summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/utils_base.c15
-rw-r--r--lib/utils_base.h7
-rw-r--r--plugins-root/check_dhcp.c5
-rw-r--r--plugins-root/check_icmp.c3
4 files changed, 29 insertions, 1 deletions
diff --git a/lib/utils_base.c b/lib/utils_base.c
index db21ea15..da281286 100644
--- a/lib/utils_base.c
+++ b/lib/utils_base.c
@@ -228,3 +228,18 @@ char *np_escaped_string (const char *string) {
228 data[j] = '\0'; 228 data[j] = '\0';
229 return data; 229 return data;
230} 230}
231
232int np_check_if_root(void) { return (geteuid() == 0); }
233
234int np_warn_if_not_root(void) {
235 int status = np_check_if_root();
236 if(!status) {
237 printf(_("Warning: "));
238 printf(_("This plugin must be either run as root or setuid root.\n"));
239 printf(_("To run as root, you can use a tool like sudo.\n"));
240 printf(_("To set the setuid permissions, use the command:\n"));
241 // XXX could we use something like progname?
242 printf("\tchmod u+s yourpluginfile\n");
243 }
244 return status;
245}
diff --git a/lib/utils_base.h b/lib/utils_base.h
index b722d0ec..bda76595 100644
--- a/lib/utils_base.h
+++ b/lib/utils_base.h
@@ -43,4 +43,11 @@ void die (int, const char *, ...) __attribute__((noreturn,format(printf, 2, 3)))
43#define NP_RANGE_UNPARSEABLE 1 43#define NP_RANGE_UNPARSEABLE 1
44#define NP_WARN_WITHIN_CRIT 2 44#define NP_WARN_WITHIN_CRIT 2
45 45
46/* a simple check to see if we're running as root.
47 * returns zero on failure, nonzero on success */
48int np_check_if_root(void);
49/* and a helpful wrapper around that. it returns the same status
50 * code from the above function, in case it's helpful for testing */
51int np_warn_if_not_root(void);
52
46#endif /* _UTILS_BASE_ */ 53#endif /* _UTILS_BASE_ */
diff --git a/plugins-root/check_dhcp.c b/plugins-root/check_dhcp.c
index 8559d634..7cb2d300 100644
--- a/plugins-root/check_dhcp.c
+++ b/plugins-root/check_dhcp.c
@@ -250,10 +250,13 @@ int main(int argc, char **argv){
250 int dhcp_socket; 250 int dhcp_socket;
251 int result = STATE_UNKNOWN; 251 int result = STATE_UNKNOWN;
252 252
253 /* this plugin almost certainly needs root permissions. */
254 np_warn_if_not_root();
255
253 setlocale (LC_ALL, ""); 256 setlocale (LC_ALL, "");
254 bindtextdomain (PACKAGE, LOCALEDIR); 257 bindtextdomain (PACKAGE, LOCALEDIR);
255 textdomain (PACKAGE); 258 textdomain (PACKAGE);
256 259
257 if(process_arguments(argc,argv)!=OK){ 260 if(process_arguments(argc,argv)!=OK){
258 usage4 (_("Could not parse arguments")); 261 usage4 (_("Could not parse arguments"));
259 } 262 }
diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c
index 7e3b00f3..7f9160c4 100644
--- a/plugins-root/check_icmp.c
+++ b/plugins-root/check_icmp.c
@@ -372,6 +372,9 @@ main(int argc, char **argv)
372 int result; 372 int result;
373 struct rta_host *host; 373 struct rta_host *host;
374 374
375 /* print a helpful error message if geteuid != 0 */
376 np_warn_if_not_root();
377
375 /* we only need to be setsuid when we get the sockets, so do 378 /* we only need to be setsuid when we get the sockets, so do
376 * that before pointer magic (esp. on network data) */ 379 * that before pointer magic (esp. on network data) */
377 icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0; 380 icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0;