Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl -w
- ######################################
- # Info : Add User Nagios on st1monms2
- # Version : 1.0
- # Date : 7 luty 2012
- # Author : Lukasz Ciesluk
- # Help : http://pl.linkedin.com/in/lukaszciesluk/
- ######################################
- #
- # Run :
- # chmod +x AddUserNagios_st1monms2.pl
- # ./AddUserNagios_st1monms2.pl -h (for help)
- # ./AddUserNagios_st1monms2.pl -u <NEW_USERNAME> --username_db <DATABASE_USERNAME> --password_db <DATABASE_PASSWORD> --database <DATABASE_NAME>
- use strict;
- use warnings;
- use Getopt::Long;
- use DBI;
- use Tie::File;
- my $new_nagios_user = undef;
- my $username_db = undef;
- my $password_db = undef;
- my $database = undef;
- my $sql = undef;
- my $dbh = undef;
- my $help = undef;
- my $htpasswd_directory = "/opt/nagios/etc/";
- my $htpasswd_file = "htpasswd.users";
- my $nagios_cgi_directory = "/opt/nagios/etc/";
- my $nagios_cgi_cfg_file = "cgi.cfg";
- my @nagios_cgi_fields = ( 'authorized_for_all_services', 'authorized_for_all_hosts', 'authorized_for_read_only' );
- my $domain = "\@BANK.COM.PL";
- my $comma = ",";
- my $password_algorithm = "b64_sha1";
- my $password_user_merlin = "4insgmC8hl++J1uTcPVCtfo2uX0=";
- sub usage {
- print "$0 --u <new_nagios_user> --dbu <username_db> --dbp <password_db> --dbd <database>\n";
- }
- sub connect_db_merlin {
- $dbh = DBI->connect("dbi:mysql:database=$database;"."host=localhost;port=3306", $username_db, $password_db) || die "Nie mozna sie polaczyc do bazy: $DBI::errstr";
- }
- sub duplicate_htpasswd {
- my ($nagios_user_create) = @_;
- if (-d $htpasswd_directory) {
- chdir($htpasswd_directory) or die "Can not change directory to the $htpasswd_directory!";
- my $cat_user = `cat $htpasswd_file | grep $nagios_user_create`;
- if (length($cat_user) > 0) {
- print "User has record in $htpasswd_file file which may mean that user can exists. Exit program\n";
- exit;
- }
- tie my @array, 'Tie::File', $htpasswd_file or die "Reading file $htpasswd_file finished with an error : $!\n";
- my $monkey_index = index($array[-1], '@');
- my $domain_substring = substr($array[-1], $monkey_index, length($array[-1]));
- my $new_user_string = $nagios_user_create.$domain_substring;
- print "Adding record to $htpasswd_file file : $new_user_string\n";
- open (FILE, ">>$htpasswd_file") || die "Error opening file $htpasswd_file : $!\n";
- print FILE "$new_user_string\n";
- close FILE;
- } else {
- print "Catalog $htpasswd_directory does not exist. Exit program\n";
- exit;
- }
- }
- sub duplicate_st1monms2_cgi {
- my ($nagios_user_create) = @_;
- if (-d $nagios_cgi_directory) {
- chdir($nagios_cgi_directory) or die "Can not change directory to the $nagios_cgi_directory!";
- my $cat_user = `cat $nagios_cgi_cfg_file | grep $nagios_user_create`;
- if (length($cat_user) > 0) {
- print "User has record in $htpasswd_file file which may mean that user can exists. Exit program\n";
- exit;
- }
- open ( FILE, "$nagios_cgi_cfg_file" ) || die "Error opening file $nagios_cgi_cfg_file : $!\n";
- my @lines = <FILE>;
- for my $linia (@lines) {
- foreach my $field (@nagios_cgi_fields) {
- if($linia =~ /$field/){
- $linia =~ s/^\s+//;
- $linia =~ s/\s+$//;
- $linia =~ s/^\s+//;
- $linia =~ s/\s+$//;
- my @add_user_authorizate = `sed -i.bak -e s/$linia/$linia$comma$nagios_user_create$domain/g $nagios_cgi_cfg_file`;
- print @add_user_authorizate;
- print "Granted $field privilege to user $nagios_user_create\n";
- }
- }
- }
- close (FILE);
- } else {
- print "Catalog $nagios_cgi_directory does not exist. Exit program\n";
- exit;
- }
- }
- sub restart_nagios {
- my @restart = `mon restart`;
- print @restart;
- }
- sub merlin_db_operations {
- my ($nagios_user_create) = @_;
- print "Checking if user $nagios_user_create$domain exists in database already\n";
- my $sthUserExists = $dbh->prepare('select count(*) as ilosc from users where username = ?') || die "Database Select User Error $DBI::errstr";
- $sthUserExists->bind_param(1, $nagios_user_create.$domain);
- $sthUserExists->execute();
- my $ifexists = $sthUserExists->fetchrow_hashref();
- if ($ifexists->{ilosc} > 0) {
- print "User $nagios_user_create$domain exists! Interrupt program!\n";
- $dbh->disconnect();
- exit;
- } else {
- print "User $nagios_user_create$domain does not exist in database. Continuing.\n";
- }
- my $sth = $dbh->prepare('select max(id) as maxid from users') || die "Database Select Max ID Error $DBI::errstr";
- $sth->execute();
- my $result = $sth->fetchrow_hashref();
- my $new_user_id = $result->{maxid} + 1;
- print "Please give name of user (realname)\n";
- my $realname = <>;
- chomp ($realname);
- print "Please give e-mail address of user (e-mail)\n";
- my $email = <>;
- chomp ($email);
- my $sthUserTable = $dbh->prepare('insert into users(id, realname, email, username, password_algo, password) VALUES (?, ?, ?, ?, ?, ?)');
- $sthUserTable->bind_param(1, $new_user_id);
- $sthUserTable->bind_param(2, $realname);
- $sthUserTable->bind_param(3, $email);
- $sthUserTable->bind_param(4, $nagios_user_create.$domain);
- $sthUserTable->bind_param(5, $password_algorithm);
- $sthUserTable->bind_param(6, $password_user_merlin);
- $sthUserTable->execute();
- print "Added to Users table a user (username) : $nagios_user_create$domain with ID = $new_user_id\n";
- print "Selected algorithm for password : $password_algorithm and password : $password_user_merlin\n";
- print "Adding roles for user\n";
- my $sthRolesUsersTable = $dbh->prepare('insert into roles_users(user_id, role_id) VALUES (?, 1)');
- $sthRolesUsersTable->bind_param(1, $new_user_id);
- $sthRolesUsersTable->execute();
- print "Please answer for user roles : \n";
- print "Add system_information role ? (0 - no, 1 - yes)\n";
- my $system_information = <>;
- chomp ($system_information);
- print "Add configuration_information role ? (0 - no, 1 - yes)\n";
- my $configuration_information = <>;
- chomp ($configuration_information);
- print "Add system_commands role ? (0 - no, 1 - yes)\n";
- my $system_commands = <>;
- chomp ($system_commands);
- print "Add all_services role ? (0 - no, 1 - yes)\n";
- my $all_services = <>;
- chomp ($all_services);
- print "Add all_hosts role ? (0 - no, 1 - yes)\n";
- my $all_hosts = <>;
- chomp ($all_hosts);
- print "Add all_service_commands role ? (0 - no, 1 - yes)\n";
- my $all_service_commands = <>;
- chomp ($all_service_commands);
- print "Add all_host_commands role ? (0 - no, 1 - yes)\n";
- my $all_host_commands = <>;
- chomp ($all_host_commands);
- print "Adding roles for user $nagios_user_create\n";
- my $sthUserAuthorizationTable = $dbh->prepare('insert into ninja_user_authorization(user_id, system_information, configuration_information, system_commands, all_services, all_hosts, all_service_commands, all_host_commands)
- VALUES (?, ?, ?, ?, ?, ?, ?, ?)');
- $sthUserAuthorizationTable->bind_param(1, $new_user_id);
- $sthUserAuthorizationTable->bind_param(2, $system_information);
- $sthUserAuthorizationTable->bind_param(3, $configuration_information);
- $sthUserAuthorizationTable->bind_param(4, $system_commands);
- $sthUserAuthorizationTable->bind_param(5, $all_services);
- $sthUserAuthorizationTable->bind_param(6, $all_hosts);
- $sthUserAuthorizationTable->bind_param(7, $all_service_commands);
- $sthUserAuthorizationTable->bind_param(8, $all_host_commands);
- $sthUserAuthorizationTable->execute();
- }
- sub help {
- print "\nAdd User Nagios\n";
- usage();
- print <<EOT;
- --help
- print this help message
- --u --nagios_user=NAGIOS_USER
- new Nagios username e.g. test_user (without domain!)
- --dbu --username_db=DATABASE_USERNAME
- database username
- --dbp --password_db=DATABASE_PASSWORD
- database password
- --dbd --database=DATABASE_NAME
- database name
- Additional info : run script as a root!
- EOT
- }
- sub check_input {
- Getopt::Long::Configure ("bundling");
- GetOptions(
- 'help' => \$help,
- 'u=s' => \$new_nagios_user, 'nagios_user:s' => \$new_nagios_user,
- 'dbu=s' => \$username_db, 'username_db:s' => \$username_db,
- 'dbp=s' => \$password_db, 'password_db:s' => \$password_db,
- 'dbd=s' => \$database, 'database:s' => \$database
- );
- if ($help) { help(); exit; }
- if (!defined($new_nagios_user))
- { print "Put new username nagios to create! (-h for help)\n"; usage(); exit;}
- if (!defined($username_db) || !defined($password_db))
- { print "Put database login or password info! (-h for help)\n"; usage(); exit;}
- if (!defined($database))
- { print "Put database name! (-h for help)\n"; usage(); exit;}
- }
- ######### MAIN PROGRAM
- check_input();
- ######### Connect to merlin database
- print "Checking connection to database $database\n";
- connect_db_merlin();
- ######### Duplicate user field on <YOUR_NAGIOS_SERVER> in /opt/nagios/etc/htpasswd.users
- print "Duplicate user entry in file $htpasswd_directory$htpasswd_file\n";
- duplicate_htpasswd($new_nagios_user);
- ######### Adding authorization to file /opt/nagios/etc/cgi.cfg
- print "Adding authorizations for new user to file $nagios_cgi_directory$nagios_cgi_cfg_file\n";
- duplicate_st1monms2_cgi($new_nagios_user);
- ######### Restarting nagios
- print "Restarting nagios... please wait\n";
- restart_nagios();
- ######### Adding records to database
- print "Adding records to database\n";
- merlin_db_operations($new_nagios_user);
- ######### Disconnect from database
- print "Disconnect from database\n";
- $dbh->disconnect();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement