Add User in Nagios

by GarciaPL on Thursday 22 August 2013

I just wrote a small script (written in Perl) which performs adding user to merlin database without doing it manually via web interface. In my server environment script works, but I can not guarantee you that it will work in yours environments ;)

Configuration of script :
- htpasswd_directory - directory of htpasswd file for example /opt/nagios/etc/
- htpasswd_file - name of htpasswd file used by Nagios for example htpasswd.users
- nagios_cgi_directory - main Nagios directory for example /opt/nagios/etc/
- nagios_cgi_cfg_file - name of main Nagios configuration file which stores users information for example cgi.cfg
- nagios_cgi_fields - name of user privileges to be added in cgi file for example authorized_for_all_services and authorized_for_all_hosts
- domain - if your company uses a domain name in users accounts for example @MICROSOFT.COM
- comma - it is obvious ;)
- password_algorithm (relative)
- password_user_merlin (relative)

This script is some kind of guide to develop your own script to adding faster users in nagios infrastructure ;)

#!/usr/bin/perl -w
######################################
# Info : Add User Nagios on st1monms2
# Version : 1.0
# Date : 7 luty 2012
# Author : Lukasz Ciesluk
# Help : http://pl.linkedin.com/in/lukaszciesluk/
######################################
#
# Run :
# chmod +x AddUserNagios_st1monms2.pl
# ./AddUserNagios_st1monms2.pl -h (for help)
# ./AddUserNagios_st1monms2.pl -u  --username_db  --password_db  --database 

use strict;
use warnings;
use Getopt::Long;
use DBI;
use Tie::File;

my $new_nagios_user = undef;
my $username_db = undef;
my $password_db = undef;
my $database = undef;
my $sql = undef;
my $dbh = undef;
my $help = undef;

my $htpasswd_directory = "/opt/nagios/etc/";
my $htpasswd_file = "htpasswd.users";
my $nagios_cgi_directory = "/opt/nagios/etc/";
my $nagios_cgi_cfg_file = "cgi.cfg";
my @nagios_cgi_fields = ( 'authorized_for_all_services', 'authorized_for_all_hosts', 'authorized_for_read_only' );

my $domain = "\@BANK.COM.PL";
my $comma = ",";
my $password_algorithm = "b64_sha1";
my $password_user_merlin = "4insgmC8hl++J1uTcPVCtfo2uX0=";

sub usage {
    print "$0 --u  --dbu  --dbp  --dbd \n";
}

sub connect_db_merlin {
 $dbh = DBI->connect("dbi:mysql:database=$database;"."host=localhost;port=3306", $username_db, $password_db) || die "Nie mozna sie polaczyc do bazy: $DBI::errstr";
}

sub duplicate_htpasswd {
 my ($nagios_user_create) = @_;
 if (-d $htpasswd_directory) {
  chdir($htpasswd_directory) or die "Can not change directory to the $htpasswd_directory!";
  
  my $cat_user = `cat $htpasswd_file | grep $nagios_user_create`;
  if (length($cat_user) > 0) {
   print "User has record in $htpasswd_file file which may mean that user can exists. Exit program\n";
   exit;
  }
  
  tie my @array, 'Tie::File', $htpasswd_file or die "Reading file $htpasswd_file finished with an error : $!\n";
  my $monkey_index = index($array[-1], '@');
  my $domain_substring = substr($array[-1], $monkey_index, length($array[-1]));
  my $new_user_string = $nagios_user_create.$domain_substring;
  print "Adding record to $htpasswd_file file : $new_user_string\n";
  open (FILE, ">>$htpasswd_file") || die "Error opening file $htpasswd_file : $!\n";
  print FILE "$new_user_string\n";
  close FILE;
 } else {
  print "Catalog $htpasswd_directory does not exist. Exit program\n";
  exit;
 }
}

sub duplicate_st1monms2_cgi {
 my ($nagios_user_create) = @_;
 if (-d $nagios_cgi_directory) {
  chdir($nagios_cgi_directory) or die "Can not change directory to the $nagios_cgi_directory!";
  
  my $cat_user = `cat $nagios_cgi_cfg_file | grep $nagios_user_create`;
  if (length($cat_user) > 0) {
   print "User has record in $htpasswd_file file which may mean that user can exists. Exit program\n";
   exit;
  }

  open ( FILE, "$nagios_cgi_cfg_file" ) || die "Error opening file $nagios_cgi_cfg_file : $!\n";
  my @lines = ;
  for my $linia (@lines) {
   foreach my $field (@nagios_cgi_fields) {
    if($linia =~ /$field/){
     $linia =~ s/^\s+//;
     $linia =~ s/\s+$//;
     $linia =~ s/^\s+//;
     $linia =~ s/\s+$//;
     
     my @add_user_authorizate = `sed -i.bak -e s/$linia/$linia$comma$nagios_user_create$domain/g $nagios_cgi_cfg_file`;
     print @add_user_authorizate;
     
     print "Granted $field privilege to user $nagios_user_create\n";
    }
   }
  }
  close (FILE);
 } else {
  print "Catalog $nagios_cgi_directory does not exist. Exit program\n";
  exit;
 }
}

sub restart_nagios {
 my @restart = `mon restart`;
 print @restart;
}

sub merlin_db_operations {
 my ($nagios_user_create) = @_;
 
 print "Checking if user $nagios_user_create$domain exists in database already\n";
 my $sthUserExists = $dbh->prepare('select count(*) as ilosc from users where username = ?') || die "Database Select User Error $DBI::errstr";
 $sthUserExists->bind_param(1, $nagios_user_create.$domain);
 $sthUserExists->execute();
 my $ifexists = $sthUserExists->fetchrow_hashref();
 
 if ($ifexists->{ilosc} > 0) {
  print "User $nagios_user_create$domain exists! Interrupt program!\n";
  $dbh->disconnect();
  exit;
 } else {
  print "User $nagios_user_create$domain does not exist in database. Continuing.\n";
 }

 my $sth = $dbh->prepare('select max(id) as maxid from users') || die "Database Select Max ID Error $DBI::errstr";
 $sth->execute();
 my $result = $sth->fetchrow_hashref();
 my $new_user_id = $result->{maxid} + 1;

 print "Please give name of user (realname)\n";
 my $realname = <>;
 chomp ($realname);
 print "Please give e-mail address of user (e-mail)\n";
 my $email = <>;
 chomp ($email);
 
 my $sthUserTable = $dbh->prepare('insert into users(id, realname, email, username, password_algo, password) VALUES (?, ?, ?, ?, ?, ?)');
 $sthUserTable->bind_param(1, $new_user_id);
 $sthUserTable->bind_param(2, $realname);
 $sthUserTable->bind_param(3, $email);
 $sthUserTable->bind_param(4, $nagios_user_create.$domain);
 $sthUserTable->bind_param(5, $password_algorithm);
 $sthUserTable->bind_param(6, $password_user_merlin);
 $sthUserTable->execute();
 
 print "Added to Users table a user (username) : $nagios_user_create$domain with ID = $new_user_id\n";
 print "Selected algorithm for password : $password_algorithm and password : $password_user_merlin\n";
 
 print "Adding roles for user\n";
 my $sthRolesUsersTable = $dbh->prepare('insert into roles_users(user_id, role_id) VALUES (?, 1)');
 $sthRolesUsersTable->bind_param(1, $new_user_id);
 $sthRolesUsersTable->execute();
 
 print "Please answer for user roles : \n";
 print "Add system_information role ? (0 - no, 1 - yes)\n";
 my $system_information = <>;
 chomp ($system_information);
 print "Add configuration_information role ? (0 - no, 1 - yes)\n";
 my $configuration_information = <>;
 chomp ($configuration_information);
 print "Add system_commands role ? (0 - no, 1 - yes)\n";
 my $system_commands = <>;
 chomp ($system_commands);
 print "Add all_services role ? (0 - no, 1 - yes)\n";
 my $all_services = <>;
 chomp ($all_services);
 print "Add all_hosts role ? (0 - no, 1 - yes)\n";
 my $all_hosts = <>;
 chomp ($all_hosts);
 print "Add all_service_commands role ? (0 - no, 1 - yes)\n";
 my $all_service_commands = <>;
 chomp ($all_service_commands);
 print "Add all_host_commands role ? (0 - no, 1 - yes)\n";
 my $all_host_commands = <>;
 chomp ($all_host_commands);
 
 print "Adding roles for user $nagios_user_create\n";
 my $sthUserAuthorizationTable = $dbh->prepare('insert into ninja_user_authorization(user_id, system_information, configuration_information, system_commands, all_services, all_hosts, all_service_commands, all_host_commands) 
  VALUES (?, ?, ?, ?, ?, ?, ?, ?)');
 $sthUserAuthorizationTable->bind_param(1, $new_user_id);
 $sthUserAuthorizationTable->bind_param(2, $system_information);
 $sthUserAuthorizationTable->bind_param(3, $configuration_information);
 $sthUserAuthorizationTable->bind_param(4, $system_commands);
 $sthUserAuthorizationTable->bind_param(5, $all_services);
 $sthUserAuthorizationTable->bind_param(6, $all_hosts);
 $sthUserAuthorizationTable->bind_param(7, $all_service_commands);
 $sthUserAuthorizationTable->bind_param(8, $all_host_commands);
 $sthUserAuthorizationTable->execute();
}

sub help {
   print "\nAdd User Nagios\n";
   usage();
   print < \$help,
  'u=s'   => \$new_nagios_user,     'nagios_user:s'  => \$new_nagios_user,
  'dbu=s'   => \$username_db,               'username_db:s'    => \$username_db,
  'dbp=s'   => \$password_db,      'password_db:s'  => \$password_db,
  'dbd=s'   => \$database,       'database:s'   => \$database
    );

if ($help) { help(); exit; }
if (!defined($new_nagios_user))
 { print "Put new username nagios to create! (-h for help)\n"; usage(); exit;}
if (!defined($username_db) || !defined($password_db))
    { print "Put database login or password info! (-h for help)\n"; usage(); exit;}
if (!defined($database))
    { print "Put database name! (-h for help)\n"; usage(); exit;}
}

######### MAIN PROGRAM

check_input();

######### Connect to merlin database
print "Checking connection to database $database\n";
connect_db_merlin();

######### Duplicate user field on  in /opt/nagios/etc/htpasswd.users
print "Duplicate user entry in file $htpasswd_directory$htpasswd_file\n";
duplicate_htpasswd($new_nagios_user);

######### Adding authorization to file /opt/nagios/etc/cgi.cfg
print "Adding authorizations for new user to file $nagios_cgi_directory$nagios_cgi_cfg_file\n";
duplicate_st1monms2_cgi($new_nagios_user);

######### Restarting nagios
print "Restarting nagios... please wait\n";
restart_nagios();

######### Adding records to database
print "Adding records to database\n";
merlin_db_operations($new_nagios_user);

######### Disconnect from database
print "Disconnect from database\n";
$dbh->disconnect();

Reference : [1] Pastebin GarciaPL Add User Nagios [2] Nagios Docs [3] Diknowstech Blog How To Change Nagios Password

Add User in Nagios

2013-08-22T07:53:00+01:00
GarciaPL
Nagios|Perl|
Comments • Category: Nagios, Perl
Share on Twitter, Facebook, Delicious, Digg, Reddit

GarciaPL Notes - Java and Others

Add User in Nagios

About Me

Categories

Archives

Search