File Coverage

blib/lib/OpenServices/SNMP/Plugin/Updates.pm

Criterion	Covered	Total	%
statement	9	11	81.8
branch			n/a
condition			n/a
subroutine	4	4	100.0
pod			n/a
total	13	15	86.6

line	stmt	sub	time	code
1				package OpenServices::SNMP::Plugin::Updates;
2
3	1	1	20481	use 5.006;
	1		6
4	1	1	8	use strict;
	1		3
	1		43
5	1	1	7	use warnings FATAL => 'all';
	1		7
	1		55
6
7	1	1	290	use NetSNMP::agent qw(:all);
	0
	0
8				use NetSNMP::ASN qw(:all);
9
10				use XML::XPath;
11
12				my $cache = {};
13
14				=head1 NAME
15
16				OpenServices::SNMP::Plugin::Updates - Expose pending security updates over SNMP
17
18				=head1 VERSION
19
20				Version 1.0.2
21
22				=cut
23
24				our $VERSION = '1.0.2';
25
26				=head1 BASE OID
27
28				NetSNMP::OID(".1.3.6.1.4.1.36425.256.2");
29
30				=cut
31
32				our $BASEOID = new NetSNMP::OID(".1.3.6.1.4.1.36425.256.2");
33
34
35				=head1 SYNOPSIS
36
37				Extend net-snmp agent to report pending security updates.
38
39				Currently supported distributions:
40				* GNU/Debian (apt-get)
41				* RHEL/Fedora/CentOS (yum)
42				* SLES/SLED/OpenSuSE (zypper)
43
44				To load the module in snmpd add the following line to snmpd.conf.
45
46				perl require OpenServices::SNMP::Plugin; OpenServices::SNMP::Plugin->init($agent);
47
48				Or use OpenServices::SNMP for a convenient loader.
49
50				It exposes the number of pending updates on the OID 1.3.6.1.4.1.36425.256.2 and each separate package with its name on OID
51				1.3.6.1.4.1.36425.256.2..
52
53				=head1 SUBROUTINES/METHODS
54
55				=head2 init
56
57				=cut
58
59				sub init {
60				my ($self, $agent) = @_;
61				if (!$agent) {
62				print STDERR "No \$agent defined\n";
63				print STDERR "Please check your snmp_perl.pl that should be included in your net-snmp distribution.\n";
64				exit 1;
65				}
66
67				printf STDERR "Registering %s handler.\n", __PACKAGE__;
68				# Prepopulate the cache.
69				check();
70				$agent->register(__PACKAGE__, $BASEOID, \&handler);
71				}
72
73				=head2 check
74
75				=cut
76
77				sub check {
78				my %distributions = (
79				'/usr/bin/apt-get' => sub {
80				my $output = qx/apt-get upgrade -s/;
81				my @packages;
82				foreach my $line (split /\n/, $output) {
83				if (my ($name, $version) = $line =~ /^Inst (\S+) \[\S+\] $(\S+) (?:Debian:security\|Debian-Security:\d+\/\w+) \[\S+\]$/) {
84				push @packages, "$name-$version";
85				}
86				}
87				return @packages;
88				},
89				'/usr/bin/zypper' => sub {
90				my $output = qx/zypper -x -n -A -q list-patches -g security/;
91				my $xp = XML::XPath->new(xml => $output);
92				my $nodeset = $xp->find('/stream/update-status/update-list/update[@category="security" and @pkgmanager="false"]');
93				return map {$_->getAttribute("name")} $nodeset->get_nodelist;
94				},
95				'/usr/bin/yum' => sub {
96				my $output = qx/yum list-security -y/;
97				my @packages;
98				foreach my $line (split /\n/, $output) {
99				if (my ($name) = $line =~ /^\w+-\d+[:-]\d+ \S+ (\S+)$/) {
100				push @packages, $name;
101				}
102				}
103				return @packages;
104				}
105				);
106				my $updates = {};
107				my $counter = 0;
108				foreach my $binary (keys %distributions) {
109				if (-e $binary) {
110				my @packages;
111				if (exists $cache->{$binary} && $cache->{$binary}->{last} > time() - 3600) {
112				@packages = @{$cache->{$binary}->{packages}};
113				} else {
114				@packages = sort $distributions{$binary}->();
115				$cache->{$binary} = {
116				last => time(),
117				packages => \@packages,
118				};
119				}
120				foreach (@packages) {
121				$updates->{$counter} = $_;
122				$counter++;
123				}
124				}
125				}
126				return $updates;
127				}
128
129				=head2 handler
130
131				=cut
132
133				sub handler {
134				my ($handler, $registration_info, $request_info, $requests) = @_;
135				my $request;
136
137				my $updates = check();
138
139				for($request = $requests; $request; $request = $request->next()) {
140				my $oid = $request->getOID();
141				if ($request_info->getMode() == MODE_GET) {
142				if ($oid == $BASEOID) {
143				$request->setValue(ASN_INTEGER, scalar keys %$updates);
144				} else {
145				foreach my $package_oid (sort {$a <=> $b} keys %$updates) {
146				if ($oid == $BASEOID + ".$package_oid") {
147				$request->setValue(ASN_OCTET_STR, $updates->{$package_oid});
148				}
149				}
150				}
151				} elsif ($request_info->getMode() == MODE_GETNEXT) {
152				if ($oid < $BASEOID) {
153				$request->setOID($BASEOID);
154				$request->setValue(ASN_INTEGER, scalar keys %$updates);
155				} else {
156				foreach my $package_oid (sort {$a <=> $b} keys %$updates) {
157				if ($oid < $BASEOID + ".$package_oid") {
158				$request->setOID($BASEOID + ".$package_oid");
159				$request->setValue(ASN_OCTET_STR, $updates->{$package_oid});
160				last;
161				}
162				}
163				}
164				}
165				}
166				}
167				=head1 AUTHOR
168
169				Michael Fladischer, C<< >>
170
171				=head1 BUGS
172
173				Please report any bugs or feature requests to C, or through
174				the web interface at L. I will be notified, and then you'll
175				automatically be notified of progress on your bug as I make changes.
176
177
178
179
180				=head1 SUPPORT
181
182				You can find documentation for this module with the perldoc command.
183
184				perldoc OpenServices::SNMP::Plugin::Updates
185
186
187				You can also look for information at:
188
189				=over 4
190
191				=item * RT: CPAN's request tracker (report bugs here)
192
193				L
194
195				=item * AnnoCPAN: Annotated CPAN documentation
196
197				L
198
199				=item * CPAN Ratings
200
201				L
202
203				=item * Search CPAN
204
205				L
206
207				=back
208
209
210				=head1 ACKNOWLEDGEMENTS
211
212
213				=head1 LICENSE AND COPYRIGHT
214
215				Copyright 2014 Michael Fladischer.
216
217				This program is free software; you can redistribute it and/or modify it
218				under the terms of the the Artistic License (2.0). You may obtain a
219				copy of the full license at:
220
221				L
222
223				Any use, modification, and distribution of the Standard or Modified
224				Versions is governed by this Artistic License. By using, modifying or
225				distributing the Package, you accept this license. Do not use, modify,
226				or distribute the Package, if you do not accept this license.
227
228				If your Modified Version has been derived from a Modified Version made
229				by someone other than you, you are nevertheless required to ensure that
230				your Modified Version complies with the requirements of this license.
231
232				This license does not grant you the right to use any trademark, service
233				mark, tradename, or logo of the Copyright Holder.
234
235				This license includes the non-exclusive, worldwide, free-of-charge
236				patent license to make, have made, use, offer to sell, sell, import and
237				otherwise transfer the Package with respect to any patent claims
238				licensable by the Copyright Holder that are necessarily infringed by the
239				Package. If you institute patent litigation (including a cross-claim or
240				counterclaim) against any party alleging that the Package constitutes
241				direct or contributory patent infringement, then this Artistic License
242				to you shall terminate on the date that such litigation is filed.
243
244				Disclaimer of Warranty: THE PACKAGE IS PROVIDED BY THE COPYRIGHT HOLDER
245				AND CONTRIBUTORS "AS IS' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES.
246				THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
247				PURPOSE, OR NON-INFRINGEMENT ARE DISCLAIMED TO THE EXTENT PERMITTED BY
248				YOUR LOCAL LAW. UNLESS REQUIRED BY LAW, NO COPYRIGHT HOLDER OR
249				CONTRIBUTOR WILL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR
250				CONSEQUENTIAL DAMAGES ARISING IN ANY WAY OUT OF THE USE OF THE PACKAGE,
251				EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
252
253
254				=cut
255
256				1; # End of OpenServices::SNMP::Plugin::Updates