Ascend-Client-Assign-DNS 137 integer +ATTRIBUTE Ascend-User-Acct-Type 138 integer +ATTRIBUTE Ascend-User-Acct-Host 139 ipv4addr +ATTRIBUTE Ascend-User-Acct-Port 140 integer +ATTRIBUTE Ascend-User-Acct-Key 141 string +ATTRIBUTE Ascend-User-Acct-Base 142 integer +ATTRIBUTE Ascend-User-Acct-Time 143 integer +ATTRIBUTE Ascend-Assign-IP-Client 144 ipv4addr +ATTRIBUTE Ascend-Assign-IP-Server 145 ipv4addr +ATTRIBUTE Ascend-Assign-IP-Global-Pool 146 string +ATTRIBUTE Ascend-DHCP-Reply 147 integer +ATTRIBUTE Ascend-DHCP-Pool-Number 148 integer +ATTRIBUTE Ascend-Expect-Callback 149 integer +ATTRIBUTE Ascend-Event-Type 150 integer +ATTRIBUTE Ascend-Session-Svr-Key 151 string +ATTRIBUTE Ascend-Multicast-Rate-Limit 152 integer +ATTRIBUTE Ascend-IF-Netmask 153 ipv4addr +ATTRIBUTE Ascend-Remote-Addr 154 ipv4addr +ATTRIBUTE Ascend-Multicast-Client 155 integer +ATTRIBUTE Ascend-FR-Circuit-Name 156 string +ATTRIBUTE Ascend-FR-LinkUp 157 integer +ATTRIBUTE Ascend-FR-Nailed-Grp 158 integer +ATTRIBUTE Ascend-FR-Type 159 integer +ATTRIBUTE Ascend-FR-Link-Mgt 160 integer +ATTRIBUTE Ascend-FR-N391 161 integer +ATTRIBUTE Ascend-FR-DCE-N392 162 integer +ATTRIBUTE Ascend-FR-DTE-N392 163 integer +ATTRIBUTE Ascend-FR-DCE-N393 164 integer +ATTRIBUTE Ascend-FR-DTE-N393 165 integer +ATTRIBUTE Ascend-FR-T391 166 integer +ATTRIBUTE Ascend-FR-T392 167 integer +ATTRIBUTE Ascend-Bridge-Address 168 string +ATTRIBUTE Ascend-TS-Idle-Limit 169 integer +ATTRIBUTE Ascend-TS-Idle-Mode 170 integer +ATTRIBUTE Ascend-DBA-Monitor 171 integer +ATTRIBUTE Ascend-Base-Channel-Count 172 integer +ATTRIBUTE Ascend-Minimum-Channels 173 integer +ATTRIBUTE Ascend-IPX-Route 174 string +ATTRIBUTE Ascend-FT1-Caller 175 integer +ATTRIBUTE Ascend-Backup 176 string +ATTRIBUTE Ascend-Call-Type 177 integer +ATTRIBUTE Ascend-Group 178 string +ATTRIBUTE Ascend-FR-DLCI 179 integer +ATTRIBUTE Ascend-FR-Profile-Name 180 string +ATTRIBUTE Ascend-Ara-PW 181 string +ATTRIBUTE Ascend-IPX-Node-Addr 182 string +ATTRIBUTE Ascend-Home-Agent-IP-Addr 183 ipv4addr +ATTRIBUTE Ascend-Home-Agent-Password 184 string +ATTRIBUTE Ascend-Home-Network-Name 185 string +ATTRIBUTE Ascend-Home-Agent-UDP-Port 186 integer +ATTRIBUTE Ascend-Multilink-ID 187 integer +ATTRIBUTE Ascend-Num-In-Multilink 188 integer +ATTRIBUTE Ascend-First-Dest 189 ipv4addr +ATTRIBUTE Ascend-Pre-Input-Octets 190 integer +ATTRIBUTE Ascend-Pre-Output-Octets 191 integer +ATTRIBUTE Ascend-Pre-Input-Packets 192 integer +ATTRIBUTE Ascend-Pre-Output-Packets 193 integer +ATTRIBUTE Ascend-Maximum-Time 194 integer +ATTRIBUTE Ascend-Disconnect-Cause 195 integer +ATTRIBUTE Ascend-Connect-Progress 196 integer +ATTRIBUTE Ascend-Data-Rate 197 integer +ATTRIBUTE Ascend-PreSession-Time 198 integer +ATTRIBUTE Ascend-Token-Idle 199 integer +ATTRIBUTE Ascend-Token-Immediate 200 integer +ATTRIBUTE Ascend-Require-Auth 201 integer +ATTRIBUTE Ascend-Number-Sessions 202 string +ATTRIBUTE Ascend-Authen-Alias 203 string +ATTRIBUTE Ascend-Token-Expiry 204 integer +ATTRIBUTE Ascend-Menu-Selector 205 string +ATTRIBUTE Ascend-Menu-Item 206 string +ATTRIBUTE Ascend-PW-Warntime 207 integer +ATTRIBUTE Ascend-PW-Lifetime 208 integer +ATTRIBUTE Ascend-IP-Direct 209 ipv4addr +ATTRIBUTE Ascend-PPP-VJ-Slot-Comp 210 integer +ATTRIBUTE Ascend-PPP-VJ-1172 211 integer +ATTRIBUTE Ascend-PPP-Async-Map 212 integer +ATTRIBUTE Ascend-Third-Prompt 213 string +ATTRIBUTE Ascend-Send-Secret 214 string +ATTRIBUTE Ascend-Receive-Secret 215 string +ATTRIBUTE Ascend-IPX-Peer-Mode 216 integer +ATTRIBUTE Ascend-IP-Pool-Definition 217 string +ATTRIBUTE Ascend-Assign-IP-Pool 218 integer +ATTRIBUTE Ascend-FR-Direct 219 integer +ATTRIBUTE Ascend-FR-Direct-Profile 220 string +ATTRIBUTE Ascend-FR-Direct-DLCI 221 integer +ATTRIBUTE Ascend-Handle-IPX 222 integer +ATTRIBUTE Ascend-Netware-timeout 223 integer +ATTRIBUTE Ascend-IPX-Alias 224 integer +ATTRIBUTE Ascend-Metric 225 integer +ATTRIBUTE Ascend-PRI-Number-Type 226 integer +ATTRIBUTE Ascend-Dial-Number 227 string +ATTRIBUTE Ascend-Route-IP 228 integer +ATTRIBUTE Ascend-Route-IPX 229 integer +ATTRIBUTE Ascend-Bridge 230 integer +ATTRIBUTE Ascend-Send-Auth 231 integer +ATTRIBUTE Ascend-Send-Passwd 232 string +ATTRIBUTE Ascend-Link-Compression 233 integer +ATTRIBUTE Ascend-Target-Util 234 integer +ATTRIBUTE Ascend-Maximum-Channels 235 integer +ATTRIBUTE Ascend-Inc-Channel-Count 236 integer +ATTRIBUTE Ascend-Dec-Channel-Count 237 integer +ATTRIBUTE Ascend-Seconds-Of-History 238 integer +ATTRIBUTE Ascend-History-Weigh-Type 239 integer +ATTRIBUTE Ascend-Add-Seconds 240 integer +ATTRIBUTE Ascend-Remove-Seconds 241 integer +ATTRIBUTE Ascend-Idle-Limit 244 integer +ATTRIBUTE Ascend-Preempt-Limit 245 integer +ATTRIBUTE Ascend-Callback 246 integer +ATTRIBUTE Ascend-Data-Svc 247 integer +ATTRIBUTE Ascend-Force-56 248 integer +ATTRIBUTE Ascend-Billing-Number 249 string +ATTRIBUTE Ascend-Call-By-Call 250 integer +ATTRIBUTE Ascend-Transit-Number 251 string +ATTRIBUTE Ascend-Host-Info 252 string +ATTRIBUTE Ascend-PPP-Address 253 ipv4addr +ATTRIBUTE Ascend-MPP-Idle-Percent 254 integer +ATTRIBUTE Ascend-Xmit-Rate 255 integer + + + +# Ascend protocols +VALUE Service-Type Dialout-Framed-User 5 +VALUE Framed-Protocol ARA 255 +VALUE Framed-Protocol MPP 256 +VALUE Framed-Protocol EURAW 257 +VALUE Framed-Protocol EUUI 258 +VALUE Framed-Protocol X25 259 +VALUE Framed-Protocol COMB 260 +VALUE Framed-Protocol FR 261 +VALUE Framed-Protocol MP 262 +VALUE Framed-Protocol FR-CIR 263 + + +# +# Ascend specific extensions +# Used by ASCEND MAX/Pipeline products (see above) +# + +VALUE Ascend-FR-Direct FR-Direct-No 0 +VALUE Ascend-FR-Direct FR-Direct-Yes 1 +VALUE Ascend-Handle-IPX Handle-IPX-None 0 +VALUE Ascend-Handle-IPX Handle-IPX-Client 1 +VALUE Ascend-Handle-IPX Handle-IPX-Server 2 +VALUE Ascend-IPX-Peer-Mode IPX-Peer-Router 0 +VALUE Ascend-IPX-Peer-Mode IPX-Peer-Dialin 1 +VALUE Ascend-Call-Type Nailed 1 +VALUE Ascend-Call-Type Nailed/Mpp 2 +VALUE Ascend-Call-Type Perm/Switched 3 +VALUE Ascend-FT1-Caller FT1-No 0 +VALUE Ascend-FT1-Caller FT1-Yes 1 +VALUE Ascend-PRI-Number-Type Unknown-Number 0 +VALUE Ascend-PRI-Number-Type Intl-Number 1 +VALUE Ascend-PRI-Number-Type National-Number 2 +VALUE Ascend-PRI-Number-Type Local-Number 4 +VALUE Ascend-PRI-Number-Type Abbrev-Number 5 +VALUE Ascend-Route-IPX Route-IPX-No 0 +VALUE Ascend-Route-IPX Route-IPX-Yes 1 +VALUE Ascend-Bridge Bridge-No 0 +VALUE Ascend-Bridge Bridge-Yes 1 +VALUE Ascend-TS-Idle-Mode TS-Idle-None 0 +VALUE Ascend-TS-Idle-Mode TS-Idle-Input 1 +VALUE Ascend-TS-Idle-Mode TS-Idle-Input-Output 2 +VALUE Ascend-Send-Auth Send-Auth-None 0 +VALUE Ascend-Send-Auth Send-Auth-PAP 1 +VALUE Ascend-Send-Auth Send-Auth-CHAP 2 +VALUE Ascend-Send-Auth Send-Auth-MS-CHAP 3 +VALUE Ascend-Link-Compression Link-Comp-None 0 +VALUE Ascend-Link-Compression Link-Comp-Stac 1 +VALUE Ascend-Link-Compression Link-Comp-Stac-Draft-9 2 +VALUE Ascend-Link-Compression Link-Comp-MS-Stac 3 +VALUE Ascend-History-Weigh-Type History-Constant 0 +VALUE Ascend-History-Weigh-Type History-Linear 1 +VALUE Ascend-History-Weigh-Type History-Quadratic 2 +VALUE Ascend-Callback Callback-No 0 +VALUE Ascend-Callback Callback-Yes 1 +VALUE Ascend-Expect-Callback Expect-Callback-No 0 +VALUE Ascend-Expect-Callback Expect-Callback-Yes 1 +VALUE Ascend-Data-Svc Switched-Voice-Bearer 0 +VALUE Ascend-Data-Svc Switched-56KR 1 +VALUE Ascend-Data-Svc Switched-64K 2 +VALUE Ascend-Data-Svc Switched-64KR 3 +VALUE Ascend-Data-Svc Switched-56K 4 +VALUE Ascend-Data-Svc Switched-384KR 5 +VALUE Ascend-Data-Svc Switched-384K 6 +VALUE Ascend-Data-Svc Switched-1536K 7 +VALUE Ascend-Data-Svc Switched-1536KR 8 +VALUE Ascend-Data-Svc Switched-128K 9 +VALUE Ascend-Data-Svc Switched-192K 10 +VALUE Ascend-Data-Svc Switched-256K 11 +VALUE Ascend-Data-Svc Switched-320K 12 +VALUE Ascend-Data-Svc Switched-384K-MR 13 +VALUE Ascend-Data-Svc Switched-448K 14 +VALUE Ascend-Data-Svc Switched-512K 15 +VALUE Ascend-Data-Svc Switched-576K 16 +VALUE Ascend-Data-Svc Switched-640K 17 +VALUE Ascend-Data-Svc Switched-704K 18 +VALUE Ascend-Data-Svc Switched-768K 19 +VALUE Ascend-Data-Svc Switched-832K 20 +VALUE Ascend-Data-Svc Switched-896K 21 +VALUE Ascend-Data-Svc Switched-960K 22 +VALUE Ascend-Data-Svc Switched-1024K 23 +VALUE Ascend-Data-Svc Switched-1088K 24 +VALUE Ascend-Data-Svc Switched-1152K 25 +VALUE Ascend-Data-Svc Switched-1216K 26 +VALUE Ascend-Data-Svc Switched-1280K 27 +VALUE Ascend-Data-Svc Switched-1344K 28 +VALUE Ascend-Data-Svc Switched-1408K 29 +VALUE Ascend-Data-Svc Switched-1472K 30 +VALUE Ascend-Data-Svc Switched-1600K 31 +VALUE Ascend-Data-Svc Switched-1664K 32 +VALUE Ascend-Data-Svc Switched-1728K 33 +VALUE Ascend-Data-Svc Switched-1792K 34 +VALUE Ascend-Data-Svc Switched-1856K 35 +VALUE Ascend-Data-Svc Switched-1920K 36 +VALUE Ascend-Data-Svc Switched-inherited 37 +VALUE Ascend-Data-Svc Switched-restricted-bearer-x30 38 +VALUE Ascend-Data-Svc Switched-clear-bearer-v110 39 +VALUE Ascend-Data-Svc Switched-restricted-64-x30 40 +VALUE Ascend-Data-Svc Switched-clear-56-v110 41 +VALUE Ascend-Data-Svc Switched-modem 42 +VALUE Ascend-Data-Svc Switched-atmodem 43 +VALUE Ascend-Data-Svc Nailed-56KR 1 +VALUE Ascend-Data-Svc Nailed-64K 2 +VALUE Ascend-Force-56 Force-56-No 0 +VALUE Ascend-Force-56 Force-56-Yes 1 +VALUE Ascend-PW-Lifetime Lifetime-In-Days 0 +VALUE Ascend-PW-Warntime Days-Of-Warning 0 +VALUE Ascend-PPP-VJ-1172 PPP-VJ-1172 1 +VALUE Ascend-PPP-VJ-Slot-Comp VJ-Slot-Comp-No 1 +VALUE Ascend-Require-Auth Not-Require-Auth 0 +VALUE Ascend-Require-Auth Require-Auth 1 +VALUE Ascend-Token-Immediate Tok-Imm-No 0 +VALUE Ascend-Token-Immediate Tok-Imm-Yes 1 +VALUE Ascend-DBA-Monitor DBA-Transmit 0 +VALUE Ascend-DBA-Monitor DBA-Transmit-Recv 1 +VALUE Ascend-DBA-Monitor DBA-None 2 +VALUE Ascend-FR-Type Ascend-FR-DTE 0 +VALUE Ascend-FR-Type Ascend-FR-DCE 1 +VALUE Ascend-FR-Type Ascend-FR-NNI 2 +VALUE Ascend-FR-Link-Mgt Ascend-FR-No-Link-Mgt 0 +VALUE Ascend-FR-Link-Mgt Ascend-FR-T1-617D 1 +VALUE Ascend-FR-Link-Mgt Ascend-FR-Q-933A 2 +VALUE Ascend-FR-LinkUp Ascend-LinkUp-Default 0 +VALUE Ascend-FR-LinkUp Ascend-LinkUp-AlwaysUp 1 +VALUE Ascend-Multicast-Client Multicast-No 0 +VALUE Ascend-Multicast-Client Multicast-Yes 1 +VALUE Ascend-User-Acct-Type Ascend-User-Acct-None 0 +VALUE Ascend-User-Acct-Type Ascend-User-Acct-User 1 +VALUE Ascend-User-Acct-Type Ascend-User-Acct-User-Default 2 +VALUE Ascend-User-Acct-Base Base-10 0 +VALUE Ascend-User-Acct-Base Base-16 1 +VALUE Ascend-DHCP-Reply DHCP-Reply-No 0 +VALUE Ascend-DHCP-Reply DHCP-Reply-Yes 1 +VALUE Ascend-Client-Assign-DNS DNS-Assign-No 0 +VALUE Ascend-Client-Assign-DNS DNS-Assign-Yes 1 +VALUE Ascend-Event-Type Ascend-ColdStart 1 +VALUE Ascend-Event-Type Ascend-Session-Event 2 +VALUE Ascend-BACP-Enable BACP-No 0 +VALUE Ascend-BACP-Enable BACP-Yes 1 +VALUE Ascend-Dialout-Allowed Dialout-Not-Allowed 0 +VALUE Ascend-Dialout-Allowed Dialout-Allowed 1 +VALUE Ascend-Shared-Profile-Enable Shared-Profile-No 0 +VALUE Ascend-Shared-Profile-Enable Shared-Profile-Yes 1 +VALUE Ascend-Temporary-Rtes Temp-Rtes-No 0 +VALUE Ascend-Temporary-Rtes Temp-Rtes-Yes 1 diff --git a/radcli/dictionary.compat b/radcli/dictionary.compat new file mode 100644 index 0000000..64fc52f --- /dev/null +++ b/radcli/dictionary.compat @@ -0,0 +1,47 @@ +# +# Obsolete names for backwards compatibility with older users files. +# Move the $INCLUDE in the main dictionary file to the end if you want +# these names to be used in the "details" logfile. +# +ATTRIBUTE Client-Id 4 ipv4addr +ATTRIBUTE Client-Port-Id 5 integer +ATTRIBUTE User-Service-Type 6 integer +ATTRIBUTE Framed-Address 8 ipv4addr +ATTRIBUTE Framed-Netmask 9 ipv4addr +ATTRIBUTE Framed-Filter-Id 11 string +ATTRIBUTE Login-Host 14 ipv4addr +ATTRIBUTE Login-Port 16 integer +ATTRIBUTE Old-Password 17 string +ATTRIBUTE Port-Message 18 string +ATTRIBUTE Dialback-No 19 string +ATTRIBUTE Dialback-Name 20 string +ATTRIBUTE Challenge-State 24 string +VALUE Framed-Compression Van-Jacobsen-TCP-IP 1 +VALUE Framed-Compression VJ-TCP-IP 1 +VALUE Service-Type Shell-User 6 +VALUE Auth-Type Unix 1 +VALUE Service-Type Dialback-Login-User 3 +VALUE Service-Type Dialback-Framed-User 4 + +# +# For compatibility with MERIT users files. +# +ATTRIBUTE NAS-Port 5 integer +ATTRIBUTE Login-Host 14 ipv4addr +ATTRIBUTE Login-Callback-Number 19 string +ATTRIBUTE Framed-Callback-Id 20 string +ATTRIBUTE Client-Port-DNIS 30 string +ATTRIBUTE Caller-ID 31 string +VALUE Service-Type Login 1 +VALUE Service-Type Framed 2 +VALUE Service-Type Callback-Login 3 +VALUE Service-Type Callback-Framed 4 +VALUE Service-Type Exec-User 7 + +# +# For compatibility with ESVA RADIUS, Old Cistron RADIUS +# +ATTRIBUTE Session 1034 integer +ATTRIBUTE User-Name-Is-Star 1035 integer +VALUE User-Name-Is-Star No 0 +VALUE User-Name-Is-Star Yes 1 diff --git a/radcli/dictionary.merit b/radcli/dictionary.merit new file mode 100644 index 0000000..7d675e5 --- /dev/null +++ b/radcli/dictionary.merit @@ -0,0 +1,17 @@ +# +# Experimental extensions, configuration only (for check-items) +# Names/numbers as per the MERIT extensions (if possible). +# +ATTRIBUTE NAS-Identifier 32 string +ATTRIBUTE Proxy-State 33 string +ATTRIBUTE Login-LAT-Service 34 string +ATTRIBUTE Login-LAT-Node 35 string +ATTRIBUTE Login-LAT-Group 36 string +ATTRIBUTE Framed-AppleTalk-Link 37 integer +ATTRIBUTE Framed-AppleTalk-Network 38 integer +ATTRIBUTE Framed-AppleTalk-Zone 39 string +ATTRIBUTE Acct-Input-Packets 47 integer +ATTRIBUTE Acct-Output-Packets 48 integer +# 8 is a MERIT extension. +VALUE Service-Type Authenticate-Only 8 + diff --git a/radcli/dictionary.microsoft b/radcli/dictionary.microsoft new file mode 100644 index 0000000..67cc569 --- /dev/null +++ b/radcli/dictionary.microsoft @@ -0,0 +1,81 @@ +# +# Microsoft's VSA's, from RFC 2548 +# +# originally translated 2004/11/14 07:26:26 paulus +# + +VENDOR Microsoft 311 Microsoft + +ATTRIBUTE MS-CHAP-Response 1 string Microsoft +ATTRIBUTE MS-CHAP-Error 2 string Microsoft +ATTRIBUTE MS-CHAP-CPW-1 3 string Microsoft +ATTRIBUTE MS-CHAP-CPW-2 4 string Microsoft +ATTRIBUTE MS-CHAP-LM-Enc-PW 5 string Microsoft +ATTRIBUTE MS-CHAP-NT-Enc-PW 6 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Policy 7 string Microsoft +# This is referred to as both singular and plural in the RFC. +# Plural seems to make more sense. +ATTRIBUTE MS-MPPE-Encryption-Type 8 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Types 8 string Microsoft +ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft +ATTRIBUTE MS-CHAP-Domain 10 string Microsoft +ATTRIBUTE MS-CHAP-Challenge 11 string Microsoft +ATTRIBUTE MS-CHAP-MPPE-Keys 12 string Microsoft +ATTRIBUTE MS-BAP-Usage 13 integer Microsoft +ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft +ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft +ATTRIBUTE MS-MPPE-Send-Key 16 string Microsoft +ATTRIBUTE MS-MPPE-Recv-Key 17 string Microsoft +ATTRIBUTE MS-RAS-Version 18 string Microsoft +ATTRIBUTE MS-Old-ARAP-Password 19 string Microsoft +ATTRIBUTE MS-New-ARAP-Password 20 string Microsoft +ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft + +ATTRIBUTE MS-Filter 22 string Microsoft +ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft +ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft + +ATTRIBUTE MS-CHAP2-Response 25 string Microsoft +ATTRIBUTE MS-CHAP2-Success 26 string Microsoft +ATTRIBUTE MS-CHAP2-CPW 27 string Microsoft + +ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr Microsoft +ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr Microsoft +ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr Microsoft +ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr Microsoft + +#ATTRIBUTE MS-ARAP-Challenge 33 string Microsoft + + +# +# Integer Translations +# + +# MS-BAP-Usage Values + +VALUE MS-BAP-Usage Not-Allowed 0 +VALUE MS-BAP-Usage Allowed 1 +VALUE MS-BAP-Usage Required 2 + +# MS-ARAP-Password-Change-Reason Values + +VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1 +VALUE MS-ARAP-PW-Change-Reason Expired-Password 2 +VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3 +VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4 + +# MS-Acct-Auth-Type Values + +VALUE MS-Acct-Auth-Type PAP 1 +VALUE MS-Acct-Auth-Type CHAP 2 +VALUE MS-Acct-Auth-Type MS-CHAP-1 3 +VALUE MS-Acct-Auth-Type MS-CHAP-2 4 +VALUE MS-Acct-Auth-Type EAP 5 + +# MS-Acct-EAP-Type Values + +VALUE MS-Acct-EAP-Type MD5 4 +VALUE MS-Acct-EAP-Type OTP 5 +VALUE MS-Acct-EAP-Type Generic-Token-Card 6 +VALUE MS-Acct-EAP-Type TLS 13 + diff --git a/radcli/dictionary.roaringpenguin b/radcli/dictionary.roaringpenguin new file mode 100644 index 0000000..6b7e328 --- /dev/null +++ b/radcli/dictionary.roaringpenguin @@ -0,0 +1,21 @@ +# Roaring Penguin Vendor-Specific Attributes + +# Our vendor ID from IANA +VENDOR RoaringPenguin 10055 + +# +# Roaring Penguin vendor-specific attributes +# + +# Upstream speed limit in kb/s +ATTRIBUTE RP-Upstream-Speed-Limit 1 integer RoaringPenguin + +# Downstream speed limit in kb/s +ATTRIBUTE RP-Downstream-Speed-Limit 2 integer RoaringPenguin + +# Send a HURL +ATTRIBUTE RP-HURL 3 string RoaringPenguin + +# Send a MOTM +ATTRIBUTE RP-MOTM 4 string RoaringPenguin + diff --git a/radcli/dictionary.sip b/radcli/dictionary.sip new file mode 100644 index 0000000..c0d8570 --- /dev/null +++ b/radcli/dictionary.sip @@ -0,0 +1,77 @@ +# +# Updated 97/06/13 to livingston-radius-2.01 miquels@cistron.nl +# +# This file contains dictionary translations for parsing +# requests and generating responses. All transactions are +# composed of Attribute/Value Pairs. The value of each attribute +# is specified as one of 4 data types. Valid data types are: +# +# string - 0-253 octets +# ipv4addr - 4 octets in network byte order +# integer - 32 bit value in big endian order (high byte first) +# date - 32 bit value in big endian order - seconds since +# 00:00:00 GMT, Jan. 1, 1970 +# +# Enumerated values are stored in the user file with dictionary +# VALUE translations for easy administration. +# +# Example: +# +# ATTRIBUTE VALUE +# --------------- ----- +# Framed-Protocol = PPP +# 7 = 1 (integer encoding) +# + +# +# Experimental SIP Attributes/Values (draft-sterman-aaa-sip-00.txt etc) +# +ATTRIBUTE Sip-Method 101 integer +ATTRIBUTE Sip-Response-Code 102 integer +ATTRIBUTE Sip-CSeq 103 string +ATTRIBUTE Sip-To-Tag 104 string +ATTRIBUTE Sip-From-Tag 105 string +ATTRIBUTE Sip-Branch-ID 106 string +ATTRIBUTE Sip-Translated-Request-URI 107 string +ATTRIBUTE Sip-Source-IP-Address 108 ipv4addr +ATTRIBUTE Sip-Source-Port 109 integer +ATTRIBUTE Sip-User-ID 110 string +ATTRIBUTE Sip-User-Realm 111 string +ATTRIBUTE Sip-User-Nonce 112 string +ATTRIBUTE Sip-User-Method 113 string +ATTRIBUTE Sip-User-Digest-URI 114 string +ATTRIBUTE Sip-User-Nonce-Count 115 string +ATTRIBUTE Sip-User-QOP 116 string +ATTRIBUTE Sip-User-Opaque 117 string +ATTRIBUTE Sip-User-Response 118 string +ATTRIBUTE Sip-User-CNonce 119 string +ATTRIBUTE Sip-URI-User 208 string +ATTRIBUTE Sip-Req-URI 210 string +ATTRIBUTE Sip-CC 212 string +ATTRIBUTE Sip-RPId 213 string +ATTRIBUTE Digest-Response 206 string +ATTRIBUTE Digest-Attributes 207 string +ATTRIBUTE Digest-Realm 1063 string +ATTRIBUTE Digest-Nonce 1064 string +ATTRIBUTE Digest-Method 1065 string +ATTRIBUTE Digest-URI 1066 string +ATTRIBUTE Digest-QOP 1067 string +ATTRIBUTE Digest-Algorithm 1068 string +ATTRIBUTE Digest-Body-Digest 1069 string +ATTRIBUTE Digest-CNonce 1070 string +ATTRIBUTE Digest-Nonce-Count 1071 string +ATTRIBUTE Digest-User-Name 1072 string + +VALUE Service-Type SIP 15 + +VALUE Sip-Method Other 0 +VALUE Sip-Method Invite 1 +VALUE Sip-Method Cancel 2 +VALUE Sip-Method Ack 3 +VALUE Sip-Method Bye 4 + +VALUE Sip-Response-Code Other 0 +VALUE Sip-Response-Code Invite 1 +VALUE Sip-Response-Code Cancel 2 +VALUE Sip-Response-Code Ack 3 +VALUE Sip-Response-Code Bye 4 diff --git a/radcli/radiusclient.conf b/radcli/radiusclient.conf new file mode 100644 index 0000000..23c7867 --- /dev/null +++ b/radcli/radiusclient.conf @@ -0,0 +1,62 @@ +# RADIUS settings + +# The name to be used to identify this NAS (server). If set it will +# be used in NAS-Identifier field and will override any such setting +# by the application. +# +#nas-identifier my-server-name + +# Override the IP (or IPv6) address of the NAS. +#nas-ip 10.100.5.3 +#nas-ip ::1 + +# RADIUS server to use for authentication requests. +# optionally you can specify a the port number on which is remote +# RADIUS listens separated by a colon from the hostname. if +# no port is specified /etc/services is consulted of the radius +# service. if this fails also a compiled in default is used. +# For IPv6 addresses use the '[IPv6]:port:secret' format, or +# simply '[IPv6]'. You may specify more than a single server +# in a comma-separated list. +# +authserver localhost +#authserver 127.1.1.1:9999,172.17.0.1 + +# RADIUS server to use for accouting requests. All that is +# written for authserver applies, in acctserver as well. +# +acctserver localhost + +# File holding shared secrets used for the communication +# between the RADIUS client and server. When multiple +# server +servers /etc/radcli/servers + +# Dictionary of allowed attributes and values. That depends +# heavily on the features of your server. A default dictionary +# is installed in /usr/share/radcli/dictionary +dictionary /etc/radcli/dictionary + +# default authentication realm to append to all usernames if no +# realm was explicitly specified by the user +# the radiusd directly form Livingston doesnt use any realms, so leave +# it blank then +default_realm + +# time to wait for a reply from the RADIUS server +radius_timeout 10 + +# resend request this many times before trying the next server +radius_retries 3 + +# local address from which radius packets have to be sent +bindaddr * + +# Transport Protocol Support +# Available options - 'tcp', 'udp', 'tls' and 'dtls'. +# If commented out, udp will be used. +#serv-type udp + + +# To enable verbose debugging messages in syslog, enable the following +#clientdebug 1 diff --git a/radcli/servers b/radcli/servers new file mode 100644 index 0000000..50eddd3 --- /dev/null +++ b/radcli/servers @@ -0,0 +1,10 @@ +## Server Name or Client/Server pair Key +## ---------------- --------------- +# +#portmaster.elemental.net hardlyasecret +#portmaster2.elemental.net donttellanyone +# +## uncomment the following line for simple testing of radlogin +## with freeradius-server +# +#localhost/localhost testing123 diff --git a/rc0.d/K01icinga2 b/rc0.d/K01icinga2 new file mode 120000 index 0000000..005f4ff --- /dev/null +++ b/rc0.d/K01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc0.d/K01rpcbind b/rc0.d/K01rpcbind new file mode 120000 index 0000000..6c52e6f --- /dev/null +++ b/rc0.d/K01rpcbind @@ -0,0 +1 @@ +../init.d/rpcbind \ No newline at end of file diff --git a/rc1.d/K01icinga2 b/rc1.d/K01icinga2 new file mode 120000 index 0000000..005f4ff --- /dev/null +++ b/rc1.d/K01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc1.d/K01rpcbind b/rc1.d/K01rpcbind new file mode 120000 index 0000000..6c52e6f --- /dev/null +++ b/rc1.d/K01rpcbind @@ -0,0 +1 @@ +../init.d/rpcbind \ No newline at end of file diff --git a/rc2.d/S01icinga2 b/rc2.d/S01icinga2 new file mode 120000 index 0000000..005f4ff --- /dev/null +++ b/rc2.d/S01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc3.d/S01icinga2 b/rc3.d/S01icinga2 new file mode 120000 index 0000000..005f4ff --- /dev/null +++ b/rc3.d/S01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc4.d/S01icinga2 b/rc4.d/S01icinga2 new file mode 120000 index 0000000..005f4ff --- /dev/null +++ b/rc4.d/S01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc5.d/S01icinga2 b/rc5.d/S01icinga2 new file mode 120000 index 0000000..005f4ff --- /dev/null +++ b/rc5.d/S01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc6.d/K01icinga2 b/rc6.d/K01icinga2 new file mode 120000 index 0000000..005f4ff --- /dev/null +++ b/rc6.d/K01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc6.d/K01rpcbind b/rc6.d/K01rpcbind new file mode 120000 index 0000000..6c52e6f --- /dev/null +++ b/rc6.d/K01rpcbind @@ -0,0 +1 @@ +../init.d/rpcbind \ No newline at end of file diff --git a/rcS.d/S01rpcbind b/rcS.d/S01rpcbind new file mode 120000 index 0000000..6c52e6f --- /dev/null +++ b/rcS.d/S01rpcbind @@ -0,0 +1 @@ +../init.d/rpcbind \ No newline at end of file diff --git a/samba/gdbcommands b/samba/gdbcommands new file mode 100644 index 0000000..5774b9a --- /dev/null +++ b/samba/gdbcommands @@ -0,0 +1,2 @@ +bt +quit diff --git a/samba/smb.conf b/samba/smb.conf new file mode 100644 index 0000000..31b9080 --- /dev/null +++ b/samba/smb.conf @@ -0,0 +1,242 @@ +# +# Sample configuration file for the Samba suite for Debian GNU/Linux. +# +# +# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options most of which +# are not shown in this example +# +# Some options that are often worth tuning have been included as +# commented-out examples in this file. +# - When such options are commented with ";", the proposed setting +# differs from the default Samba behaviour +# - When commented with "#", the proposed setting is the default +# behaviour of Samba but the option is considered important +# enough to be mentioned here +# +# NOTE: Whenever you modify this file you should run the command +# "testparm" to check that you have not made any basic syntactic +# errors. + +#======================= Global Settings ======================= + +[global] + +## Browsing/Identification ### + +# Change this to the workgroup/NT-domain name your Samba server will part of + workgroup = WORKGROUP + +# server string is the equivalent of the NT Description field + server string = %h server (Samba, Ubuntu) + +#### Networking #### + +# The specific set of interfaces / networks to bind to +# This can be either the interface name or an IP address/netmask; +# interface names are normally preferred +; interfaces = 127.0.0.0/8 eth0 + +# Only bind to the named interfaces and/or networks; you must use the +# 'interfaces' option above to use this. +# It is recommended that you enable this feature if your Samba machine is +# not protected by a firewall or is a firewall itself. However, this +# option cannot handle dynamic or non-broadcast interfaces correctly. +; bind interfaces only = yes + + + +#### Debugging/Accounting #### + +# This tells Samba to use a separate log file for each machine +# that connects + log file = /var/log/samba/log.%m + +# Cap the size of the individual log files (in KiB). + max log size = 1000 + +# We want Samba to only log to /var/log/samba/log.{smbd,nmbd}. +# Append syslog@1 if you want important messages to be sent to syslog too. + logging = file + +# Do something sensible when Samba crashes: mail the admin a backtrace + panic action = /usr/share/samba/panic-action %d + + +####### Authentication ####### + +# Server role. Defines in which mode Samba will operate. Possible +# values are "standalone server", "member server", "classic primary +# domain controller", "classic backup domain controller", "active +# directory domain controller". +# +# Most people will want "standalone server" or "member server". +# Running as "active directory domain controller" will require first +# running "samba-tool domain provision" to wipe databases and create a +# new domain. + server role = standalone server + + obey pam restrictions = yes + +# This boolean parameter controls whether Samba attempts to sync the Unix +# password with the SMB password when the encrypted SMB password in the +# passdb is changed. + unix password sync = yes + +# For Unix password sync to work on a Debian GNU/Linux system, the following +# parameters must be set (thanks to Ian Kahan < for +# sending the correct chat script for the passwd program in Debian Sarge). + passwd program = /usr/bin/passwd %u + passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . + +# This boolean controls whether PAM will be used for password changes +# when requested by an SMB client instead of the program listed in +# 'passwd program'. The default is 'no'. + pam password change = yes + +# This option controls how unsuccessful authentication attempts are mapped +# to anonymous connections + map to guest = bad user + +########## Domains ########### + +# +# The following settings only takes effect if 'server role = primary +# classic domain controller', 'server role = backup domain controller' +# or 'domain logons' is set +# + +# It specifies the location of the user's +# profile directory from the client point of view) The following +# required a [profiles] share to be setup on the samba server (see +# below) +; logon path = \\%N\profiles\%U +# Another common choice is storing the profile in the user's home directory +# (this is Samba's default) +# logon path = \\%N\%U\profile + +# The following setting only takes effect if 'domain logons' is set +# It specifies the location of a user's home directory (from the client +# point of view) +; logon drive = H: +# logon home = \\%N\%U + +# The following setting only takes effect if 'domain logons' is set +# It specifies the script to run during logon. The script must be stored +# in the [netlogon] share +# NOTE: Must be store in 'DOS' file format convention +; logon script = logon.cmd + +# This allows Unix users to be created on the domain controller via the SAMR +# RPC pipe. The example command creates a user account with a disabled Unix +# password; please adapt to your needs +; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u + +# This allows machine accounts to be created on the domain controller via the +# SAMR RPC pipe. +# The following assumes a "machines" group exists on the system +; add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u + +# This allows Unix groups to be created on the domain controller via the SAMR +# RPC pipe. +; add group script = /usr/sbin/addgroup --force-badname %g + +############ Misc ############ + +# Using the following line enables you to customise your configuration +# on a per machine basis. The %m gets replaced with the netbios name +# of the machine that is connecting +; include = /home/samba/etc/smb.conf.%m + +# Some defaults for winbind (make sure you're not using the ranges +# for something else.) +; idmap config * : backend = tdb +; idmap config * : range = 3000-7999 +; idmap config YOURDOMAINHERE : backend = tdb +; idmap config YOURDOMAINHERE : range = 100000-999999 +; template shell = /bin/bash + +# Setup usershare options to enable non-root users to share folders +# with the net usershare command. + +# Maximum number of usershare. 0 means that usershare is disabled. +# usershare max shares = 100 + +# Allow users who've been granted usershare privileges to create +# public shares, not just authenticated ones + usershare allow guests = yes + +#======================= Share Definitions ======================= + +# Un-comment the following (and tweak the other settings below to suit) +# to enable the default home directory shares. This will share each +# user's home directory as \\server\username +;[homes] +; comment = Home Directories +; browseable = no + +# By default, the home directories are exported read-only. Change the +# next parameter to 'no' if you want to be able to write to them. +; read only = yes + +# File creation mask is set to 0700 for security reasons. If you want to +# create files with group=rw permissions, set next parameter to 0775. +; create mask = 0700 + +# Directory creation mask is set to 0700 for security reasons. If you want to +# create dirs. with group=rw permissions, set next parameter to 0775. +; directory mask = 0700 + +# By default, \\server\username shares can be connected to by anyone +# with access to the samba server. +# Un-comment the following parameter to make sure that only "username" +# can connect to \\server\username +# This might need tweaking when using external authentication schemes +; valid users = %S + +# Un-comment the following and create the netlogon directory for Domain Logons +# (you need to configure Samba to act as a domain controller too.) +;[netlogon] +; comment = Network Logon Service +; path = /home/samba/netlogon +; guest ok = yes +; read only = yes + +# Un-comment the following and create the profiles directory to store +# users profiles (see the "logon path" option above) +# (you need to configure Samba to act as a domain controller too.) +# The path below should be writable by all users so that their +# profile directory may be created the first time they log on +;[profiles] +; comment = Users profiles +; path = /home/samba/profiles +; guest ok = no +; browseable = no +; create mask = 0600 +; directory mask = 0700 + +[printers] + comment = All Printers + browseable = no + path = /var/spool/samba + printable = yes + guest ok = no + read only = yes + create mask = 0700 + +# Windows clients look for this share name as a source of downloadable +# printer drivers +[print$] + comment = Printer Drivers + path = /var/lib/samba/printers + browseable = yes + read only = yes + guest ok = no +# Uncomment to allow remote administration of Windows print drivers. +# You may need to replace 'lpadmin' with the name of the group your +# admin users are members of. +# Please note that you also need to set appropriate Unix permissions +# to the drivers directory for these users to have write rights in it +; write list = root, @lpadmin + diff --git a/sensors.d/.placeholder b/sensors.d/.placeholder new file mode 100644 index 0000000..e69de29 diff --git a/sensors3.conf b/sensors3.conf new file mode 100644 index 0000000..693a66b --- /dev/null +++ b/sensors3.conf @@ -0,0 +1,536 @@ +# libsensors configuration file +# ----------------------------- +# +# This default configuration file only includes statements which do not +# differ from one mainboard to the next. Only label, compute and set +# statements for internal voltage and temperature sensors are included. +# +# In general, local changes should not be added to this file, but rather +# placed in custom configuration files located in /etc/sensors.d. This +# approach makes further updates much easier. +# +# Such custom configuration files for specific mainboards can be found in +# "configs" directory of lm-sensors package. +# +# Please contribute back a configuration of your board so other users with +# the same hardware won't need to recreate it again and again. + +chip "lm78-*" "lm79-*" "lm80-*" "lm96080-*" + + label temp1 "M/B Temp" + + +chip "w83792d-*" + + label in0 "VcoreA" + label in1 "VcoreB" + label in6 "+5V" + label in7 "5VSB" + label in8 "Vbat" + + set in6_min 5.0 * 0.90 + set in6_max 5.0 * 1.10 + set in7_min 5.0 * 0.90 + set in7_max 5.0 * 1.10 + set in8_min 3.0 * 0.90 + set in8_max 3.0 * 1.10 + + +chip "w83793-*" + + label in0 "VcoreA" + label in1 "VcoreB" + label in7 "+5V" + label in8 "5VSB" + label in9 "Vbat" + + set in7_min 5.0 * 0.90 + set in7_max 5.0 * 1.10 + set in8_min 5.0 * 0.90 + set in8_max 5.0 * 1.10 + set in9_min 3.0 * 0.90 + set in9_max 3.0 * 1.10 + + +chip "w83795g-*" "w83795adg-*" + + label in12 "+3.3V" + label in13 "3VSB" + label in14 "Vbat" + + set in12_min 3.3 * 0.90 + set in12_max 3.3 * 1.10 + set in13_min 3.3 * 0.90 + set in13_max 3.3 * 1.10 + set in14_min 3.0 * 0.90 + set in14_max 3.3 * 1.10 + + +chip "via686a-*" + + label in0 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in4_min 12.0 * 0.90 + set in4_max 12.0 * 1.10 + + +chip "adm1025-*" "ne1619-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + label in5 "VCC" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 +# Depending on how your chip is hardwired, you may or may not have +# +12V readings. +# set in4_min 12.0 * 0.90 +# set in4_max 12.0 * 1.10 + + label temp1 "CPU Temp" + label temp2 "M/B Temp" + + +chip "lm87-*" "adm1024-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in4_min 12.0 * 0.90 + set in4_max 12.0 * 1.10 + + label temp1 "M/B Temp" + label temp2 "CPU Temp" + + +chip "it87-*" "it8712-*" "it8716-*" "it8718-*" "it8720-*" + + label in8 "Vbat" + + +chip "fscpos-*" "fscher-*" +#FSC "Hermes" + + label in0 "+12V" + label in1 "+5V" + label in2 "Vbat" + + label temp1 "CPU Temp" + label temp2 "M/B Temp" + label temp3 "Aux Temp" + + +chip "fscscy-*" +#FSC "Scylla" + + label in0 "+12V" + label in1 "+5V" + label in2 "+3.3V" + + label temp1 "CPU0 Temp" + label temp2 "CPU1 Temp" + label temp3 "M/B Temp" + label temp4 "Aux Temp" + + +chip "fschds-*" +# Fujitsu Technology Solutions, "Hades"-Chip + +# Temperatures + label temp1 "CPU Temp" + label temp2 "Super I/O Temp" + label temp3 "System Temp" + +# Fans + label fan1 "PSU Fan" + label fan2 "CPU Fan" + label fan3 "System FAN2" + label fan4 "System FAN3" + label fan5 "System FAN4" + +# Voltages + label in0 "+12V" + label in1 "+5V" + label in2 "Vbat" + +chip "fscsyl-*" +# Fujitsu Technology Solutions, "Syleus"-Chip + +# Temperatures + label temp1 "CPU Temp" + label temp4 "Super I/O Temp" + label temp5 "Northbridge Temp" + +# Fans + label fan1 "CPU Fan" + label fan2 "System FAN2" + label fan3 "System FAN3" + label fan4 "System FAN4" + label fan7 "PSU Fan" + +# Voltages + label in0 "+12V" + label in1 "+5V" + label in2 "Vbat" + label in3 "+3.3V" + label in5 "+3.3V-Aux" + +chip "vt1211-*" + + label in5 "+3.3V" + + label temp2 "SIO Temp" + + +chip "vt8231-*" + + label in5 "+3.3V" + + +chip "smsc47m192-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + label in5 "VCC" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in4_min 12.0 * 0.90 + set in4_max 12.0 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 + + label temp1 "SIO Temp" + + +chip "lm85-*" "lm85b-*" "lm85c-*" "adm1027-*" "adt7463-*" "adt7468-*" \ + "emc6d100-*" "emc6d102-*" "emc6d103-*" "emc6d103s-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 +# Depending on how your chip is hardwired, you may or may not have +# +12V readings. +# set in4_min 12.0 * 0.90 +# set in4_max 12.0 * 1.10 + + label temp2 "M/B Temp" + + +chip "emc6w201-*" + + label in2 "+3.3V" + label in3 "+5V" + + label temp6 "M/B Temp" + + +chip "pc87365-*" "pc87366-*" + +# Voltage inputs + + label in7 "3VSB" + label in8 "VDD" + label in9 "Vbat" + label in10 "AVDD" + + compute in7 @*2, @/2 + compute in8 @*2, @/2 + compute in10 @*2, @/2 + +# These are the operating conditions as recommended by National +# Semiconductor + set in7_min 3.0 + set in7_max 3.6 + set in8_min 3.0 + set in8_max 3.6 + set in10_min 3.0 + set in10_max 3.6 +# Depending on the hardware setup, the battery voltage may or may not +# be monitored. +# set in9_min 2.4 +# set in9_max 3.6 + + label temp3 "SIO Temp" + + set temp3_min 0 + set temp3_max 70 + set temp3_crit 85 + + +chip "adm1030-*" "adm1031-*" + + label temp1 "M/B Temp" + + +chip "w83627thf-*" + + label in3 "+5V" + label in7 "5VSB" + label in8 "Vbat" + + # Internal resistors + compute in3 @ * (1 + 34/51), @ / (1 + 34/51) + compute in7 @ * (1 + 34/51), @ / (1 + 34/51) + + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in7_min 5.0 * 0.90 + set in7_max 5.0 * 1.10 +# The battery voltage may or may not be monitored. +# set in8_min 3.0 * 0.90 +# set in8_max 3.0 * 1.10 + + +chip "w83627ehf-*" "w83627dhg-*" "w83667hg-*" "nct6775-*" "nct6776-*" \ + "nct6779-*" "nct6791-*" "nct6795-*" "nct6796-*" + + label in0 "Vcore" + label in2 "AVCC" + label in3 "+3.3V" + label in7 "3VSB" + label in8 "Vbat" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 3.3 * 0.90 + set in3_max 3.3 * 1.10 + set in7_min 3.3 * 0.90 + set in7_max 3.3 * 1.10 + set in8_min 3.0 * 0.90 + set in8_max 3.3 * 1.10 + + +chip "w83627uhg-*" + + label in2 "AVCC" + label in3 "+5V" + label in7 "5VSB" + label in8 "Vbat" + + set in2_min 5.0 * 0.90 + set in2_max 5.0 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in7_min 5.0 * 0.90 + set in7_max 5.0 * 1.10 + set in8_min 3.0 * 0.90 + set in8_max 3.3 * 1.10 + + +chip "f71805f-*" + + label in0 "+3.3V" + + set in0_min 3.3 * 0.90 + set in0_max 3.3 * 1.10 + + +chip "f71872f-*" + + label in0 "+3.3V" + label in9 "Vbat" + label in10 "3VSB" + + set in0_min 3.3 * 0.90 + set in0_max 3.3 * 1.10 + set in9_min 3.0 * 0.90 + set in9_max 3.0 * 1.10 + set in10_min 3.3 * 0.90 + set in10_max 3.3 * 1.10 + + +chip "k8temp-*" + + label temp1 "Core0 Temp" + label temp2 "Core0 Temp" + label temp3 "Core1 Temp" + label temp4 "Core1 Temp" + + +chip "dme1737-*" + + label in0 "5VSB" + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + label in5 "3VSB" + label in6 "Vbat" + + label temp2 "SIO Temp" + + set in0_min 5.0 * 0.90 + set in0_max 5.0 * 1.10 + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in4_min 12.0 * 0.90 + set in4_max 12.0 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 + set in6_min 3.0 * 0.90 + set in6_max 3.0 * 1.10 + + +chip "sch311x-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + label in5 "3VSB" + label in6 "Vbat" + + label temp2 "SIO Temp" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 + set in4_min 12.0 * 0.90 + set in4_max 12.0 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 + set in6_min 3.0 * 0.90 + set in6_max 3.0 * 1.10 + + +chip "sch5027-*" + + label in0 "5VSB" + label in1 "Vcore" + label in2 "+3.3V" + label in5 "3VSB" + label in6 "Vbat" + + label temp2 "SIO Temp" + + set in0_min 5.0 * 0.90 + set in0_max 5.0 * 1.10 + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 + set in6_min 3.0 * 0.90 + set in6_max 3.0 * 1.10 + + +chip "sch5127-*" + + label in2 "+3.3V" + label in5 "3VSB" + label in6 "Vbat" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in5_min 3.3 * 0.90 + set in5_max 3.3 * 1.10 + set in6_min 3.0 * 0.90 + set in6_max 3.0 * 1.10 + + +chip "f71808e-*" "f71808a-*" "f71862fg-*" "f71869-*" "f71869a-*" "f71882fg-*" \ + "f71889fg-*" "f71889ed-*" "f71889a-*" + + label in0 "+3.3V" + label in7 "3VSB" + label in8 "Vbat" + + compute in0 @*2, @/2 + compute in7 @*2, @/2 + compute in8 @*2, @/2 + + +chip "f71858fg-*" "f8000-*" + + label in0 "+3.3V" + label in1 "3VSB" + label in2 "Vbat" + + compute in0 @*2, @/2 + compute in1 @*2, @/2 + compute in2 @*2, @/2 + + +chip "f71868a-*" + + label in0 "+3.3V" + label in7 "3VSB" + label in8 "Vbat" + label in9 "5VSB" + + compute in0 @*2, @/2 + compute in7 @*2, @/2 + compute in8 @*2, @/2 + compute in9 @*3, @/3 + + +chip "f81865f-*" + + label in0 "+3.3V" + label in5 "3VSB" + label in6 "Vbat" + + compute in0 @*2, @/2 + compute in5 @*2, @/2 + compute in6 @*2, @/2 + + +chip "adt7473-*" "adt7475-*" + + label in2 "+3.3V" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + + label temp2 "Board Temp" + + +chip "adt7476-*" "adt7490-*" + + label in1 "Vcore" + label in2 "+3.3V" + label in3 "+5V" + label in4 "+12V" + + set in2_min 3.3 * 0.90 + set in2_max 3.3 * 1.10 + set in3_min 5.0 * 0.90 + set in3_max 5.0 * 1.10 +# Depending on how your ADT7476 is hardwired, you may or may not have +# +12V readings. +# set in4_min 12.0 * 0.90 +# set in4_max 12.0 * 1.10 + + label temp2 "M/B Temp" diff --git a/shadow b/shadow index 6c38d2f..8e12834 100644 --- a/shadow +++ b/shadow @@ -32,3 +32,5 @@ postfix:*:17952:0:99999:7::: dovecot:*:18036:0:99999:7::: dovenull:*:18036:0:99999:7::: tcpdump:*:18450:0:99999:7::: +nagios:!:18766:0:99999:7::: +_rpc:*:18766:0:99999:7::: diff --git a/shadow- b/shadow- index 6c38d2f..8e12834 100644 --- a/shadow- +++ b/shadow- @@ -32,3 +32,5 @@ postfix:*:17952:0:99999:7::: dovecot:*:18036:0:99999:7::: dovenull:*:18036:0:99999:7::: tcpdump:*:18450:0:99999:7::: +nagios:!:18766:0:99999:7::: +_rpc:*:18766:0:99999:7::: diff --git a/snmp/snmp.conf b/snmp/snmp.conf new file mode 100644 index 0000000..22fa775 --- /dev/null +++ b/snmp/snmp.conf @@ -0,0 +1,10 @@ +# As the snmp packages come without MIB files due to license reasons, loading +# of MIBs is disabled by default. If you added the MIBs you can reenable +# loading them by commenting out the following line. +mibs : + +# If you want to globally change where snmp libraries, commands and daemons +# look for MIBS, change the line below. Note you can set this for individual +# tools with the -M option or MIBDIRS environment variable. +# +# mibdirs /usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf diff --git a/systemd/system/multi-user.target.wants/icinga2.service b/systemd/system/multi-user.target.wants/icinga2.service new file mode 120000 index 0000000..563c749 --- /dev/null +++ b/systemd/system/multi-user.target.wants/icinga2.service @@ -0,0 +1 @@ +/lib/systemd/system/icinga2.service \ No newline at end of file diff --git a/systemd/system/multi-user.target.wants/rpcbind.service b/systemd/system/multi-user.target.wants/rpcbind.service new file mode 120000 index 0000000..41db64c --- /dev/null +++ b/systemd/system/multi-user.target.wants/rpcbind.service @@ -0,0 +1 @@ +/lib/systemd/system/rpcbind.service \ No newline at end of file diff --git a/systemd/system/sockets.target.wants/rpcbind.socket b/systemd/system/sockets.target.wants/rpcbind.socket new file mode 120000 index 0000000..c4a699b --- /dev/null +++ b/systemd/system/sockets.target.wants/rpcbind.socket @@ -0,0 +1 @@ +/lib/systemd/system/rpcbind.socket \ No newline at end of file -- 2.43.0