diff options
-rw-r--r-- | lib/utils_base.c | 15 | ||||
-rw-r--r-- | lib/utils_base.h | 7 | ||||
-rw-r--r-- | plugins-root/check_dhcp.c | 5 | ||||
-rw-r--r-- | plugins-root/check_icmp.c | 3 |
4 files changed, 29 insertions, 1 deletions
diff --git a/lib/utils_base.c b/lib/utils_base.c index db21ea15..da281286 100644 --- a/lib/utils_base.c +++ b/lib/utils_base.c | |||
@@ -228,3 +228,18 @@ char *np_escaped_string (const char *string) { | |||
228 | data[j] = '\0'; | 228 | data[j] = '\0'; |
229 | return data; | 229 | return data; |
230 | } | 230 | } |
231 | |||
232 | int np_check_if_root(void) { return (geteuid() == 0); } | ||
233 | |||
234 | int np_warn_if_not_root(void) { | ||
235 | int status = np_check_if_root(); | ||
236 | if(!status) { | ||
237 | printf(_("Warning: ")); | ||
238 | printf(_("This plugin must be either run as root or setuid root.\n")); | ||
239 | printf(_("To run as root, you can use a tool like sudo.\n")); | ||
240 | printf(_("To set the setuid permissions, use the command:\n")); | ||
241 | // XXX could we use something like progname? | ||
242 | printf("\tchmod u+s yourpluginfile\n"); | ||
243 | } | ||
244 | return status; | ||
245 | } | ||
diff --git a/lib/utils_base.h b/lib/utils_base.h index b722d0ec..bda76595 100644 --- a/lib/utils_base.h +++ b/lib/utils_base.h | |||
@@ -43,4 +43,11 @@ void die (int, const char *, ...) __attribute__((noreturn,format(printf, 2, 3))) | |||
43 | #define NP_RANGE_UNPARSEABLE 1 | 43 | #define NP_RANGE_UNPARSEABLE 1 |
44 | #define NP_WARN_WITHIN_CRIT 2 | 44 | #define NP_WARN_WITHIN_CRIT 2 |
45 | 45 | ||
46 | /* a simple check to see if we're running as root. | ||
47 | * returns zero on failure, nonzero on success */ | ||
48 | int np_check_if_root(void); | ||
49 | /* and a helpful wrapper around that. it returns the same status | ||
50 | * code from the above function, in case it's helpful for testing */ | ||
51 | int np_warn_if_not_root(void); | ||
52 | |||
46 | #endif /* _UTILS_BASE_ */ | 53 | #endif /* _UTILS_BASE_ */ |
diff --git a/plugins-root/check_dhcp.c b/plugins-root/check_dhcp.c index 8559d634..7cb2d300 100644 --- a/plugins-root/check_dhcp.c +++ b/plugins-root/check_dhcp.c | |||
@@ -250,10 +250,13 @@ int main(int argc, char **argv){ | |||
250 | int dhcp_socket; | 250 | int dhcp_socket; |
251 | int result = STATE_UNKNOWN; | 251 | int result = STATE_UNKNOWN; |
252 | 252 | ||
253 | /* this plugin almost certainly needs root permissions. */ | ||
254 | np_warn_if_not_root(); | ||
255 | |||
253 | setlocale (LC_ALL, ""); | 256 | setlocale (LC_ALL, ""); |
254 | bindtextdomain (PACKAGE, LOCALEDIR); | 257 | bindtextdomain (PACKAGE, LOCALEDIR); |
255 | textdomain (PACKAGE); | 258 | textdomain (PACKAGE); |
256 | 259 | ||
257 | if(process_arguments(argc,argv)!=OK){ | 260 | if(process_arguments(argc,argv)!=OK){ |
258 | usage4 (_("Could not parse arguments")); | 261 | usage4 (_("Could not parse arguments")); |
259 | } | 262 | } |
diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c index 7e3b00f3..7f9160c4 100644 --- a/plugins-root/check_icmp.c +++ b/plugins-root/check_icmp.c | |||
@@ -372,6 +372,9 @@ main(int argc, char **argv) | |||
372 | int result; | 372 | int result; |
373 | struct rta_host *host; | 373 | struct rta_host *host; |
374 | 374 | ||
375 | /* print a helpful error message if geteuid != 0 */ | ||
376 | np_warn_if_not_root(); | ||
377 | |||
375 | /* we only need to be setsuid when we get the sockets, so do | 378 | /* we only need to be setsuid when we get the sockets, so do |
376 | * that before pointer magic (esp. on network data) */ | 379 | * that before pointer magic (esp. on network data) */ |
377 | icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0; | 380 | icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0; |