password change script discards output from elasticsearch
Posted: Tue Jul 26, 2016 10:18 am
Currently /usr/local/nagioslogserver/scripts/reset_nagiosadmin_password.sh does not check for any kind of result, and always claims success. Specifically these lines:
Perhaps using jq and parsing out the output could be a way to find out the actual results, eg:
Working user:
Non-existing user, possibly other problems:
I'm not familiar enough with elasticsearch to know what the proper output may consist of, but it may be useful to not send everything to /dev/null, otherwise it gives false sense of success. We ran into this issue when trying to reset password on an installation that wasn't cleaned up fully, and there was no user with ID 1.# Save new password into elasticsearch
curl -XPOST http://localhost:9200/nagioslogserver/user/1/_update -d "$update" > /dev/null 2>&1
curl -XPOST http://localhost:9200/nagioslogserver/_refresh > /dev/null 2>&1
printf "The password has been set for nagiosadmin user.\n"
Perhaps using jq and parsing out the output could be a way to find out the actual results, eg:
Working user:
Code: Select all
curl -s -XPOST http://localhost:9200/nagioslogserver/user/1/_update -d '{"doc":{"password":"hash"}}' | jq .error
null
Code: Select all
curl -s -XPOST http://localhost:9200/nagioslogserver/user/1000/_update -d '{"doc":{"password":"hash"}}' | jq .error
"DocumentMissingException[[nagioslogserver][0] [user][1000]: document missing]"