[checkmk-commits] Check_MK Git: check_mk: multisite_to_mrpe: allow basic auth,

quote secret correctly Message-ID: &lt;50ed8cfe.m0+ZuJSOdjrU3GRc%mk(a)mathias-kettner.de&gt; User-Agent: Heirloom mailx 12.4 7/29/08 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Module: check_mk Branch: master Commit: 48d486c850332488d886c433f75387577b80e4a8 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=48d486c8503324… Author: Mathias Kettner &lt;mk(a)mathias-kettner.de&gt; Date: Wed Jan 9 16:29:49 2013 +0100 multisite_to_mrpe: allow basic auth, quote secret correctly --- doc/treasures/multisite_to_mrpe | 84 +++++++++++++++++++++++++-------------- 1 files changed, 54 insertions(+), 30 deletions(-) diff --git a/doc/treasures/multisite_to_mrpe b/doc/treasures/multisite_to_mrpe index 9274880..4289bee 100755 --- a/doc/treasures/multisite_to_mrpe +++ b/doc/treasures/multisite_to_mrpe @@ -32,7 +32,7 @@ # "$OMD_ROOT/local/lib/multisite_to_mrpe --secret dasistgeheim --url http://localhost/remote/check_mk/ <HOST>" # -import os, sys, getopt, time, urllib +import os, sys, getopt, time, urllib, subprocess omd_site = os.getenv("OMD_SITE") omd_root = os.getenv("OMD_ROOT") @@ -50,7 +50,7 @@ def verbose(text): sys.stdout.write(text + "\n") def usage(): - sys.stdout.write("""Usage: multisite_to_mrpe [OPTIONS] HOST + sys.stdout.write("""Usage: multisite_to_mrpe -U URL {-P PASSWORD|-S SECRET} [OPTIONS] HOST This program is intended to be used as a datasource program. It fetches the current state of all services of a host @@ -62,21 +62,24 @@ URL is the /check_mk/ e.g. http://someserver.abc/prod/check_mk/ Options: - -h, --help Show this help and exit - -v, --verbose Show what's going on - -u, --user U Name of automation user (default: "automation") - -U, --url U Multisite URL of the remote server including - -S, --secret S Automation secret (default: public) - --debug Let Python exceptions come through + -h, --help Show this help and exit + -v, --verbose Show what's going on + -u, --user U Name of automation user (default: "automation") + -U, --url U Multisite URL of the remote server including + -S, --secret S Automation secret (default: public) + -P, --password P Use HTTP password P (when using BasicAuth, no Cookies) + --debug Let Python exceptions come through + """) -short_options = 'hvu:U:S:' -long_options = [ "help", "verbose", "user=", "url=", "secret=", "debug" ] +short_options = 'hvu:U:S:P:' +long_options = [ "help", "verbose", "user=", "url=", "secret=", "debug", "password=" ] opt_verbose = False opt_user = "automation" opt_secret = None +opt_password = None opt_url = None opt_debug = False @@ -105,18 +108,13 @@ for o,a in opts: opt_user = a elif o in [ '-S', '--secret']: opt_secret = a + elif o in [ '-P', '--password']: + opt_password = a elif o in [ '-U', '--url']: opt_url = a -if omd_site and not opt_secret: - try: - opt_secret = file(omd_root + "/var/check_mk/web/" + opt_user - + "/automation.secret").read().strip() - except Exception, e: - if opt_debug: - raise - bail_out("Cannot read automation secret from user %s: %s" % - (opt_user, e)) +if not opt_secret and not opt_password: + bail_out("You must specify either -P or -S.") if not opt_url: bail_out("Please specify the URL to Check_MK Multisite with -U.") @@ -129,31 +127,57 @@ if not args: arg_host = args[0] -verbose("Host: " + arg_host) -verbose("Multisite-URL: " + opt_url) -verbose("User: " + opt_user) -verbose("Secret: " + opt_secret) +verbose("Host: " + arg_host) +verbose("Multisite-URL: " + opt_url) +verbose("User: " + opt_user) +if opt_secret: + verbose("Authentication: Cookies") + verbose("Secret: " + opt_secret) +else: + verbose("Authentication: HTTP BasicAuth") + verbose("Password: " + opt_password) + def make_url(base, variables): - vartext = "&".join([ "%s=%s" % e for e in variables ]) - return base + "?" + vartext + return base + "?" + urllib.urlencode(variables) variables = [ - ( "_username", opt_user ), - ( "_secret", opt_secret ), ( "host", arg_host ), ( "view_name", "host_export" ), ( "output_format", "python" ), ] +if opt_secret: + variables += [ + ( "_username", opt_user ), + ( "_secret", opt_secret ) + ] url = make_url(opt_url + "view.py", variables) -verbose("URL: " + url) +verbose("URL: " + url) + try: - pipe = urllib.urlopen(url) - answer = pipe.read() + arguments = [ 'curl', '--silent', '--insecure', ] + if opt_password: + arguments.append('--user') + arguments.append("%s:%s" % (opt_user, opt_password)) + else: + arguments.append(opt_user) + arguments.append(url) + verbose("Calling: " + " ".join(arguments)) + + + process = subprocess.Popen(arguments, executable='curl', stdout=subprocess.PIPE) + answer, stderrdata = process.communicate() + result = process.wait() + print result if answer.startswith("ERROR:"): bail_out("Error response from remote Multisite: %s" % answer[7:]) + try: + parsed = eval(answer) + except: + bail_out("Invalid response from Multisite: %s\n" % answer) + services = convert_from_multisite(eval(answer)) except Exception, e: if opt_debug: