Edit file

File name : check_managed.sh

Content :

#!/bin/bash
# check_managed - check core software on the system is up to date
# Requirements: dig, curl, awk
# Author: Tsvetan Gerov <tsvetan@worldhost.group>
# Version 0.12

# Global variables
HOSTNAME=$(hostname -f)
HOSTNAME_IP=$(dig +short $HOSTNAME)
EXTIP=$(curl -s ipv4.icanhazip.com)
EXTIP_PTR=$(dig +short -x $EXTIP |  sed 's/\.$//')
OSRELEASE=$(cat /etc/redhat-release  | tr -dc '0-9.'|cut -d \. -f1)

# Initialize flags and error message
CRITICAL=false
WARNING=false
ERROR_MESSAGE=""

check_deps(){
    DEPS="curl dig awk"
    for DEP in $DEPS; do
        if [ ! -f "/usr/bin/${DEP}" ]; then
            echo "[UNKNOWN] Please install $DEP"
            exit 3
        fi
    done
}

check_csf() {
    if [ -d /etc/csf ]; then
        if [[ "$(csf -l | grep DROP -c)" -gt 0 ]]; then
            if [[ "$(ps aux | grep 'lfd' | grep -v grep | wc -l)" -eq 0 ]]; then
                CRITICAL=true
                ERROR_MESSAGE+="CSF is running, but LFD is stopped, "
            elif [[ "$(csf -l | grep -i error -c)" -gt 0 ]]; then
                CRITICAL=true
                ERROR_MESSAGE+="Check lfd log, "
            fi
        else
            CRITICAL=true
            ERROR_MESSAGE+="CSF is NOT running, "
        fi
    else
        CRITICAL=true
        ERROR_MESSAGE+="CSF is NOT Installed, "
    fi
}

check_cpversion() {
    UPGRADE_DEFERRED="/var/cpanel/upgrade_deferred"
    if [ -f "$UPGRADE_DEFERRED" ]; then
        # Check if file is older than 30 days
        if [ $(find "$UPGRADE_DEFERRED" -mtime +30 2>/dev/null) ]; then
            CRITICAL=true
            ERROR_MESSAGE+="cPanel: /var/cpanel/upgrade_deferred is older than 30 days, "
        fi
        # Skip further checks if file exists
        return
    fi

TIERS=$(curl -s http://httpupdate.cpanel.net/cpanelsync/TIERS)
    LTS=$(echo "$TIERS" | awk -F: '/lts/{print $2}' | tr -d ' ')
    STABLE=$(echo "$TIERS" | awk -F: '/stable/{print $2}' | tr -d ' ')
    RELEASE=$(echo "$TIERS" | awk -F: '/release/{print $2}' | tr -d ' ')

if [ -f "/usr/local/cpanel/version" ]; then
        CPVERSION=$(cat /usr/local/cpanel/version)
    else
        CRITICAL=true
        ERROR_MESSAGE+="cPanel: Unable to open /usr/local/cpanel/version, "
        return
    fi

if [ "$OSRELEASE" -eq 6 ]; then
        if [ "$LTS" != "$CPVERSION" ] && [ "$STABLE" != "$CPVERSION" ] && [ "$RELEASE" != "$CPVERSION" ]; then
            WARNING=true
            ERROR_MESSAGE+="Latest cPanel version is not installed!, "
        fi
    else
        if [ "$LTS" != "$CPVERSION" ] && [ "$STABLE" != "$CPVERSION" ] && [ "$RELEASE" != "$CPVERSION" ]; then
            CRITICAL=true
            ERROR_MESSAGE+="Latest cPanel version is not installed!, "
        fi
    fi
}

check_kernelcare() {
    KCARE="/usr/bin/kcarectl"
    I360="/usr/sbin/imunify360-php-daemon"

if [[ $HOSTNAME =~ ^d[0-9]+\..*$ ]]; then
        # DEDICATED
        if [ -f "$I360" ] && [ ! -f "$KCARE" ]; then
            WARNING=true
            ERROR_MESSAGE+="KernelCare is not installed, "
        else
            if [ -f "$KCARE" ]; then
                if $KCARE --check > /dev/null 2>&1; then
                    WARNING=true
                    ERROR_MESSAGE+="KernelCare Update available, "
                fi
            fi
        fi
    else
        # SHARED/OTHER
        if [ ! -f "$KCARE" ]; then
            CRITICAL=true
            ERROR_MESSAGE+="KernelCare is not installed, "
        else
            if $KCARE --check > /dev/null 2>&1; then
                CRITICAL=true
                ERROR_MESSAGE+="KernelCare Update available, "
            fi
        fi
    fi
}

check_hostname(){
    if [ "$HOSTNAME_IP" != "$EXTIP" ]; then
            CRITICAL=true
            ERROR_MESSAGE+="Hostname doesnt resolve to the server IP, "
    fi
}

check_ptr(){
    if [ "$HOSTNAME" != "$EXTIP_PTR" ]; then
        if [[ $HOSTNAME =~ ^d[0-9]{1,4}\..*$ ]]; then
            WARNING=true
        else
            CRITICAL=true
        fi
        ERROR_MESSAGE+="IP PTR doesnt matches the hostname, "
    fi
}

check_spf(){
    if [[ $HOSTNAME =~ ^d[0-9]+\..*$ || $HOSTNAME =~ ^s[0-9]+\..*$ ]]; then
        if ! dig +short TXT $HOSTNAME | grep -q -E 'spf.mysecurecloudhost.com|spf.stableserver.net'; then
            CRITICAL=true
            ERROR_MESSAGE+="No SPF for server hostname, "
        fi
    fi
}

check_litespeed(){
    if [ -f "/usr/local/lsws/bin/lshttpd" ]; then
        if /usr/local/lsws/bin/lshttpd -t | grep -q trial ; then
		    CRITICAL=true
            ERROR_MESSAGE+="LiteSpeed Trial License detected, "
        fi
    fi
}

check_ipaliases(){
    IPALIASES=$(cut -f 1 -d : /etc/ips)
    IPS=$(hostname -I)
    for IP in $IPALIASES; do
        if ! echo $IPS | grep -q $IP; then
            CRITICAL=true
            ERROR_MESSAGE+="IP Alias $IP is down, "
        fi
    done
}

check_cllicense(){
    if [ -f "/usr/bin/cldetect" ]; then
        if [ "$(/usr/bin/cldetect --check-license)" != "OK" ]; then
            CRITICAL=true
            ERROR_MESSAGE+="CloudLinux: No valid license found, "
        fi
    fi
}

check_namedconf(){
    if ! named-checkconf /etc/named.conf > /dev/null 2>&1; then
        CRITICAL=true
        ERROR_MESSAGE+="named.conf syntax error, "
    fi
}

check_pdns(){
    if [ -f "/usr/sbin/pdns_server" ]; then
        if ! systemctl is-active --quiet pdns.service; then
            CRITICAL=true
            ERROR_MESSAGE+="PowerDNS service is not running, "
        fi
    fi
}

# Perform dep checks
check_deps

# Perform checks
check_csf
check_cpversion
# check_kernelcare - needs better logic
check_hostname
check_ptr
check_spf
check_litespeed
check_ipaliases
check_cllicense
check_namedconf
check_pdns

# Return final state
if [ "$CRITICAL" = true ]; then
    echo "[CRITICAL] ${ERROR_MESSAGE%, }"
    exit 2
elif [ "$WARNING" = true ]; then
    echo "[WARNING] ${ERROR_MESSAGE%, }"
    exit 1
else
    echo "[OK] All services are running correctly."
    exit 0
fi

TERMOREK-IT SHELL 403

Edit file