check_resolved-dnssec

#!/usr/bin/env python3
#-------------------------------------------------------------------------------

import argparse
import sys
import os
import subprocess
import platform

#-------------------------------------------------------------------------------

_candebug = False
def candebug():
    global _candebug
    return _candebug
def setcandebug(value):
    global _candebug
    _candebug = value

def infomsg(msg):
    if candebug() == True:
        print(msg, flush=True)

def exitnagios(status,message):
    if status=="OK":
        exitcode = 0
    elif status=="WARNING":
        exitcode = 1
    elif status=="CRITICAL":
        exitcode = 2
    elif status=="UNKNOWN":
        exitcode = 3
    else:
        exitcode = 4
    print(status+": "+message, flush=True)
    sys.exit(exitcode)

#-------------------------------------------------------------------------------

def doresolveddnsseccall():
    cmdline = ["/usr/bin/resolvectl","dnssec"]
    completedproc = subprocess.run(cmdline,capture_output=True)
    output = completedproc.stdout.decode("utf-8").strip()
    errors = completedproc.stderr.decode("utf-8").strip()
    exitcode = completedproc.returncode

    if exitcode == 0:
        allenabled = True
        failed = []
        for line in output.splitlines():
            parts = line.split()
            if parts[-1].lower() != "yes":
                if parts[0].lower() == "global":
                    failed.append("Global")
                else:
                    failed.append(parts[2].replace("(","").replace(")",""))
        if allenabled:
            exitnagios("OK","all interfaces have dnssec activated")
        else:
            exitnagios("CRITICAL","some interfaces do not have dnssec activated: "+", ".join(failed))
    else:
        exitnagios("CRITICAL","issue retrieving ospf routes")

#-------------------------------------------------------------------------------

def parse_args():
    parser = argparse.ArgumentParser()
    parser.add_argument("-®", "--debug",             action="store_true",  dest="debug",            default=False,                                help="be more verbose")
    args = parser.parse_args()
    return args

def main():
    args = parse_args()
    setcandebug(args.debug)
    doresolveddnsseccall()

if __name__ == "__main__":
    main()

#-------------------------------------------------------------------------------