boogiespook / sat6_healthcheck Goto Github PK
View Code? Open in Web Editor NEWHealth Check for a Satellite 6 install
License: GNU General Public License v2.0
Health Check for a Satellite 6 install
License: GNU General Public License v2.0
The current script echo's prompts and output (with color codes) to stdout.
This makes it difficult to save the output and compare it to another instance or to a previous report.
Redirecting stdout is not easy either because it also redirects the prompts. (A workaround is to tail the output but that's not very convenient.)
It would be great to add an option to save the output to a file.
some of my customers still use ntpd instead of chrony.
It would be nice if the check script (upon detecting chrony is not on) would check ntpd and if OK not issue a warning.
After running the script, it says:
[WARNING] 2 2 updates available. These can be found in /tmp/sat6_check/updates. It is recommended to run yum -y update
But in fact it is not correct:
[root@rhsat6srv1 sat6_healthCheck]# more /tmp/sat6_check/updates
Loaded plugins: package_upload, priorities, product-id, search-disabled-repos,
: subscription-manager
173 packages excluded due to repository priority protections
[root@rhsat6srv1 sat6_healthCheck]#
BR,
Yannick
My current customer has named their subnets in the form "sn-010.101.240.000/24-000" this makes the check script throw errors when it checks on the files /tmp/sat6_check/subnet_sn-010.101.240.000/24-000"
Can you please add a replacement of "/" with "_" or "-" when using names of things in Sat (I guess this will not only affect the subnets) for writing files to /tmp?
When prompting the user to enter the admin password it should be read with the -s
option to prevent displaying it on the terminal.
The function check_hammer_config_file checks if a hammer config exists and prompts to create one if it doesn't.
If the file exists it exits without checking the username and password.
function check_hammer_config_file {
if [[ ! -f /root/.hammer/cli_config.yml ]]
Further checks simply assume that the username and password are in place.
This check should be extended to test at least if a username/password combination is configured.
The connection to the CDN is tested with ping. This causes false negatives and may even cause a false positive.
+ Checking connection to cdn.redhat.com
ping: unknown host cdn.redhat.com
This is because our satellite needs to connect through a proxy. Not only is the satellite system itself unable to resolve the URI, even it were able to ping would not work this way.
Also a ping test does not guarantee that other connections can be made and/or ping can be blocked independently without blocking the required connections.
Is there a different way to test this? Perhaps using wget/curl and using the proxy as defined in the satellite's config?
All checks that use hammer assume that a hammer cli_config.yml is inplace and contains the username and password.
From a security point of view it might be more appropriate to offer the option to prompt the user for the admin username and password without saving them.
many large customers leave host firewalls off. While I do not agree with this decision, the health check tool should be taking such a policy decision into account and offer different suggestions depending on no FW or wrong FW rules.
e.g. "it seems you have no firewall at all running on this host, boogiespook recommends runnign one. Fix [y/N]?"
please also include check chronyd service as ntp server at rhel 7
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: No such sub-command 'organization'
See: 'hammer --help'
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: No such sub-command 'location'
See: 'hammer --help'
See: 'hammer --help'
See: 'hammer --help'
See: 'hammer --help'
See: 'hammer --help'
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: No such sub-command 'capsule'
See: 'hammer --help'
See: 'hammer --help'
See: 'hammer --help'
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: Either :uri or :apidoc_cache_dir needs to be set
Error: No such sub-command 'subnet'
See: 'hammer --help'
See: 'hammer --help'
See: 'hammer --help'
please use mktemp at
https://github.com/boogiespook/sat6_healthCheck/blob/master/sat6_healthCheck.sh#L37
e.g.:
TMPDIR=$(mktemp --tmpdir=/tmp --directory sat6_check.tmpdir.XXXXXXXXXX)
makes attacking your users harder.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.