Module: check_mk
Branch: master
Commit: cc73d1321b3c2cdf8df47a268ffef933db90b033
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=cc73d1321b3c2c…
Author: Bernd Stroessenreuther <bs(a)mathias-kettner.de>
Date: Thu Mar 20 12:22:22 2014 +0100
EMC VNX: special agent can alternatively authenticate via security files
If you leave user name and password empty, the special agent tries to
authenticate against the EMC VNX device by Security Files.
These need to be created manually before using. Therefor run as
instance user (if using OMD) or Nagios user (if not using OMD)
a command like
<tt>naviseccli -AddUserSecurity -scope 0 -password PASSWORD -user USER</tt>
This creates <tt>SecuredCLISecurityFile.xml</tt> and
<tt>SecuredCLIXMLEncrypted.key</tt> in the home directory of the user
and these files are used then.
---
.werks/706 | 16 ++++++++++++++++
ChangeLog | 1 +
agents/special/agent_emcvnx | 13 ++++++++++++-
checks/agent_emcvnx | 6 ++++--
web/plugins/wato/datasource_programs.py | 14 ++++++++++++--
5 files changed, 45 insertions(+), 5 deletions(-)
diff --git a/.werks/706 b/.werks/706
new file mode 100644
index 0000000..17969b3
--- /dev/null
+++ b/.werks/706
@@ -0,0 +1,16 @@
+Title: EMC VNX: special agent can alternatively authenticate via security files
+Level: 1
+Component: checks
+Version: 1.2.5i1
+Date: 1395314250
+Class: feature
+
+If you leave user name and password empty, the special agent tries to
+authenticate against the EMC VNX device by Security Files.
+These need to be created manually before using. Therefor run as
+instance user (if using OMD) or Nagios user (if not using OMD)
+a command like
+<tt>naviseccli -AddUserSecurity -scope 0 -password PASSWORD -user USER</tt>
+This creates <tt>SecuredCLISecurityFile.xml</tt> and
+<tt>SecuredCLIXMLEncrypted.key</tt> in the home directory of the user
+and these files are used then.
diff --git a/ChangeLog b/ChangeLog
index 27b8ef6..e7cd1a0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -115,6 +115,7 @@
* 0716 Add Linux caching agent also to normal agent RPM...
* 0594 dell_poweredge_netdev: new check to monitor the status of network devices on
Dells Poweredge Servers
* 0733 mem, solaris_mem: now able to configure amount of free memory...
+ * 0706 EMC VNX: special agent can alternatively authenticate via security files...
* 0103 FIX: services: Fixed bug with service inventory defined in main.mk...
* 0299 FIX: borcade_mlx_fan: Prettified output, handling "other" state now
* 0300 FIX: cisco_fru_power: Trying not to inventorize not plugged in FRUs...
diff --git a/agents/special/agent_emcvnx b/agents/special/agent_emcvnx
index 35e5e89..7394f23 100755
--- a/agents/special/agent_emcvnx
+++ b/agents/special/agent_emcvnx
@@ -58,6 +58,13 @@ OPTIONS:
-h, --help Show this help message and exit
-u USER, --user USER Username for EMC VNX login
-p PASSWORD, --password PASSWORD Password for EMC VNX login
+
+ If you do not give USER and PASSWORD:
+ We try to use naviseccli with security files.
+ These need to be created in advance by running as
+ the instance user:
+ naviseccli -AddUserSecurity -scope 0 -password PASSWORD
-user USER
+
--debug Debug mode: write some debug messages,
let Python exceptions come through
@@ -156,7 +163,11 @@ except ValueError:
# fetch information by calling naviseccli
#############################################################################
-basecmd="naviseccli -h %s -User %s -Password '%s' -Scope 0 " %
(host_address, user, password)
+if (user == None or user == '') and (password == None or password ==
''):
+ # try using security files
+ basecmd="naviseccli -h %s -Scope 0 " % host_address
+else:
+ basecmd="naviseccli -h %s -User %s -Password '%s' -Scope 0 " %
(host_address, user, password)
#
# check_mk section of agent output
diff --git a/checks/agent_emcvnx b/checks/agent_emcvnx
index 683afa3..7570b0c 100644
--- a/checks/agent_emcvnx
+++ b/checks/agent_emcvnx
@@ -26,8 +26,10 @@
def agent_emcvnx_arguments(params, hostname, ipaddress):
args = ''
- args += " -u " + quote_shell_string(params["user"])
- args += " -p " + quote_shell_string(params["password"])
+ if params["user"] != "":
+ args += " -u " + quote_shell_string(params["user"])
+ if params["password"] != "":
+ args += " -p " + quote_shell_string(params["password"])
args += " -i " + ",".join(params["infos"])
args += " " + quote_shell_string(ipaddress)
diff --git a/web/plugins/wato/datasource_programs.py
b/web/plugins/wato/datasource_programs.py
index 97c55de..c4d51d0 100644
--- a/web/plugins/wato/datasource_programs.py
+++ b/web/plugins/wato/datasource_programs.py
@@ -186,13 +186,23 @@ register_rule(group,
( "user",
TextAscii(
title = _("EMC VNX admin user name"),
- allow_empty = False,
+ allow_empty = True,
+ help = _("If you leave user name and password empty, the special
agent tries to "
+ "authenticate against the EMC VNX device by Security
Files. "
+ "These need to be created manually before using. Therefor
run as "
+ "instance user (if using OMD) or Nagios user (if not
using OMD) "
+ "a command like "
+ "<tt>naviseccli -AddUserSecurity -scope 0 -password
PASSWORD -user USER</tt> "
+ "This creates
<tt>SecuredCLISecurityFile.xml</tt> and "
+ "<tt>SecuredCLIXMLEncrypted.key</tt> in the
home directory of the user "
+ "and these files are used then."
+ ),
)
),
( "password",
Password(
title = _("EMC VNX admin user password"),
- allow_empty = False,
+ allow_empty = True,
)
),
( "infos",