diff options
author | Danijel Tasov <m@rbfh.de> | 2023-09-23 14:18:08 (GMT) |
---|---|---|
committer | Danijel Tasov <m@rbfh.de> | 2023-09-23 14:18:08 (GMT) |
commit | 8272d73e579739cccbfce61f7401cd5f8b9fd0e0 (patch) | |
tree | 42a06d16036835a81c63dbcdf71da0d8155dc4db | |
parent | f5c5a7438fa34f2ee2c0b9914806f9a26b56ba59 (diff) | |
download | monitoring-plugins-8272d73e579739cccbfce61f7401cd5f8b9fd0e0.tar.gz |
remove root check
We can perfectly do icmp without root by using capabalities. So,
instead of doing unsufficient checks beforehand, we just try and fail if
it doesn't work.
Signed-off-by: Danijel Tasov <m@rbfh.de>
-rw-r--r-- | lib/utils_base.c | 13 | ||||
-rw-r--r-- | plugins-root/check_icmp.c | 3 |
2 files changed, 0 insertions, 16 deletions
diff --git a/lib/utils_base.c b/lib/utils_base.c index 8a03d09..3822bcf 100644 --- a/lib/utils_base.c +++ b/lib/utils_base.c | |||
@@ -300,19 +300,6 @@ char *np_escaped_string (const char *string) { | |||
300 | 300 | ||
301 | int np_check_if_root(void) { return (geteuid() == 0); } | 301 | int np_check_if_root(void) { return (geteuid() == 0); } |
302 | 302 | ||
303 | int np_warn_if_not_root(void) { | ||
304 | int status = np_check_if_root(); | ||
305 | if(!status) { | ||
306 | printf(_("Warning: ")); | ||
307 | printf(_("This plugin must be either run as root or setuid root.\n")); | ||
308 | printf(_("To run as root, you can use a tool like sudo.\n")); | ||
309 | printf(_("To set the setuid permissions, use the command:\n")); | ||
310 | /* XXX could we use something like progname? */ | ||
311 | printf("\tchmod u+s yourpluginfile\n"); | ||
312 | } | ||
313 | return status; | ||
314 | } | ||
315 | |||
316 | /* | 303 | /* |
317 | * Extract the value from key/value pairs, or return NULL. The value returned | 304 | * Extract the value from key/value pairs, or return NULL. The value returned |
318 | * can be free()ed. | 305 | * can be free()ed. |
diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c index 2ad644e..a7fad36 100644 --- a/plugins-root/check_icmp.c +++ b/plugins-root/check_icmp.c | |||
@@ -417,9 +417,6 @@ main(int argc, char **argv) | |||
417 | bindtextdomain (PACKAGE, LOCALEDIR); | 417 | bindtextdomain (PACKAGE, LOCALEDIR); |
418 | textdomain (PACKAGE); | 418 | textdomain (PACKAGE); |
419 | 419 | ||
420 | /* print a helpful error message if geteuid != 0 */ | ||
421 | np_warn_if_not_root(); | ||
422 | |||
423 | /* we only need to be setsuid when we get the sockets, so do | 420 | /* we only need to be setsuid when we get the sockets, so do |
424 | * that before pointer magic (esp. on network data) */ | 421 | * that before pointer magic (esp. on network data) */ |
425 | icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0; | 422 | icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0; |