nix-config/ansible/roles/elnappo.check_mk_agent/files/plugins/jar_signature

53 lines
2.3 KiB
Bash
Executable File

#!/bin/bash
# +------------------------------------------------------------------+
# | ____ _ _ __ __ _ __ |
# | / ___| |__ ___ ___| | __ | \/ | |/ / |
# | | | | '_ \ / _ \/ __| |/ / | |\/| | ' / |
# | | |___| | | | __/ (__| < | | | | . \ |
# | \____|_| |_|\___|\___|_|\_\___|_| |_|_|\_\ |
# | |
# | Copyright Mathias Kettner 2014 mk@mathias-kettner.de |
# +------------------------------------------------------------------+
#
# This file is part of Check_MK.
# The official homepage is at http://mathias-kettner.de/check_mk.
#
# check_mk is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation in version 2. check_mk is distributed
# in the hope that it will be useful, but WITHOUT ANY WARRANTY; with-
# out even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more de-
# tails. You should have received a copy of the GNU General Public
# License along with GNU Make; see the file COPYING. If not, write
# to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor,
# Boston, MA 02110-1301 USA.
# This agent uses the program "jarsigner" to read ssl certificate
# information of jar files and outputs the information to stdout
# for the Check_MK check.
# We assume that all files in the jar archive are signed with the
# same certificate. So we only deal with the last signed file here.
JAVA_HOME=/home/oracle/bin/jdk_latest_version
JAR_PATH=/home/oracle/fmw/11gR2/as_1/forms/java/*.jar
# Let user override these defaults in a configuration file
if [ -e $MK_CONFDIR/jar_signature.cfg ] ; then
. $MK_CONFDIR/jar_signature.cfg
fi
PATH=$JAVA_HOME/bin:$PATH
echo "<<<jar_signature>>>"
for JAR in $JAR_PATH; do
if [ -e "$JAR" ] ; then # avoid entry for '*.jar'
echo "[[[${JAR##*/}]]]"
OUTPUT=$(jarsigner -verify -verbose -certs "$JAR")
LINE=$(echo "$OUTPUT" | grep -n ^s | tail -n1 | cut -d: -f1)
echo "$(echo "$OUTPUT" | tail -n +$LINE)"
echo
fi
done