check_portsindex_age - NRPE ports age check
I monitor the age of the file /usr/ports/INDEX-8 (or 7 or whatever the version of FreeBSD is running on the server) and trigger a warning if it is older than 14 days, and go critical if it is older than one month. I update ports nightly from /etc/crontab with the following portsnap commands:
#update ports 0 3 * * * root /usr/sbin/portsnap cron && /usr/sbin/portsnap -I update && /usr/local/sbin/portmaster -L > /tmp/check_portmaster.tmp
Note: The above /etc/crontab line will download the latest snapsnot and update the ports index files. The ports themselves will not be extracted. As explained in the portsnap manpage, it is a bad idea to automatically update /etc/ports - bad things will happen if you accidently update while installing something.
Note 2: The portmaster command at the end creates a text file called /tmp/check_portmaster.tmp which contains the output of the portmaster -L command. I use this textfile in the Nagios check check_portmaster to check the number of outdated ports.
Configuring Nagios
I added the following service to the configuration on the Nagios server:
define service{
use generic-service
hostgroup_name freebsd-servers,freebsd-jails
service_description nrpe_check_portsindex_age
check_command check_nrpe2!check_portsindex_age
}
I want all my FreeBSD servers and jails to have their ports age checked, so I added the hostgroup freebsd-servers and freebsd-jails to this check.
Configuring NRPE
Add the following line to /usr/local/etc/nrpe.cfg:
command[check_portsindex_age]=/usr/local/libexec/nagios/check_file_age -w 1209600 -c 2592000 -f /usr/ports/INDEX-7
1209600 seconds is 14 days, 2592000 is 30 days. Remember to use the correct INDEX-x file, in this example I am monitoring a FreeBSD 7 server.
Remember to restart NRPE after changing the config:
sudo /usr/local/etc/rc.d/nrpe2 restart
