health_check.rb 4.01 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
#
# Copyright:: Copyright (c) 2012 Opscode, Inc.
# License:: Apache License, Version 2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# 
#     http://www.apache.org/licenses/LICENSE-2.0
# 
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

Stephen Delano's avatar
Stephen Delano committed
18
19
20
module Omnibus
  class HealthCheck

21
    WHITELIST_LIBS = [
Stephen Delano's avatar
Stephen Delano committed
22
                      /ld-linux/,
23
24
                      /libc\.so/,
                      /libcrypt\.so/,
Stephen Delano's avatar
Stephen Delano committed
25
                      /libdl/,
26
27
                      /libfreebl\d\.so/,
                      /libgcc_s\.so/,
Stephen Delano's avatar
Stephen Delano committed
28
                      /libm\.so/,
29
30
31
                      /libnsl\.so/,
                      /libpthread/,
                      /libresolv\.so/,
Stephen Delano's avatar
Stephen Delano committed
32
33
                      /librt\.so/,
                      /libstdc\+\+\.so/,
34
35
                      /libutil\.so/,
                      /linux-vdso.+/
36
37
38
                      ]

    SOLARIS_WHITELIST_LIBS = [
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
                              /libaio\.so/,
                              /libavl\.so/,
                              /libcrypt_[di]\.so/,
                              /libcrypto.so/,
                              /libcurses\.so/,
                              /libdoor\.so/,
                              /libgen\.so/,
                              /libmd5\.so/,
                              /libmd\.so/,
                              /libmp\.so/,
                              /libscf\.so/,
                              /libsec\.so/,
                              /libsocket\.so/,
                              /libssl.so/,
                              /libuutil\.so/
54
                             ]
55
    
56
57
58
59
60
61
    WHITELIST_FILES = [
                       /jre\/bin\/javaws/,
                       /jre\/bin\/policytool/,
                       /jre\/lib/
                      ]

62
    WHITELIST_LIBS.push(*SOLARIS_WHITELIST_LIBS)
Stephen Delano's avatar
Stephen Delano committed
63

64
    def self.run(install_dir)
65
      ldd_cmd = "find #{install_dir}/ -type f | xargs ldd"
Stephen Delano's avatar
Stephen Delano committed
66
67
68
69
70
71
72
73
74
75
76
77
      shell = Mixlib::ShellOut.new(ldd_cmd)
      shell.run_command

      ldd_output = shell.stdout

      bad_libs = {}

      current_library = nil 
      ldd_output.split("\n").each do |line|
        case line
        when /^(.+):$/
          current_library = $1
78
        when /^\s+(.+) \=\>\s+(.+)( \(.+\))?$/
Stephen Delano's avatar
Stephen Delano committed
79
80
81
82
83
84
          name = $1
          linked = $2
          safe = nil
          WHITELIST_LIBS.each do |reg| 
            safe ||= true if reg.match(name)
          end
85
86
87
          WHITELIST_FILES.each do |reg|
            safe ||= true if reg.match(current_library)
          end
Stephen Delano's avatar
Stephen Delano committed
88

89
          if !safe && linked !~ Regexp.new(install_dir)
Stephen Delano's avatar
Stephen Delano committed
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
            bad_libs[current_library] ||= {}
            bad_libs[current_library][name] ||= {} 
            if bad_libs[current_library][name].has_key?(linked)
              bad_libs[current_library][name][linked] += 1 
            else
              bad_libs[current_library][name][linked] = 1 
            end
          else
            puts "Passed: #{current_library} #{name} #{linked}" if ARGV[0] == 'verbose'
          end
        when /^\s+(.+) \(.+\)$/
          next
        when /^\s+statically linked$/
          next
        when /^\s+libjvm.so/
          next
        when /^\s+libjava.so/
          next
        when /^\s+libmawt.so/
          next
        when /^\s+not a dynamic executable$/ # ignore non-executable files
        else
          puts "line did not match for #{current_library}\n#{line}"
        end
      end

      if bad_libs.keys.length > 0
        bad_libs.each do |name, lib_hash|
          lib_hash.each do |lib, linked_libs|
            linked_libs.each do |linked, count|
              puts "#{name}: #{lib} #{linked} #{count}"
            end
          end
        end
        raise "Health Check Failed"
      end
    end

  end
end