From: Peter Palfrader <peter@palfrader.org>
Date: Sun, 8 Nov 2009 11:42:40 +0000 (+0100)
Subject: dsa-check-dabackup-server: Handle wildcard entries
X-Git-Url: https://wiki.adam-barratt.org.uk/gitweb/?a=commitdiff_plain;h=08275064a9658cc5efde9976917f897c1a775cb1;p=mirror%2Fdsa-nagios.git

dsa-check-dabackup-server: Handle wildcard entries

Handle wildcard entries  (via the new ssh wrapper) in the
authorized_keys files.  Such entries accept all backup-manager entries
for their host, but they do not require one.  As such we can just put
all the hosts in the authkeys file regardless of whether we actually
have backups configured for them.
---

diff --git a/dsa-nagios-checks/checks/dsa-check-dabackup-server b/dsa-nagios-checks/checks/dsa-check-dabackup-server
index c4e4884..8dba0c0 100755
--- a/dsa-nagios-checks/checks/dsa-check-dabackup-server
+++ b/dsa-nagios-checks/checks/dsa-check-dabackup-server
@@ -70,9 +70,13 @@ trap "rm -f '$rsync_targets' '$backup_manager_sources'" 0 1 2 5 15
 cat /root/.ssh/authorized_keys |
 	grep '^command=' |
 	sed -e 's/",no-por.*//' -e 's/.*--ignore-errors . //' -e 's#/org/backup.debian.org/staging/##' |
+	grep -v 'command="/usr/lib/da-backup/da-backup-ssh-wrap ' |
 	sort > "$rsync_targets"
-grep -h source /etc/da-backup-manager/* | 
+
+wildcard_hosts=`cat /root/.ssh/authorized_keys | grep 'command="/usr/lib/da-backup/da-backup-ssh-wrap ' | sed -e 's/.*da-backup-ssh-wrap \([a-z0-9.]*\)".*/\1/' | tr '\n' '|' | sed 's/|$//'`
+grep -h source /etc/da-backup-manager/* |
 	sed -e 's/source=//' |
+	egrep -v "^($wildcard_hosts)/" |
 	sort > "$backup_manager_sources"
 if ! diff "$rsync_targets" "$backup_manager_sources" > /dev/null; then
 	log warn
diff --git a/dsa-nagios-checks/debian/changelog b/dsa-nagios-checks/debian/changelog
index c323893..a485840 100644
--- a/dsa-nagios-checks/debian/changelog
+++ b/dsa-nagios-checks/debian/changelog
@@ -3,8 +3,13 @@ dsa-nagios-checks (8X) Xtable; urgency=low
   * dsa-check-mirrorsync: Handle case where we cannot parse a tracefile
     better (do not reference undefined values, properly exit with UNKNOWN).
   * dsa-check-mirrorsync: Fix counting of out-of-date mirrors.
+  * dsa-check-dabackup-server: Handle wildcard entries (via the new ssh
+    wrapper) in the authorized_keys files.  Such entries accept all
+    backup-manager entries for their host, but they do not require one.
+    As such we can just put all the hosts in the authkeys file regardless of
+    whether we actually have backups configured for them.
 
- -- Peter Palfrader <weasel@debian.org>  Mon, 02 Nov 2009 15:49:28 +0100
+ -- Peter Palfrader <weasel@debian.org>  Sun, 08 Nov 2009 12:41:29 +0100
 
 dsa-nagios-checks (83) stable; urgency=low