check_mysql: ignore authentication failure

This patch allows checking if MySQL server is running without providing valid username and password. Similar to check_ssh plugin it returns MySQL server version string and protocol number. Example: check_mysql -n -H aaa.bbb.ccc.ddd MySQL OK - Version: 5.0.51a-24+lenny5 (protocol 10) This is useful for monitoring servers where one does not have administrator privileges or does not want to grant any privileges for the monitoring station. To enable this functionality new option --ignore-auth (-n) is added to check_mysql plugin. Thanks to Julius Kriukas Closes #1020 Closes #1178
2026-04-15 22:00:06 -04:00 · 2013-10-01 00:47:08 +02:00 · 2013-10-01 00:47:08 +02:00 · 2e8d440e73
commit 2e8d440e73
parent 98a670bf77
2 changed files with 21 additions and 2 deletions
--- a/THANKS.in
+++ b/THANKS.in
@ -325,3 +325,4 @@ Andy Brist
 Mikael Falkvidd
 Patric Wust
 Neil Prockter
+Julius Kriukas
--- a/plugins/check_mysql.c
+++ b/plugins/check_mysql.c
@ -42,6 +42,7 @@ const char *email = "devel@monitoring-plugins.org";
 #include "netutils.h"

 #include <mysql.h>
+#include <mysqld_error.h>
 #include <errmsg.h>

 char *db_user = NULL;
@ -59,6 +60,7 @@ char *opt_file = NULL;
 char *opt_group = NULL;
 unsigned int db_port = MYSQL_PORT;
 int check_slave = 0, warn_sec = 0, crit_sec = 0;
+int ignore_auth = 0;
 int verbose = 0;

 static double warning_time = 0;
@ -136,7 +138,16 @@ main (int argc, char **argv)
 		mysql_ssl_set(&mysql,key,cert,ca_cert,ca_dir,ciphers);
 	/* establish a connection to the server and error checking */
 	if (!mysql_real_connect(&mysql,db_host,db_user,db_pass,db,db_port,db_socket,0)) {
-		if (mysql_errno (&mysql) == CR_UNKNOWN_HOST)
+		if (ignore_auth && mysql_errno (&mysql) == ER_ACCESS_DENIED_ERROR)
+		{
+			printf("MySQL OK - Version: %s (protocol %d)\n",
+				mysql_get_server_info(&mysql),
+				mysql_get_proto_info(&mysql)
+			);
+			mysql_close (&mysql);
+			return STATE_OK;
+		}
+		else if (mysql_errno (&mysql) == CR_UNKNOWN_HOST)
 			die (STATE_WARNING, "%s\n", mysql_error (&mysql));
 		else if (mysql_errno (&mysql) == CR_VERSION_ERROR)
 			die (STATE_WARNING, "%s\n", mysql_error (&mysql));
@ -341,6 +352,7 @@ process_arguments (int argc, char **argv)
 		{"critical", required_argument, 0, 'c'},
 		{"warning", required_argument, 0, 'w'},
 		{"check-slave", no_argument, 0, 'S'},
+		{"ignore-auth", no_argument, 0, 'n'},
 		{"verbose", no_argument, 0, 'v'},
 		{"version", no_argument, 0, 'V'},
 		{"help", no_argument, 0, 'h'},
@ -357,7 +369,7 @@ process_arguments (int argc, char **argv)
 		return ERROR;

 	while (1) {
-		c = getopt_long (argc, argv, "hlvVSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option);
+		c = getopt_long (argc, argv, "hlvVnSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option);

 		if (c == -1 || c == EOF)
 			break;
@ -419,6 +431,9 @@ process_arguments (int argc, char **argv)
 		case 'S':
 			check_slave = 1;							/* check-slave */
 			break;
+		case 'n':
+			ignore_auth = 1;							/* ignore-auth */
+			break;
 		case 'w':
 			warning = optarg;
 			warning_time = strtod (warning, NULL);
@ -506,6 +521,9 @@ print_help (void)
 	printf (UT_EXTRA_OPTS);

  printf (UT_HOST_PORT, 'P', myport);
+  printf (" %s\n", "-n, --ignore-auth");
+  printf ("    %s\n", _("Ignore authentication failure and check for mysql connectivity only"));
+
  printf (" %s\n", "-s, --socket=STRING");
  printf ("    %s\n", _("Use the specified socket (has no effect if -H is used)"));