Archive

Archive for the ‘bash’ Category

Nagios NRPE wrapper to encode meta-characters

April 23, 2017 Leave a comment

The Nagios Remote Plugin Executor allows remote execution of Nagios check commands, which is a powerful tool for monitoring the health of the machines and services on your network.

If your remote commands take command line parameters, you might run into trouble regarding special characters, typically required in regular expressions and other values you might want to send across. To actually see the error on the target machine, you need to Create a Log File for NRPE.

If your command fails due to this kind of error, then read on:

Apr 6 18:06:58 somehost nrpe[somepid]: Error: Request contained illegal metachars!
Apr 6 18:06:58 somehost nrpe[somepid]: Client request was invalid, bailing out...

NRPE inspects the arguments for characters that have special meaning for typical Unix shells to prevent shell command injection. If it encounters any charcaters deemed unsafe the command execution is rejected and you will see the error message above.

Unfortunately NRPE does not provide a way to safely encode and decode the parameter values.

To work around this, I created a wrapper script for the check_nrpe command, let’s call it check_nrpe_urlencoded.sh. I chose url-encoding for its simplicity and familiarity. The goal is to be able to create Nagios command definitions like this:

$USER1$/custom_scripts/check_nrpe_urlencoded.sh -H $HOSTADDRESS$ -c my_remote_command -a '$ARG1$' '$ARG2$'

And the remote command would bedefined in /etc/nagios/nrpe.cfg or under in a custom file under /etc/nrpe.d/, depending on your Linux distribtion:

command[my_remote_command]=/path_to_my_custom_nrpe_plugins/my_remote_command.sh '$ARG1$' '$ARG2$'

Here is a possible implementation of check_nrpe_urlencoded.sh:

#! /bin/bash

command='/usr/lib/nagios/plugins/check_nrpe'
args='no'

urlencode() {
    old_lc_collate=$LC_COLLATE
    LC_COLLATE=C

    local length="${#1}"
    for (( i = 0; i < length; i++ )); do
        local c="${1:i:1}"
        case ${c} in
            [a-zA-Z0-9.~_-]) printf "$c" ;;
            *) printf '%%%02X' "'$c" ;;
        esac
    done

    LC_COLLATE=${old_lc_collate}
}

for x in "$@"; do
  if [ ${x} = '-a' ]; then
    args='yes';
  else
    if [ ${args} = 'yes' ]; then
       x=$(urlencode ${x})
    fi
  fi
  command="${command} ${x}"
done

# execute the check_nrpe with the encoded args:
${command}

In the remote shell script like my_remote_command.sh, you would then decode the arguments like this:

function urldecode() {
  local url_encoded="${1//+/ }"
  printf '%b' "${url_encoded//%/\\x}"
}
arg1="$(urldecode $1)"
arg2="$(urldecode $2)"

And then use the decoded arguments as before.

Categories: bash, coding Tags: ,

Summing up numeric values using bash

March 22, 2017 Leave a comment

For example to add up the disk usage at several disjoint locations:

me@box$ numfmt --to=iec $[$(du -s /home/*/docs | cut -f 1 | paste -sd+)]
101K

The $[..] is for arithmetic evaluation in bash.
Alternatively pipe to the bc command.

Categories: bash, coding

Convert mpc to mp3 on Linux

January 1, 2017 Leave a comment

You need the lame and mpcdec commands. On Debian, mpcdec is in the musepack-tools package:

sudo apt-get install lame musepack-tools

Then to convert all mpc files in the current directory to matchingly named mp3 files:

for x in *.mpc; do mpcdec "${x}" - | lame -r - "${x%.mpc}.mp3"; done
Categories: bash, coding, debian, linux, music

bash : Loop over lines in file with user prompt

December 8, 2016 Leave a comment

I used the following to loop over the lines in a file, while prompting the user for a key press on each iteration:

while read -u 3 line ; do 
  #clear the screen
  printf "\033c" 
  echo "$line"; echo

  # do something with the $line here

  read -n 1 -s -p "[Press any key to continue]"
done 3< "some-file.txt"

The reading of the lines is done via file descriptor 3 to avoid interference with the reading of the user’s key presses.

Categories: bash, coding Tags: ,

Determine which Tomcat version is running

August 6, 2016 7 comments

Determine process id

First we determine the process id(s) of the running Tomcat instance(s).

We can grep the running process list for ‘catalina.home’:

pgrep -f 'catalina.home'

This might yield more than one pid.

Or we can search by port (8080 is the default, adjust if necessary). The following commands will likely require root privileges:

lsof -t -i :8080

Alternatively, for example if lsof is not installed:

fuser 8080/tcp

Or yet another way, using netstat (or its “ss” replacement):

netstat -nlp | grep 8080
ss -nlp | grep 8080

Determine catalina.home

For the process id(s) determined above, we look at process details:

ps -o pid,uid,cmd -p [pidlist] | cat

For each specified pid, this shows the uid (system user) and the full command line of the process.

Typically the command line will contain something like “-Dcatalina.home=[path]” and that path is the catalina.home system property of the Java process.

Alternatively – with Java 7 and later – we can use the JDK command “jcmd” to query the JVM process for its system properties:

sudo -u [uid] jcmd [pid] VM.system_properties \
   | grep '^catalina.home' \
   | cut -f2 -d'='

Determine version

Now we can finally determine which Tomcat version is installed under the catalina.home path:

[catalina.home]/bin/catalina.sh version \
   | grep '^Server number:'

Note: Please replace [catalina.home] with the path you determined above.

The final output should be something like this:

Server number: 7.0.56.0

My favorite Free/Open Source Intellij Community plugins

July 28, 2016 Leave a comment

Retrieve “last modified” timestamp of web resource in UTC seconds

June 2, 2016 Leave a comment

This command line assumes that “${url}” is the URL of the web resource:

curl -s -I "${url}" | grep 'Last-Modified:' | cut -c 16- | date -f - +'%s'

It can be useful to check the freshness of a download URL before a GET request.

You could compare the result to the last-modified timestamp of a local file and only download the remote file if it is newer than the existing local one.

Categories: bash, coding Tags: , ,