ARGUS Pool User to Certificate WebUI


Written by

As previously mentioned, I have written a nasty bash script to get the user certificate DN for a given username in ARGUS.

This is a step further, it is a WebUI that is seeded by data updated via a script in a cronjob on ARGUS, it requires a shared filesystem (in this case, /mt/admin or it requires ARGUS to have PHP and a WebServer.

The latest files are on github.

It depends on the following:

HTTPD (Apache/Nginx), PHP, PHP-LDAP, ARGUS

The bash/shell script is run on argus to produce an output, every 30minutes should suffice.

The web files only need access to the output file created by the shell script along with a basic webserver running php and php-ldap.

The search box at the top, if it correctly loads all required javascript allows users to search the table beneath, including partial searching.

A table displaying ARGUS Pool users and Certificates

 

ARGUS Pool User to Certificate


Written by

This is a nasty short bash script to get the certificate DN for a given grid pool user from ARGUS grid map directory.

Get the script from github.

To use it just do the following:

user@computer:$ argus_user_cert.sh <username>

to return

User pheno071 Certificate Details:
%2fc%3duk%2fo%3descience%2fou%3ddurham%2fl%3descience%2fcn%3dadam%20boutcher:pheno pheno071

The script was written very quickly and I don’t recommend using it in production or as part of a larger system, so use it at your own risk.

Simple Disk Pool Manager (DPM) Nagios Test


Written by

There are several DPM testing tools and a suite of DPM nagios plugins (see the monitoring docs) but these utilise NRPE and are relatively complex compared the the quick and useful DPM-Tester.py

This is a script that wraps that test tool for nagios; the original test script doesn’t exit with any exit codes, so it is grep’ing for the word fail and counting the number of lines, it is also checking to see if the script seg faults as it does randomly seg fault if a proxy isn’t set.

This assumes you have half a clue of what you’re doing and are running the script on the nagios host, a host certificate with the appropriate permissions in DPM and a passwordless key.

The latest version of this script can be found on github

 

#!/bin/bash
# Nagios Plugin Wrapper for checking DPM
# Adam Boutcher - May 2017 - GPLv3
#   I would suggest reading this script and implementing your own version of it.
#   Put your host certificate &amp; key in /etc/nagios/ and 400 it to nagios.
#   Add a Grid Map for this host certiciate to your DPM Test PATH on your DPM Server.
#   requires dpm-tester.py

if [[ -z "$1" ]]; then
echo "No Arguments Supplied"
echo "Check --usage for usaged details."
exit 1
elif [ $1 = "-u" ] || [ $1 = "--help" ] || [ $1 = "--usage" ]; then
echo "check_dpm Super Simple DPM tester for Nagios - I personally wouldn't use it."
echo "Usage:"
echo "-h --host Hostname"
echo "-t --test Test [davs, root, gsiftp, combined]"
echo "-p --path Path to test"
echo " --help Same as -u --usage"
echo "-u --usage This screen"
exit 0
else
while [[ $# -gt 1 ]]
do
key="$1"

case $key in
-h|--host)
DHOST="$2"
shift
;;
-t|--test)
DTEST="$2"
shift
;;
-p|--path)
DPATH="$2"
shift
;;
*)
echo "Wrong Arguments Supplied."
echo "Check --usage for usaged details."
exit 1
;;
esac
shift
done
# Get a Proxy from host cert - chmod 400 these files and own it by your nagios user.
# Only renew if it's expired
export X509_USER_CERT=/etc/nagios/hostcert.pem
export X509_USER_KEY=/etc/nagsu ios/hostkey.pem
SECPROX=$(arcproxy -i validityEnd)
SECNOW=$(date +%s --date "30 seconds")
if [ $SECPROX -le $SECNOW ]; then
arcproxy &gt;/dev/null 2&gt;&amp;1
fi

DIFF=$(dpm-tester.py --host ${DHOST} --path ${DPATH} --tests ${DTEST} --cleanup | grep -i FAIL | wc -l)

# Test for the number of FAIL lines counted OR segfault Exit code (dpm-tester.py hasn't got exit codes implemented)
if [[ "$DIFF" &gt; "0" || "$?" &gt; "0" ]]; then
OUTPUT=$(dpm-tester.py --host ${DHOST} --path ${DPATH} --tests ${DTEST} --cleanup | tail -n1)
echo "CRITICAL - DPM ${DTEST} - ${OUTPUT}";
exit 2;
else
echo "OK - DPM ${DTEST}";
exit 0;
fi
fi

Windows & LLDP


Written by

After spending countless hours tracing network cables around my workplace to figure out what switch port they go into, I finaly gave in and looked for a little LLDP tool, I was wanting something small and simple much like lldpd mentioned in my previous post.

I have found a neat little tool called LDWin that collects LLDP and CDP information; its small and simple and only requires admin access to listen on the interface. Great if you’ve got LLDP setup on your network switches and can save precious time tracing messy patch cabling.LDWin

Linux Servers & LLDP


Written by

If you’ve ever tried to locate a server’s uplink port on a switch then you’ve probably wondered why there isnt CDP/LLDP being utilised within the server networking world, well there are a few implementations but the easiest I’ve used is lldpd

Just run the following command once installed and you get a lovely simple output.

user@computer:$ lldpctl
-------------------------------------------------------------------------------
LLDP neighbors:
-------------------------------------------------------------------------------
Interface: eth0, via: LLDP, RID: 1, Time: 0 day, 00:32:05
Chassis:
ChassisID: mac 00:xx:xx:xx:61:52
Port:
PortID: ifname ge.1.40
-------------------------------------------------------------------------------