nrpe check ipsec certificates

[GaardenZwerch]

Hi,
I would like to include an nrpe check to warn me before cerrtificates in /usr/local/etc/ipsec.d/certs expire.
However those files are not readable to the nagios user and a sudoers entry to the liking of

Code Select Expand

CHMODIPSECCERTS = /bin/chmod a+r /usr/local/etc/ipsec.d/certs/*
is not working (and not desirable). Any other ideas how I could do this?
Thanks a lot
Frank

[GaardenZwerch]

Hi again,
in case anyone is interested, I circumvented this by running the entire script as root
(edit: open for comments, though :-) )

Code Select Expand

#!/usr/local/bin/perl -w
#copyto:/usr/local/libexec/nagios/check_ipsec_certs

#re-run as root if we are not root
if ($ENV{USER} ne 'root'){
    my $CMD='/usr/local/bin/sudo /usr/local/libexec/nagios/check_ipsec_certs';
    exec $CMD;     
}
#do the actual checking...