Linux

check_yum

Write a Review

Description:

Checks the YUM package management system for package upgrades, for example on Fedora, Red Hat Enterprise Linux, CentOS or Scientific Linux systems.

Using the YUM Security plugin, it may differentiate between normal and security updates.

Current Version

1.1.0

Last Release Date

2014-09-26

Compatible With

  • Nagios 3.x

Owner

Christoph Anton Mitterer

Website

https://github.com/harisekhon/nagios-plugins

License

GPL

Copy Page Link Recommend Login to Add to Favorites
Project Notes
Features: - Using the YUM Security plugin, it may differentiate between normal and security updates. - Prints the number of available updates (optionally differentiating between normal and security updates). - By default, returns a CRITICAL state when security updates are found and “ignores” any normal updates. This behaviour may be changed so that normal updates lead to a WARNING state. - May use the system repository cache, instead of creating/updating a repository cache for the invoking user. - Repositories may be selectively enabled or disabled for the checks. - A timeout for the check may be set. - If the YUM Security plugin is required but not installed, an UNKOWN state will be returned. - If the output of YUM changes and cannot be parsed anymore, an UNKOWN state will be returned. Documentation: Invoking the program with the “--help” or “-h” option prints the documentation. Invocation: The original author had this warning in place: “It was requested to not run as root but some experimentation has shown that package information is generally less reliable when running as a normal user. YUM incorrectly returns less or no security updates, which are shown when run as root. I believe this is due to YUM repository files not being readable by a non-privileged user (especially 3rd party repositories). If you relax the permissions on those repository files it may be possible to run this as a non-root user, but you should first check for differences in results on your systems between running as root or as an ordinary user.”
Reviews (13) Add a Review
patch for CentOS 7 - PHP 7.x
by tachtler, November 30, 2017

I had to add some fix to this scipt: in line 304 the is a "limit": if len(output) > number_total_updates + 25 / OR 25000: I had to change this value to 50000: because output from yum --security check-update has about 29000 lines.


patch for Centos7
by abcklocki, December 31, 2016

I had to add some fix to this scipt: in line 304 the is a "limit": if len(output) > number_total_updates + 25: I had to change this value to 25000: because output from yum --security check_update has about 23000 lines.


Stopped working yesterday
by giantsquid, May 31, 2013

Worked perfectly until yesterday; I use it with -C --all-updates on Amazon AWS. As of now it returns "Cannot find summary line in YUM output. Please make sure you have upgraded to the latest version of this plugin. If the problem persists, please contact the author for a fix" and this I am doing now. What I'd love it to parse is these lines: sudo yum --security check-update -v ... There are 40 total update(s) available Security: kernel-3.2.39-6.88.amzn1.i686 is an installed security update Security: kernel-3.2.38-5.48.amzn1.i686 is the currently running version ... Would you be so kind and check if you can include that?


Centos 6 or 5
by strange, March 31, 2012

I download this plugin in revision 0.7.2 : http://opensource.is/trac/browser/nagios-plugins/check_yum/ All works there is a 0.7.3 but i don't test it ... Thanks


RHEL/CentOS/SL 6
by calestyo, March 31, 2012

This version seems to be also patched for RHEL6, but a bit differently than the patch below. http://opensource.ok.is/trac/browser/nagios-plugins/check_yum/check_yum


CentOS 6
by libove, March 31, 2012

Augmenting the excellent advice of the previous poster, here is a small diff against check_yum 0.7.1 which will allow the script to continue working with CentOS 5 while also making it compatible with the yum output format of CentOS 6: *** check_yum.old 2012-03-18 18:58:12.000000000 +0100 --- check_yum 2012-03-18 18:57:36.000000000 +0100 *************** *** 318,326 **** output = self.run(cmd) re_security_summary = ! re.compile("Needed d+ of d+ packages, for security") re_no_security_updates_available = ! re.compile("No packages needed, for security, d+ available") summary_line_found = False for line in output: if re_no_security_updates_available.match(line): --- 318,326 ---- output = self.run(cmd) re_security_summary = ! re.compile("Needed d+ of d+ packages,? for security") re_no_security_updates_available = ! re.compile("No packages needed,? for security[;,] d+ (packages )?available") summary_line_found = False for line in output: if re_no_security_updates_available.match(line):


Works great after a few tweaks
by augusto, February 29, 2012

I was able to run this properly on Centos 6 with selinux enabled. I wrote a blog post[1] about how I created the policy and the source of the policy, so anyone can build it. [1] http://codeforthesoul.blogspot.com/2012/02/selinux-policy-to-run-checkyum.html


Centos 6
by egalstad, January 31, 2012

@antonio7 this issue is caused by Selinux. Configure Selinux on your box or disable it in /etc/sysconfig/selinux if it is applicable in your environment.


REHEL6 Errors
by ahmedali, November 30, 2011

Hello, Thank you for this great plugin but, when I use it with RHEL6 systems, it give me errors UNKNOWN: Security plugin for yum is required. Try to 'yum install yum-security' and then re-run this plugin. Alternatively, to just alert on any update which does not require the security plugin, try --all-updates even with installing the required package. and in some other RHEL6 systems it give me YUM WARNING: Cannot find summary line in yum output. Please make sure you have upgraded to the latest version of this plugin. If the problem persists, please contact the author for a fix Thanks


Works as expected in CentOS 5
by linux_samurai, October 31, 2011

I reviewed this scripts code and tested on several sandbox servers. I then implemented it on multiple CentOS 5.x environments with no problems. This plugin is definitely helpful with quickly pinpointing servers that haven't been patched. Additionally, I have it only checking every 24 hours, and have alerting turned off except business hours. Here is our service definition: -=-=-=-=-=-=-=-=-=-=-=-=-= define service{ use generic-service host_name hosta,hostb,hostc max_check_attempts 3 normal_check_interval 1440 retry_check_interval 120 notification_interval 1440 notification_period workhours service_description Check_Linux_Updates check_command check_nrpe!check_yum }


by fransua33, October 31, 2011



CentOS 6.0
by antonio7, September 30, 2011

After upgrade from CentOS 5.6 to 6.0 check_yum stopped to work. It looks like NRPE is running in some kind of chrooted environment. That's why Check_Yum can not find executable /usr/bin/yum and fails.


For Fedora 13 users and maybe others:
by d_preston215, October 31, 2010

When running the check_yum plugin on Fedora 13 machines, there is a good chance you will come up with this error: YUM WARNING: Cannot find summary line in yum output. Please make sure you have upgraded to the latest version of this plugin. If the problem persists, please contact the author for a fix Luckily there is a simple reason for this. The good folks at Fedora just decided to change some words around in the summary output. However, this throws the plugin for a loop since it's looking for specfic text to indicate the summary output (and determine what updates are potentially available). Solution for this is to just change the text so that it matches the summary output of yum on Fedora 13 servers: On line 323 of the check_yum plugin: Replace this text: No packages needed, for security, d+ available With this: No packages needed for security; d+ packages available


Add a Review

You must be logged in to submit a review.

Thank you for your review!

Your review has been submitted and is pending approval.

Recommend

To:


From:


Thank you for your recommendation!

Your recommendation has been sent.

Page Sections
Project Overview Project Notes Reviews
Project Stats
Rating
4.5 (18)
Favorites
4
Views
259,961