mcnewton/freeradiuscheck.sh

## freeradiuscheck.sh
#! /bin/bash

CONFIG_DISK_THRESHOLD=95
FR_PIDFILE=/var/run/freeradius/freeradius.pid
FR_BINARY=/usr/sbin/freeradius
DATE_MIN=$(date +%_M)

TEST_USER=checkuser
TEST_DOMAIN=my.domain.example
TEST_PASSWORD=password

LOG_PERIOD=30
CMD_PERIOD=5

LOG=""

function periodic_log
{
  [ "$(($DATE_MIN % $LOG_PERIOD))" -eq "0" ]
  return $?
}

function periodic
{
  [ "$(($DATE_MIN % $CMD_PERIOD))" -eq "0" ]
  return $?
}

function log
{
  LOG="$LOG
$*"
}

function start_freeradius
{
  log "Attempting to start FreeRADIUS"
  if disc_is_ok; then
    log $(/etc/init.d/freeradius start 2>&1)
  else
    log "disc check failed, not starting"
  fi
}

function stop_freeradius
{
  log "Stopping FreeRADIUS"
  log $(/etc/init.d/freeradius stop 2>&1)
}

function restart_winbind
{
  log "Restarting winbind"
  log $(/etc/init.d/winbind restart 2>&1)
}

function disc_usage
{
  [ -z "$1" ] && return 2
  DISC="$1"

  df "$DISC" | awk '/^\//{print $5}' | tr -d '%' | head -1
}

function finished
{
  echo "FreeRADIUS process check"
  echo "$LOG"
  echo
  echo "End of report"
  exit
}

# --

function disc_is_ok
{
  USAGE=$(disc_usage /)

  if [ "$USAGE" -gt "$CONFIG_DISK_THRESHOLD" ]; then
    log "WARNING: Disc usage too high!"
    log "         ($USAGE > $CONFIG_DISK_THRESHOLD)"
    return 1
  fi

  return 0
}

function freeradius_is_running
{
  if [ -r "$FR_PIDFILE" ]; then
    PID=$(cat $FR_PIDFILE)

    if grep -q "$FR_BINARY" /proc/$PID/cmdline; then
      return 0
    fi
  fi

  if ps -ef | grep -v grep | grep -q "$FR_BINARY"; then
    return 0
  fi

  return 1
}

function ad_auth_check_ok
{
  ntlm_auth --username=$TEST_USER --domain=$TEST_DOMAIN --password=$TEST_PASSWORD >/dev/null 2>&1
  return $?
}

if ! disc_is_ok; then
  if freeradius_is_running; then
    stop_freeradius
    finished
  fi

  if periodic_log; then
    log "FreeRADIUS is stopped"
    finished
  fi

  exit
fi

if periodic; then
  log "Testing AD authentication"

  if ! ad_auth_check_ok; then
    log "Restarting winbind"
    restart_winbind
  fi

  if freeradius_is_running && ! ad_auth_check_ok; then
    log "FreeRADIUS is running, but AD auth failed - stopping FreeRADIUS"
    stop_freeradius
    finished
  fi
fi

if ! freeradius_is_running; then
  log "FreeRADIUS is not running but should be"
  log "Testing NTLM authenticaion"
  if ad_auth_check_ok; then
    log "Auth passed"
    start_freeradius
  else
    log "Auth failed, not starting FreeRADIUS"
  fi
  finished
fi
	#! /bin/bash

	CONFIG_DISK_THRESHOLD=95
	FR_PIDFILE=/var/run/freeradius/freeradius.pid
	FR_BINARY=/usr/sbin/freeradius
	DATE_MIN=$(date +%_M)

	TEST_USER=checkuser
	TEST_DOMAIN=my.domain.example
	TEST_PASSWORD=password

	LOG_PERIOD=30
	CMD_PERIOD=5

	LOG=""

	function periodic_log
	{
	[ "$(($DATE_MIN % $LOG_PERIOD))" -eq "0" ]
	return $?
	}

	function periodic
	{
	[ "$(($DATE_MIN % $CMD_PERIOD))" -eq "0" ]
	return $?
	}

	function log
	{
	LOG="$LOG
	$*"
	}

	function start_freeradius
	{
	log "Attempting to start FreeRADIUS"
	if disc_is_ok; then
	log $(/etc/init.d/freeradius start 2>&1)
	else
	log "disc check failed, not starting"
	fi
	}

	function stop_freeradius
	{
	log "Stopping FreeRADIUS"
	log $(/etc/init.d/freeradius stop 2>&1)
	}

	function restart_winbind
	{
	log "Restarting winbind"
	log $(/etc/init.d/winbind restart 2>&1)
	}

	function disc_usage
	{
	[ -z "$1" ] && return 2
	DISC="$1"

	df "$DISC" \| awk '/^\//{print $5}' \| tr -d '%' \| head -1
	}

	function finished
	{
	echo "FreeRADIUS process check"
	echo "$LOG"
	echo
	echo "End of report"
	exit
	}

	# --

	function disc_is_ok
	{
	USAGE=$(disc_usage /)

	if [ "$USAGE" -gt "$CONFIG_DISK_THRESHOLD" ]; then
	log "WARNING: Disc usage too high!"
	log " ($USAGE > $CONFIG_DISK_THRESHOLD)"
	return 1
	fi

	return 0
	}

	function freeradius_is_running
	{
	if [ -r "$FR_PIDFILE" ]; then
	PID=$(cat $FR_PIDFILE)

	if grep -q "$FR_BINARY" /proc/$PID/cmdline; then
	return 0
	fi
	fi

	if ps -ef \| grep -v grep \| grep -q "$FR_BINARY"; then
	return 0
	fi

	return 1
	}

	function ad_auth_check_ok
	{
	ntlm_auth --username=$TEST_USER --domain=$TEST_DOMAIN --password=$TEST_PASSWORD >/dev/null 2>&1
	return $?
	}

	if ! disc_is_ok; then
	if freeradius_is_running; then
	stop_freeradius
	finished
	fi

	if periodic_log; then
	log "FreeRADIUS is stopped"
	finished
	fi

	exit
	fi

	if periodic; then
	log "Testing AD authentication"

	if ! ad_auth_check_ok; then
	log "Restarting winbind"
	restart_winbind
	fi

	if freeradius_is_running && ! ad_auth_check_ok; then
	log "FreeRADIUS is running, but AD auth failed - stopping FreeRADIUS"
	stop_freeradius
	finished
	fi
	fi

	if ! freeradius_is_running; then
	log "FreeRADIUS is not running but should be"
	log "Testing NTLM authenticaion"
	if ad_auth_check_ok; then
	log "Auth passed"
	start_freeradius
	else
	log "Auth failed, not starting FreeRADIUS"
	fi
	finished
	fi