README
1Nagios plugin to monitor the local FreeBSD ports tree for updates or known security vulnerabilities in installed packages.
2
3check_ports can be called without arguments. The default behaviour
4is to check installed packages against portaudit on FreeBSD <= 9.x
5or pkg audit on FreeBSD >= 10.x for known security vulnerabilites:
6
7./check_ports
8PORTS OK - 0 security problem(s).
9
10If a security problem is found the returned state will change to Critical:
11
12./check_ports
13PORTS CRITICAL - 2 security problem(s).
14
15If you are running FreeBSD <= 9.x and have switched to using pkg(8)
16use the -g option to have check_ports use the pkg(8) suite of tools
17instead of the legacy pkg_* tools and portaudit:
18
19./check_ports -g
20PORTS OK - 0 security problem(s).
21
22If you want to monitor all of your installed packages for updates use the -a option.
23This won't change the returned state to Warning if updates are available:
24
25./check_ports -a
26PORTS OK - 0 security problem(s), 1 Package(s) available for upgrade.
27
28If you want to monitor all of your installed packages for updates
29and have a Warning state returned if updates are available use the -w option:
30
31./check_ports -w
32PORTS WARNING - 0 security problem(s), 1 Package(s) available for upgrade.
33
34If you want to monitor the age of the local ports tree use the -p option.
35This will return a Warning state if the local ports tree is older than 24 hours:
36
37./check_ports -p
38PORTS WARNING - 0 security problem(s), 0 Package(s) available for upgrade, Ports Tree older than 24h.
39
40To monitor installed packages on a jail within your system
41use the -j option along with the name of the jail.
42You must have copies of /usr/ports/INDEX-* and /var/db/pkg/vuln.xml in your jail:
43
44./check_ports -j jailname
45PORTS OK - 0 security problem(s).
46
47Please check the plugin's help message (-h option) for additional information.
48