summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorawiddersheim <awiddersheim@hotmail.com>2013-10-22 10:33:56 -0400
committerawiddersheim <awiddersheim@hotmail.com>2013-10-22 10:33:56 -0400
commit0a3252d88d148a8cb21774cd3ae6a1cb1fbb004c (patch)
tree756f8d4b09eb6ee3c2ef75301a7027e9a42509dc
parentf6576c6db4eeb655f16a71286757e4a93792887d (diff)
downloadmonitoring-plugins-0a3252d88d148a8cb21774cd3ae6a1cb1fbb004c.tar.gz
Fix trusted path
When configuring the plugins you have the option to specify a trusted path with --with-trusted-path. This option seems to have been deprecated at some point for unknown reasons and had typically had no affect. This commit makes this option work again for those who have a desire to use it. There should be no affect on those who have not chosen to specify a trusted path.
-rw-r--r--configure.in5
-rwxr-xr-xplugins-scripts/check_breeze.pl2
-rwxr-xr-xplugins-scripts/check_disk_smb.pl2
-rwxr-xr-xplugins-scripts/check_file_age.pl4
-rwxr-xr-xplugins-scripts/check_flexlm.pl2
-rwxr-xr-xplugins-scripts/check_ifoperstatus.pl4
-rwxr-xr-xplugins-scripts/check_ifstatus.pl3
-rwxr-xr-xplugins-scripts/check_ircd.pl6
-rwxr-xr-xplugins-scripts/check_log.sh3
-rwxr-xr-xplugins-scripts/check_mailq.pl2
-rwxr-xr-xplugins-scripts/check_mssql.pl4
-rwxr-xr-xplugins-scripts/check_netdns.pl4
-rwxr-xr-xplugins-scripts/check_ntp.pl2
-rwxr-xr-xplugins-scripts/check_oracle.sh1
-rwxr-xr-xplugins-scripts/check_rpc.pl4
-rwxr-xr-xplugins-scripts/check_sensors.sh5
-rwxr-xr-xplugins-scripts/check_wave.pl2
-rw-r--r--plugins-scripts/subst.in13
18 files changed, 38 insertions, 30 deletions
diff --git a/configure.in b/configure.in
index 7e8c8102..7562ca41 100644
--- a/configure.in
+++ b/configure.in
@@ -75,9 +75,8 @@ AC_DEFINE_UNQUOTED(CGIURL,"$CGIURL",[URL of CGI programs])
75 75
76AC_ARG_WITH(trusted_path, 76AC_ARG_WITH(trusted_path,
77 ACX_HELP_STRING([--with-trusted-path=PATH], 77 ACX_HELP_STRING([--with-trusted-path=PATH],
78 [sets trusted path for executables called by scripts (default=/bin:/sbin:/usr/bin:/usr/sbin)]), 78 [sets trusted path for executables called by scripts]),
79 with_trusted_path=$withval, 79 with_trusted_path=$withval)
80 with_trusted_path=/bin:/sbin:/usr/bin:/usr/sbin)
81AC_SUBST(with_trusted_path) 80AC_SUBST(with_trusted_path)
82 81
83EXTRAS= 82EXTRAS=
diff --git a/plugins-scripts/check_breeze.pl b/plugins-scripts/check_breeze.pl
index a4e8542c..037060c8 100755
--- a/plugins-scripts/check_breeze.pl
+++ b/plugins-scripts/check_breeze.pl
@@ -12,7 +12,7 @@ $PROGNAME = "check_breeze";
12sub print_help (); 12sub print_help ();
13sub print_usage (); 13sub print_usage ();
14 14
15$ENV{'PATH'}=''; 15$ENV{'PATH'}='@trusted_path@';
16$ENV{'BASH_ENV'}=''; 16$ENV{'BASH_ENV'}='';
17$ENV{'ENV'}=''; 17$ENV{'ENV'}='';
18 18
diff --git a/plugins-scripts/check_disk_smb.pl b/plugins-scripts/check_disk_smb.pl
index 0c89db57..01c560ef 100755
--- a/plugins-scripts/check_disk_smb.pl
+++ b/plugins-scripts/check_disk_smb.pl
@@ -32,7 +32,7 @@ sub print_usage ();
32 32
33$PROGNAME = "check_disk_smb"; 33$PROGNAME = "check_disk_smb";
34 34
35$ENV{'PATH'}=''; 35$ENV{'PATH'}='@trusted_path@';
36$ENV{'BASH_ENV'}=''; 36$ENV{'BASH_ENV'}='';
37$ENV{'ENV'}=''; 37$ENV{'ENV'}='';
38 38
diff --git a/plugins-scripts/check_file_age.pl b/plugins-scripts/check_file_age.pl
index dcd5efab..37bbe86f 100755
--- a/plugins-scripts/check_file_age.pl
+++ b/plugins-scripts/check_file_age.pl
@@ -37,6 +37,10 @@ my ($result, $message, $age, $size, $st);
37 37
38$PROGNAME="check_file_age"; 38$PROGNAME="check_file_age";
39 39
40$ENV{'PATH'}='@trusted_path@';
41$ENV{'BASH_ENV'}='';
42$ENV{'ENV'}='';
43
40$opt_w = 240; 44$opt_w = 240;
41$opt_c = 600; 45$opt_c = 600;
42$opt_W = 0; 46$opt_W = 0;
diff --git a/plugins-scripts/check_flexlm.pl b/plugins-scripts/check_flexlm.pl
index 54d933c7..05973777 100755
--- a/plugins-scripts/check_flexlm.pl
+++ b/plugins-scripts/check_flexlm.pl
@@ -43,7 +43,7 @@ $PROGNAME="check_flexlm";
43sub print_help (); 43sub print_help ();
44sub print_usage (); 44sub print_usage ();
45 45
46$ENV{'PATH'}=''; 46$ENV{'PATH'}='@trusted_path@';
47$ENV{'BASH_ENV'}=''; 47$ENV{'BASH_ENV'}='';
48$ENV{'ENV'}=''; 48$ENV{'ENV'}='';
49 49
diff --git a/plugins-scripts/check_ifoperstatus.pl b/plugins-scripts/check_ifoperstatus.pl
index 588993be..452911b7 100755
--- a/plugins-scripts/check_ifoperstatus.pl
+++ b/plugins-scripts/check_ifoperstatus.pl
@@ -47,6 +47,10 @@ sub usage ($);
47sub print_usage (); 47sub print_usage ();
48sub process_arguments (); 48sub process_arguments ();
49 49
50$ENV{'PATH'}='@trusted_path@';
51$ENV{'BASH_ENV'}='';
52$ENV{'ENV'}='';
53
50my $timeout; 54my $timeout;
51my $status; 55my $status;
52my %ifOperStatus = ('1','up', 56my %ifOperStatus = ('1','up',
diff --git a/plugins-scripts/check_ifstatus.pl b/plugins-scripts/check_ifstatus.pl
index 63c71ffa..421580ad 100755
--- a/plugins-scripts/check_ifstatus.pl
+++ b/plugins-scripts/check_ifstatus.pl
@@ -46,6 +46,9 @@ sub usage ($);
46sub print_usage (); 46sub print_usage ();
47sub process_arguments (); 47sub process_arguments ();
48 48
49$ENV{'PATH'}='@trusted_path@';
50$ENV{'BASH_ENV'}='';
51$ENV{'ENV'}='';
49 52
50my $status; 53my $status;
51my %ifOperStatus = ('1','up', 54my %ifOperStatus = ('1','up',
diff --git a/plugins-scripts/check_ircd.pl b/plugins-scripts/check_ircd.pl
index 42a9bca9..f80c5c65 100755
--- a/plugins-scripts/check_ircd.pl
+++ b/plugins-scripts/check_ircd.pl
@@ -63,9 +63,9 @@ sub bindRemote ($$);
63 63
64# -------------------------------------------------------------[ Enviroment ]-- 64# -------------------------------------------------------------[ Enviroment ]--
65 65
66$ENV{PATH} = ""; 66$ENV{'PATH'}='@trusted_path@';
67$ENV{ENV} = ""; 67$ENV{'BASH_ENV'}='';
68$ENV{BASH_ENV} = ""; 68$ENV{'ENV'}='';
69 69
70# -----------------------------------------------------------------[ Global ]-- 70# -----------------------------------------------------------------[ Global ]--
71 71
diff --git a/plugins-scripts/check_log.sh b/plugins-scripts/check_log.sh
index a1bfb486..a9ff06ad 100755
--- a/plugins-scripts/check_log.sh
+++ b/plugins-scripts/check_log.sh
@@ -57,8 +57,6 @@
57 57
58# Paths to commands used in this script. These 58# Paths to commands used in this script. These
59# may have to be modified to match your system setup. 59# may have to be modified to match your system setup.
60# TV: removed PATH restriction. Need to think more about what this means overall
61#PATH=""
62 60
63ECHO="/bin/echo" 61ECHO="/bin/echo"
64GREP="/bin/egrep" 62GREP="/bin/egrep"
@@ -72,6 +70,7 @@ TOUCH="/bin/touch"
72PROGNAME=`/bin/basename $0` 70PROGNAME=`/bin/basename $0`
73PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'` 71PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'`
74REVISION="@NP_VERSION@" 72REVISION="@NP_VERSION@"
73PATH="@trusted_path@"
75 74
76. $PROGPATH/utils.sh 75. $PROGPATH/utils.sh
77 76
diff --git a/plugins-scripts/check_mailq.pl b/plugins-scripts/check_mailq.pl
index 31eb46a4..1d0a3ad7 100755
--- a/plugins-scripts/check_mailq.pl
+++ b/plugins-scripts/check_mailq.pl
@@ -39,7 +39,7 @@ sub print_help ();
39sub print_usage (); 39sub print_usage ();
40sub process_arguments (); 40sub process_arguments ();
41 41
42$ENV{'PATH'}=''; 42$ENV{'PATH'}='@trusted_path@';
43$ENV{'BASH_ENV'}=''; 43$ENV{'BASH_ENV'}='';
44$ENV{'ENV'}=''; 44$ENV{'ENV'}='';
45$PROGNAME = "check_mailq"; 45$PROGNAME = "check_mailq";
diff --git a/plugins-scripts/check_mssql.pl b/plugins-scripts/check_mssql.pl
index 9a8fc511..4486149d 100755
--- a/plugins-scripts/check_mssql.pl
+++ b/plugins-scripts/check_mssql.pl
@@ -35,6 +35,10 @@ use strict;
35 35
36my $PROGNAME = "check_mssql"; 36my $PROGNAME = "check_mssql";
37 37
38$ENV{'PATH'}='@trusted_path@';
39$ENV{'BASH_ENV'}='';
40$ENV{'ENV'}='';
41
38my ( 42my (
39 $server,$database,$username,$password,$query,$help,$verbose,$timeout, 43 $server,$database,$username,$password,$query,$help,$verbose,$timeout,
40 $dbh,$sth,$row, 44 $dbh,$sth,$row,
diff --git a/plugins-scripts/check_netdns.pl b/plugins-scripts/check_netdns.pl
index ecdbdb1a..9871a9a5 100755
--- a/plugins-scripts/check_netdns.pl
+++ b/plugins-scripts/check_netdns.pl
@@ -32,6 +32,10 @@ use utils ;
32 32
33my $PROGNAME = "check_netdns"; 33my $PROGNAME = "check_netdns";
34 34
35$ENV{'PATH'}='@trusted_path@';
36$ENV{'BASH_ENV'}='';
37$ENV{'ENV'}='';
38
35Getopt::Long::Configure(`bundling`); 39Getopt::Long::Configure(`bundling`);
36GetOptions("V" => $opt_V, "version" => $opt_V, 40GetOptions("V" => $opt_V, "version" => $opt_V,
37 "h" => $opt_h, "help" => $opt_h, 41 "h" => $opt_h, "help" => $opt_h,
diff --git a/plugins-scripts/check_ntp.pl b/plugins-scripts/check_ntp.pl
index 5c87e0a6..cdcbffac 100755
--- a/plugins-scripts/check_ntp.pl
+++ b/plugins-scripts/check_ntp.pl
@@ -69,7 +69,7 @@ $PROGNAME="check_ntp";
69sub print_help (); 69sub print_help ();
70sub print_usage (); 70sub print_usage ();
71 71
72$ENV{'PATH'}=''; 72$ENV{'PATH'}='@trusted_path@';
73$ENV{'BASH_ENV'}=''; 73$ENV{'BASH_ENV'}='';
74$ENV{'ENV'}=''; 74$ENV{'ENV'}='';
75 75
diff --git a/plugins-scripts/check_oracle.sh b/plugins-scripts/check_oracle.sh
index 2a8ab21d..f5302e3b 100755
--- a/plugins-scripts/check_oracle.sh
+++ b/plugins-scripts/check_oracle.sh
@@ -9,6 +9,7 @@
9PROGNAME=`basename $0` 9PROGNAME=`basename $0`
10PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'` 10PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'`
11REVISION="@NP_VERSION@" 11REVISION="@NP_VERSION@"
12PATH="@trusted_path@"
12 13
13. $PROGPATH/utils.sh 14. $PROGPATH/utils.sh
14 15
diff --git a/plugins-scripts/check_rpc.pl b/plugins-scripts/check_rpc.pl
index d2701e95..e09754dd 100755
--- a/plugins-scripts/check_rpc.pl
+++ b/plugins-scripts/check_rpc.pl
@@ -36,9 +36,9 @@ sub print_help ();
36sub print_usage (); 36sub print_usage ();
37sub in ($$); 37sub in ($$);
38 38
39$ENV{'BASH_ENV'}=''; 39$ENV{'PATH'}='@trusted_path@';
40$ENV{'BASH_ENV'}='';
40$ENV{'ENV'}=''; 41$ENV{'ENV'}='';
41$ENV{'PATH'}='';
42$ENV{'LC_ALL'}='C'; 42$ENV{'LC_ALL'}='C';
43 43
44#Initialise protocol for each progname number 44#Initialise protocol for each progname number
diff --git a/plugins-scripts/check_sensors.sh b/plugins-scripts/check_sensors.sh
index 874e1049..53db9b49 100755
--- a/plugins-scripts/check_sensors.sh
+++ b/plugins-scripts/check_sensors.sh
@@ -1,14 +1,13 @@
1#!/bin/sh 1#!/bin/sh
2 2
3PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
4
5PROGNAME=`basename $0` 3PROGNAME=`basename $0`
6PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'` 4PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'`
7REVISION="@NP_VERSION@" 5REVISION="@NP_VERSION@"
6TRUSTED_PATH="@trusted_path@"
7PATH=${TRUSTED_PATH:-"/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"}
8 8
9. $PROGPATH/utils.sh 9. $PROGPATH/utils.sh
10 10
11
12print_usage() { 11print_usage() {
13 echo "Usage: $PROGNAME" [--ignore-fault] 12 echo "Usage: $PROGNAME" [--ignore-fault]
14} 13}
diff --git a/plugins-scripts/check_wave.pl b/plugins-scripts/check_wave.pl
index 2671112a..8f9a4da3 100755
--- a/plugins-scripts/check_wave.pl
+++ b/plugins-scripts/check_wave.pl
@@ -15,7 +15,7 @@ $PROGNAME = "check_wave";
15sub print_help (); 15sub print_help ();
16sub print_usage (); 16sub print_usage ();
17 17
18$ENV{'PATH'}=''; 18$ENV{'PATH'}='@trusted_path@';
19$ENV{'BASH_ENV'}=''; 19$ENV{'BASH_ENV'}='';
20$ENV{'ENV'}=''; 20$ENV{'ENV'}='';
21 21
diff --git a/plugins-scripts/subst.in b/plugins-scripts/subst.in
index a70ad884..49a95ca1 100644
--- a/plugins-scripts/subst.in
+++ b/plugins-scripts/subst.in
@@ -61,18 +61,9 @@ BEGIN {
61# add to libexecdir to INC for perl utils.pm 61# add to libexecdir to INC for perl utils.pm
62/^use/ { if (/lib/) { if (/utils.pm|"."/ ) {sub(/utils.pm|"."/,led() )} } } 62/^use/ { if (/lib/) { if (/utils.pm|"."/ ) {sub(/utils.pm|"."/,led() )} } }
63 63
64 64# Trusted path mechanism
65# Trusted path mechanism (deprecated) 65/@trusted_path@/ {sub(/@trusted_path@/,"@with_trusted_path@");}
66
67/^[ \t]*\$ENV[ \t]*\{[ \t'"]*PATH[ \t"']*\}[ \t]*=/ {
68 sub(/\=[ \t]*['"][^"']+["']/,"='@with_trusted_path@' # autoconf-derived");
69}
70
71/^[\t ]*(export[\t ]*)?PATH[\t ]*=['"]+.+["']$/ {
72 sub(/\=.*$/,"='@with_trusted_path@' # autoconf-derived");
73}
74 66
75{ 67{
76 print; 68 print;
77} 69}
78