check_logins.c 9.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351
  1. /*=================================
  2. * check_logins - Nagios plugin
  3. * Copyright (C) 2003 Dag Robøle
  4. *
  5. * This program is free software; you can redistribute it and/or modify
  6. * it under the terms of the GNU General Public License as published by
  7. * the Free Software Foundation; either version 2 of the License, or
  8. * (at your option) any later version.
  9. *
  10. * This program is distributed in the hope that it will be useful,
  11. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. * GNU General Public License for more details.
  14. *
  15. * You should have received a copy of the GNU General Public License
  16. * along with this program; if not, write to the Free Software
  17. * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  18. *
  19. * Authors email: drobole@broadpark.no
  20. */
  21. //=================================
  22. #include <sys/types.h>
  23. #include <signal.h>
  24. #include <errno.h>
  25. #include <stdio.h>
  26. #include <stdlib.h>
  27. #include <unistd.h>
  28. #include <string.h>
  29. #include "config.h"
  30. #include "common.h"
  31. #include "utils.h"
  32. #include "popen.h"
  33. //=================================
  34. #define REVISION "$Revision$"
  35. #define COPYRIGHT "2003"
  36. #define AUTHOR "Dag Robole"
  37. #define EMAIL "drobole@broadpark.no"
  38. #define SUMMARY "Check for multiple user logins"
  39. #define check(func, errmsg) { if((func) == -1) die(STATE_UNKNOWN, errmsg); }
  40. #define checkz(func, errmsg) { if(!(func)) die(STATE_UNKNOWN, errmsg); }
  41. //=================================
  42. typedef struct USERNODE_TYP {
  43. char *name;
  44. char *host;
  45. struct USERNODE_TYP* next;
  46. } USERNODE;
  47. //=================================
  48. char *progname = NULL;
  49. USERNODE *userlist = NULL, *adminlist = NULL;
  50. int warning_limit = 0, critical_limit = 0;
  51. void print_usage();
  52. void print_help();
  53. void process_arguments(int argc, char* *argv);
  54. void parse_wholine(const char *line, char *name, char *host);
  55. void node_create(USERNODE* *node, const char *name, const char *host);
  56. void node_free(USERNODE* *node);
  57. USERNODE* list_insert_sort_uniq(USERNODE* *list, USERNODE* *node);
  58. void list_free(USERNODE* *list);
  59. void cleanup();
  60. //=================================
  61. int main(int argc, char* *argv)
  62. {
  63. FILE *who;
  64. USERNODE *newnode, *nptra, *nptrb;
  65. char buffer[BUFSIZ], username[BUFSIZ], hostname[BUFSIZ], *cptra, *cptrb;
  66. char max_login_name[BUFSIZ], currname[BUFSIZ];
  67. int max_login_count = 0, counter = 0, skip;
  68. void (*old_sig_alrm)();
  69. progname = argv[0];
  70. if(atexit(cleanup))
  71. die(STATE_UNKNOWN, "atexit failed\n");
  72. if((old_sig_alrm = signal((int)SIGALRM, timeout_alarm_handler)) == SIG_ERR)
  73. die(STATE_UNKNOWN, "signal failed\n");
  74. alarm(timeout_interval);
  75. process_arguments(argc, argv);
  76. checkz(who = spopen(PATH_TO_WHO), "spopen failed\n");
  77. while(fgets(buffer, sizeof(buffer), who) != NULL) {
  78. parse_wholine(buffer, username, hostname);
  79. skip = 0;
  80. nptra = adminlist;
  81. while(nptra != NULL) {
  82. if(!strcmp(nptra->name, username)) {
  83. skip = 1;
  84. break;
  85. }
  86. nptra = nptra->next;
  87. }
  88. if(!skip) {
  89. node_create(&newnode, username, hostname);
  90. if(!list_insert_sort_uniq(&userlist, &newnode))
  91. node_free(&newnode);
  92. }
  93. }
  94. check(spclose(who), "spclose failed\n");
  95. if(userlist != NULL) {
  96. nptra = userlist;
  97. strcpy(currname, nptra->name);
  98. strcpy(max_login_name, nptra->name);
  99. max_login_count = 1;
  100. while(nptra != NULL) {
  101. if(!strcmp(currname, nptra->name))
  102. ++counter;
  103. else {
  104. if(counter > max_login_count) {
  105. max_login_count = counter;
  106. strcpy(max_login_name, currname);
  107. }
  108. strcpy(currname, nptra->name);
  109. counter = 1;
  110. }
  111. nptra = nptra->next;
  112. }
  113. if(counter > max_login_count) {
  114. max_login_count = counter;
  115. strcpy(max_login_name, currname);
  116. }
  117. }
  118. if(signal((int)SIGALRM, old_sig_alrm) == SIG_ERR)
  119. die(STATE_UNKNOWN, "signal failed\n");
  120. if(max_login_count) {
  121. if(critical_limit && max_login_count >= critical_limit) {
  122. printf("CRITICAL - User %s has logged in from %d different hosts\n", max_login_name, max_login_count);
  123. return STATE_CRITICAL;
  124. }
  125. else if(warning_limit && max_login_count >= warning_limit) {
  126. printf("WARNING - User %s has logged in from %d different hosts\n", max_login_name, max_login_count);
  127. return STATE_WARNING;
  128. }
  129. }
  130. printf("OK - No users has exceeded the login limits\n");
  131. return STATE_OK;
  132. }
  133. //=================================
  134. void print_usage()
  135. {
  136. fprintf(stderr, "Usage: %s [ -hV ] [ -w limit ] [ -c limit ] [ -u username1, ... ,usernameN ]\n", progname);
  137. }
  138. //=================================
  139. void print_help()
  140. {
  141. print_revision(progname, REVISION);
  142. printf("Copyright (c) %s %s <%s>\n\n%s\n\n", COPYRIGHT, AUTHOR, EMAIL, SUMMARY);
  143. print_usage();
  144. printf("\nDescription:\n"
  145. "\tThis plugin supports the w (warning) and c (critical) options indicating the upper limits\n"
  146. "\tof logins allowed before a warning is given.\n"
  147. "\tThe output from %s is the username and number of login sessions for the user\n"
  148. "\twho has the most login sessions (from different hosts) running at a given point in time.\n"
  149. "\tThe u (users) option takes a comma separated list of usernames that will be ignored\n"
  150. "\twhile scannig users.\n"
  151. "\nOptions:\n"
  152. "\t-h | --help\n\t\tShow this help message and exit\n"
  153. "\t-V | --version\n\t\tShow version description\n"
  154. "\t-w | --warning=INTEGER\n\t\tSet warning limit for logins (minimum value is 2)\n"
  155. "\t-c | --critical=INTEGER\n\t\tSet critical limit for logins (minimum value is 2)\n"
  156. "\t-u | --users=STRING\n\t\tSet usernames to be ignored\n"
  157. "\nExamples:\n\t%s -w 3 -c 5\n"
  158. "\t%s -w 3 -c 5 -u root,guest,jcarmack\n\n", progname, progname, progname);
  159. }
  160. //=================================
  161. void process_arguments(int argc, char* *argv)
  162. {
  163. USERNODE *newnode;
  164. int optch;
  165. char buffer[BUFSIZ], *cptra;
  166. static struct option long_opts[] = {
  167. {"help", no_argument, 0, 'h'},
  168. {"version", no_argument, 0, 'V'},
  169. {"warning", required_argument, 0, 'w'},
  170. {"critical", required_argument, 0, 'c'},
  171. {"users", required_argument, 0, 'u'},
  172. {0, 0, 0, 0},
  173. };
  174. while((optch = getopt_long(argc, argv, "hVw:c:u:", long_opts, NULL)) != -1) {
  175. switch(optch) {
  176. case 'h':
  177. print_help();
  178. exit(STATE_OK);
  179. break;
  180. case 'V':
  181. print_revision(progname, REVISION);
  182. exit(STATE_OK);
  183. break;
  184. case 'w':
  185. if(!is_numeric(optarg)) {
  186. print_usage();
  187. die(STATE_UNKNOWN, "invalid options\n");
  188. }
  189. warning_limit = atoi(optarg) > 2 ? atoi(optarg) : 2;
  190. break;
  191. case 'c':
  192. if(!is_numeric(optarg)) {
  193. print_usage();
  194. die(STATE_UNKNOWN, "invalid options\n");
  195. }
  196. critical_limit = atoi(optarg) > 2 ? atoi(optarg) : 2;
  197. break;
  198. case 'u':
  199. strcpy(buffer, optarg);
  200. cptra = strtok(buffer, ",");
  201. while(cptra != NULL) {
  202. node_create(&newnode, cptra, "(adminhost)");
  203. list_insert_sort_uniq(&adminlist, &newnode);
  204. cptra = strtok(NULL, ",");
  205. }
  206. break;
  207. default:
  208. print_usage();
  209. exit(STATE_UNKNOWN);
  210. break;
  211. }
  212. }
  213. if(argc > optind) {
  214. print_usage();
  215. die(STATE_UNKNOWN, "invalid options\n");
  216. }
  217. if(!warning_limit && !critical_limit) {
  218. print_usage();
  219. die(STATE_UNKNOWN, "you must provide a limit for this plugin\n");
  220. }
  221. if(critical_limit && warning_limit > critical_limit) {
  222. print_usage();
  223. die(STATE_UNKNOWN, "warning limit must be less or equal critical limit\n");
  224. }
  225. }
  226. //=================================
  227. void parse_wholine(const char *line, char *name, char *host)
  228. {
  229. char buffer[BUFSIZ], *cptra, *cptrb, *display;
  230. strcpy(buffer, line);
  231. cptra = buffer;
  232. checkz(cptrb = (char*)strchr(buffer, ' '), "strchr failed\n");
  233. strncpy(name, cptra, cptrb-cptra);
  234. name[cptrb-cptra] = '\0';
  235. if((cptra = strchr(buffer, '(')) != NULL) // hostname found in source arg...
  236. {
  237. if(cptra[1] == ':') // local host
  238. strcpy(host, "(localhost)");
  239. else // extern host
  240. {
  241. checkz(cptrb = strchr(cptra, ')'), "strchr failed\n");
  242. cptrb++;
  243. strncpy(host, cptra, cptrb-cptra);
  244. host[cptrb-cptra] = '\0';
  245. }
  246. }
  247. else // no hostname in source arg, look in line arg...
  248. {
  249. checkz(cptra = strtok(buffer, " \t\r\n"), "strtok failed\n");
  250. checkz(cptra = strtok(NULL, " \t\r\n"), "strtok failed\n");
  251. if(cptra[0] == ':') // local host
  252. strcpy(host, "(localhost)");
  253. else // extern host
  254. sprintf(host, "(%s)", cptra);
  255. }
  256. if((cptra = strchr(host, ':')) != NULL) // remove display if any...
  257. strcpy(cptra, ")");
  258. }
  259. //=================================
  260. void node_create(USERNODE* *node, const char *name, const char *host)
  261. {
  262. checkz(*node = (USERNODE*)malloc(sizeof(USERNODE)), "malloc failed\n");
  263. checkz((*node)->name = (char*)malloc(strlen(name)+1), "malloc failed\n");
  264. checkz((*node)->host = (char*)malloc(strlen(host)+1), "malloc failed\n");
  265. (*node)->next = NULL;
  266. strcpy((*node)->name, name);
  267. strcpy((*node)->host, host);
  268. }
  269. //=================================
  270. void node_free(USERNODE* *node)
  271. {
  272. free((*node)->name);
  273. free((*node)->host);
  274. free(*node);
  275. *node = NULL;
  276. }
  277. //=================================
  278. USERNODE* list_insert_sort_uniq(USERNODE* *list, USERNODE* *node)
  279. {
  280. char n1[BUFSIZ], n2[BUFSIZ];
  281. USERNODE *last_nptr = NULL, *nptr = *list;
  282. if(*list == NULL)
  283. return(*list = *node);
  284. else {
  285. sprintf(n1, "%s %s", (*node)->name, (*node)->host);
  286. while(nptr != NULL) {
  287. sprintf(n2, "%s %s", nptr->name, nptr->host);
  288. if(!strcmp(n1, n2))
  289. return NULL;
  290. else if(strcmp(n1, n2) < 0) {
  291. if(last_nptr) {
  292. last_nptr->next = *node;
  293. (*node)->next = nptr;
  294. }
  295. else {
  296. (*node)->next = *list;
  297. *list = *node;
  298. }
  299. break;
  300. }
  301. else {
  302. last_nptr = nptr;
  303. nptr = nptr->next;
  304. }
  305. }
  306. if(nptr == NULL)
  307. last_nptr->next = *node;
  308. }
  309. return *node;
  310. }
  311. //=================================
  312. void list_free(USERNODE* *list)
  313. {
  314. USERNODE *doe, *nptr = *list;
  315. while(nptr != NULL) {
  316. doe = nptr;
  317. nptr = nptr->next;
  318. node_free(&doe);
  319. }
  320. *list = NULL;
  321. }
  322. //=================================
  323. void cleanup()
  324. {
  325. list_free(&userlist);
  326. list_free(&adminlist);
  327. }
  328. //=================================