diff options
-rw-r--r-- | configure.in | 5 | ||||
-rwxr-xr-x | plugins-scripts/check_breeze.pl | 2 | ||||
-rwxr-xr-x | plugins-scripts/check_disk_smb.pl | 2 | ||||
-rwxr-xr-x | plugins-scripts/check_file_age.pl | 4 | ||||
-rwxr-xr-x | plugins-scripts/check_flexlm.pl | 2 | ||||
-rwxr-xr-x | plugins-scripts/check_ifoperstatus.pl | 4 | ||||
-rwxr-xr-x | plugins-scripts/check_ifstatus.pl | 3 | ||||
-rwxr-xr-x | plugins-scripts/check_ircd.pl | 6 | ||||
-rwxr-xr-x | plugins-scripts/check_log.sh | 3 | ||||
-rwxr-xr-x | plugins-scripts/check_mailq.pl | 2 | ||||
-rwxr-xr-x | plugins-scripts/check_mssql.pl | 4 | ||||
-rwxr-xr-x | plugins-scripts/check_netdns.pl | 4 | ||||
-rwxr-xr-x | plugins-scripts/check_ntp.pl | 2 | ||||
-rwxr-xr-x | plugins-scripts/check_oracle.sh | 1 | ||||
-rwxr-xr-x | plugins-scripts/check_rpc.pl | 4 | ||||
-rwxr-xr-x | plugins-scripts/check_sensors.sh | 5 | ||||
-rwxr-xr-x | plugins-scripts/check_wave.pl | 2 | ||||
-rw-r--r-- | plugins-scripts/subst.in | 13 |
18 files changed, 38 insertions, 30 deletions
diff --git a/configure.in b/configure.in index 7e8c810..7562ca4 100644 --- a/configure.in +++ b/configure.in | |||
@@ -75,9 +75,8 @@ AC_DEFINE_UNQUOTED(CGIURL,"$CGIURL",[URL of CGI programs]) | |||
75 | 75 | ||
76 | AC_ARG_WITH(trusted_path, | 76 | AC_ARG_WITH(trusted_path, |
77 | ACX_HELP_STRING([--with-trusted-path=PATH], | 77 | ACX_HELP_STRING([--with-trusted-path=PATH], |
78 | [sets trusted path for executables called by scripts (default=/bin:/sbin:/usr/bin:/usr/sbin)]), | 78 | [sets trusted path for executables called by scripts]), |
79 | with_trusted_path=$withval, | 79 | with_trusted_path=$withval) |
80 | with_trusted_path=/bin:/sbin:/usr/bin:/usr/sbin) | ||
81 | AC_SUBST(with_trusted_path) | 80 | AC_SUBST(with_trusted_path) |
82 | 81 | ||
83 | EXTRAS= | 82 | EXTRAS= |
diff --git a/plugins-scripts/check_breeze.pl b/plugins-scripts/check_breeze.pl index a4e8542..037060c 100755 --- a/plugins-scripts/check_breeze.pl +++ b/plugins-scripts/check_breeze.pl | |||
@@ -12,7 +12,7 @@ $PROGNAME = "check_breeze"; | |||
12 | sub print_help (); | 12 | sub print_help (); |
13 | sub print_usage (); | 13 | sub print_usage (); |
14 | 14 | ||
15 | $ENV{'PATH'}=''; | 15 | $ENV{'PATH'}='@trusted_path@'; |
16 | $ENV{'BASH_ENV'}=''; | 16 | $ENV{'BASH_ENV'}=''; |
17 | $ENV{'ENV'}=''; | 17 | $ENV{'ENV'}=''; |
18 | 18 | ||
diff --git a/plugins-scripts/check_disk_smb.pl b/plugins-scripts/check_disk_smb.pl index 0c89db5..01c560e 100755 --- a/plugins-scripts/check_disk_smb.pl +++ b/plugins-scripts/check_disk_smb.pl | |||
@@ -32,7 +32,7 @@ sub print_usage (); | |||
32 | 32 | ||
33 | $PROGNAME = "check_disk_smb"; | 33 | $PROGNAME = "check_disk_smb"; |
34 | 34 | ||
35 | $ENV{'PATH'}=''; | 35 | $ENV{'PATH'}='@trusted_path@'; |
36 | $ENV{'BASH_ENV'}=''; | 36 | $ENV{'BASH_ENV'}=''; |
37 | $ENV{'ENV'}=''; | 37 | $ENV{'ENV'}=''; |
38 | 38 | ||
diff --git a/plugins-scripts/check_file_age.pl b/plugins-scripts/check_file_age.pl index dcd5efa..37bbe86 100755 --- a/plugins-scripts/check_file_age.pl +++ b/plugins-scripts/check_file_age.pl | |||
@@ -37,6 +37,10 @@ my ($result, $message, $age, $size, $st); | |||
37 | 37 | ||
38 | $PROGNAME="check_file_age"; | 38 | $PROGNAME="check_file_age"; |
39 | 39 | ||
40 | $ENV{'PATH'}='@trusted_path@'; | ||
41 | $ENV{'BASH_ENV'}=''; | ||
42 | $ENV{'ENV'}=''; | ||
43 | |||
40 | $opt_w = 240; | 44 | $opt_w = 240; |
41 | $opt_c = 600; | 45 | $opt_c = 600; |
42 | $opt_W = 0; | 46 | $opt_W = 0; |
diff --git a/plugins-scripts/check_flexlm.pl b/plugins-scripts/check_flexlm.pl index 54d933c..0597377 100755 --- a/plugins-scripts/check_flexlm.pl +++ b/plugins-scripts/check_flexlm.pl | |||
@@ -43,7 +43,7 @@ $PROGNAME="check_flexlm"; | |||
43 | sub print_help (); | 43 | sub print_help (); |
44 | sub print_usage (); | 44 | sub print_usage (); |
45 | 45 | ||
46 | $ENV{'PATH'}=''; | 46 | $ENV{'PATH'}='@trusted_path@'; |
47 | $ENV{'BASH_ENV'}=''; | 47 | $ENV{'BASH_ENV'}=''; |
48 | $ENV{'ENV'}=''; | 48 | $ENV{'ENV'}=''; |
49 | 49 | ||
diff --git a/plugins-scripts/check_ifoperstatus.pl b/plugins-scripts/check_ifoperstatus.pl index 588993b..452911b 100755 --- a/plugins-scripts/check_ifoperstatus.pl +++ b/plugins-scripts/check_ifoperstatus.pl | |||
@@ -47,6 +47,10 @@ sub usage ($); | |||
47 | sub print_usage (); | 47 | sub print_usage (); |
48 | sub process_arguments (); | 48 | sub process_arguments (); |
49 | 49 | ||
50 | $ENV{'PATH'}='@trusted_path@'; | ||
51 | $ENV{'BASH_ENV'}=''; | ||
52 | $ENV{'ENV'}=''; | ||
53 | |||
50 | my $timeout; | 54 | my $timeout; |
51 | my $status; | 55 | my $status; |
52 | my %ifOperStatus = ('1','up', | 56 | my %ifOperStatus = ('1','up', |
diff --git a/plugins-scripts/check_ifstatus.pl b/plugins-scripts/check_ifstatus.pl index 63c71ff..421580a 100755 --- a/plugins-scripts/check_ifstatus.pl +++ b/plugins-scripts/check_ifstatus.pl | |||
@@ -46,6 +46,9 @@ sub usage ($); | |||
46 | sub print_usage (); | 46 | sub print_usage (); |
47 | sub process_arguments (); | 47 | sub process_arguments (); |
48 | 48 | ||
49 | $ENV{'PATH'}='@trusted_path@'; | ||
50 | $ENV{'BASH_ENV'}=''; | ||
51 | $ENV{'ENV'}=''; | ||
49 | 52 | ||
50 | my $status; | 53 | my $status; |
51 | my %ifOperStatus = ('1','up', | 54 | my %ifOperStatus = ('1','up', |
diff --git a/plugins-scripts/check_ircd.pl b/plugins-scripts/check_ircd.pl index 42a9bca..f80c5c6 100755 --- a/plugins-scripts/check_ircd.pl +++ b/plugins-scripts/check_ircd.pl | |||
@@ -63,9 +63,9 @@ sub bindRemote ($$); | |||
63 | 63 | ||
64 | # -------------------------------------------------------------[ Enviroment ]-- | 64 | # -------------------------------------------------------------[ Enviroment ]-- |
65 | 65 | ||
66 | $ENV{PATH} = ""; | 66 | $ENV{'PATH'}='@trusted_path@'; |
67 | $ENV{ENV} = ""; | 67 | $ENV{'BASH_ENV'}=''; |
68 | $ENV{BASH_ENV} = ""; | 68 | $ENV{'ENV'}=''; |
69 | 69 | ||
70 | # -----------------------------------------------------------------[ Global ]-- | 70 | # -----------------------------------------------------------------[ Global ]-- |
71 | 71 | ||
diff --git a/plugins-scripts/check_log.sh b/plugins-scripts/check_log.sh index a1bfb48..a9ff06a 100755 --- a/plugins-scripts/check_log.sh +++ b/plugins-scripts/check_log.sh | |||
@@ -57,8 +57,6 @@ | |||
57 | 57 | ||
58 | # Paths to commands used in this script. These | 58 | # Paths to commands used in this script. These |
59 | # may have to be modified to match your system setup. | 59 | # may have to be modified to match your system setup. |
60 | # TV: removed PATH restriction. Need to think more about what this means overall | ||
61 | #PATH="" | ||
62 | 60 | ||
63 | ECHO="/bin/echo" | 61 | ECHO="/bin/echo" |
64 | GREP="/bin/egrep" | 62 | GREP="/bin/egrep" |
@@ -72,6 +70,7 @@ TOUCH="/bin/touch" | |||
72 | PROGNAME=`/bin/basename $0` | 70 | PROGNAME=`/bin/basename $0` |
73 | PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'` | 71 | PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'` |
74 | REVISION="@NP_VERSION@" | 72 | REVISION="@NP_VERSION@" |
73 | PATH="@trusted_path@" | ||
75 | 74 | ||
76 | . $PROGPATH/utils.sh | 75 | . $PROGPATH/utils.sh |
77 | 76 | ||
diff --git a/plugins-scripts/check_mailq.pl b/plugins-scripts/check_mailq.pl index 31eb46a..1d0a3ad 100755 --- a/plugins-scripts/check_mailq.pl +++ b/plugins-scripts/check_mailq.pl | |||
@@ -39,7 +39,7 @@ sub print_help (); | |||
39 | sub print_usage (); | 39 | sub print_usage (); |
40 | sub process_arguments (); | 40 | sub process_arguments (); |
41 | 41 | ||
42 | $ENV{'PATH'}=''; | 42 | $ENV{'PATH'}='@trusted_path@'; |
43 | $ENV{'BASH_ENV'}=''; | 43 | $ENV{'BASH_ENV'}=''; |
44 | $ENV{'ENV'}=''; | 44 | $ENV{'ENV'}=''; |
45 | $PROGNAME = "check_mailq"; | 45 | $PROGNAME = "check_mailq"; |
diff --git a/plugins-scripts/check_mssql.pl b/plugins-scripts/check_mssql.pl index 9a8fc51..4486149 100755 --- a/plugins-scripts/check_mssql.pl +++ b/plugins-scripts/check_mssql.pl | |||
@@ -35,6 +35,10 @@ use strict; | |||
35 | 35 | ||
36 | my $PROGNAME = "check_mssql"; | 36 | my $PROGNAME = "check_mssql"; |
37 | 37 | ||
38 | $ENV{'PATH'}='@trusted_path@'; | ||
39 | $ENV{'BASH_ENV'}=''; | ||
40 | $ENV{'ENV'}=''; | ||
41 | |||
38 | my ( | 42 | my ( |
39 | $server,$database,$username,$password,$query,$help,$verbose,$timeout, | 43 | $server,$database,$username,$password,$query,$help,$verbose,$timeout, |
40 | $dbh,$sth,$row, | 44 | $dbh,$sth,$row, |
diff --git a/plugins-scripts/check_netdns.pl b/plugins-scripts/check_netdns.pl index ecdbdb1..9871a9a 100755 --- a/plugins-scripts/check_netdns.pl +++ b/plugins-scripts/check_netdns.pl | |||
@@ -32,6 +32,10 @@ use utils ; | |||
32 | 32 | ||
33 | my $PROGNAME = "check_netdns"; | 33 | my $PROGNAME = "check_netdns"; |
34 | 34 | ||
35 | $ENV{'PATH'}='@trusted_path@'; | ||
36 | $ENV{'BASH_ENV'}=''; | ||
37 | $ENV{'ENV'}=''; | ||
38 | |||
35 | Getopt::Long::Configure(`bundling`); | 39 | Getopt::Long::Configure(`bundling`); |
36 | GetOptions("V" => $opt_V, "version" => $opt_V, | 40 | GetOptions("V" => $opt_V, "version" => $opt_V, |
37 | "h" => $opt_h, "help" => $opt_h, | 41 | "h" => $opt_h, "help" => $opt_h, |
diff --git a/plugins-scripts/check_ntp.pl b/plugins-scripts/check_ntp.pl index 5c87e0a..cdcbffa 100755 --- a/plugins-scripts/check_ntp.pl +++ b/plugins-scripts/check_ntp.pl | |||
@@ -69,7 +69,7 @@ $PROGNAME="check_ntp"; | |||
69 | sub print_help (); | 69 | sub print_help (); |
70 | sub print_usage (); | 70 | sub print_usage (); |
71 | 71 | ||
72 | $ENV{'PATH'}=''; | 72 | $ENV{'PATH'}='@trusted_path@'; |
73 | $ENV{'BASH_ENV'}=''; | 73 | $ENV{'BASH_ENV'}=''; |
74 | $ENV{'ENV'}=''; | 74 | $ENV{'ENV'}=''; |
75 | 75 | ||
diff --git a/plugins-scripts/check_oracle.sh b/plugins-scripts/check_oracle.sh index 2a8ab21..f5302e3 100755 --- a/plugins-scripts/check_oracle.sh +++ b/plugins-scripts/check_oracle.sh | |||
@@ -9,6 +9,7 @@ | |||
9 | PROGNAME=`basename $0` | 9 | PROGNAME=`basename $0` |
10 | PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'` | 10 | PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'` |
11 | REVISION="@NP_VERSION@" | 11 | REVISION="@NP_VERSION@" |
12 | PATH="@trusted_path@" | ||
12 | 13 | ||
13 | . $PROGPATH/utils.sh | 14 | . $PROGPATH/utils.sh |
14 | 15 | ||
diff --git a/plugins-scripts/check_rpc.pl b/plugins-scripts/check_rpc.pl index d2701e9..e09754d 100755 --- a/plugins-scripts/check_rpc.pl +++ b/plugins-scripts/check_rpc.pl | |||
@@ -36,9 +36,9 @@ sub print_help (); | |||
36 | sub print_usage (); | 36 | sub print_usage (); |
37 | sub in ($$); | 37 | sub in ($$); |
38 | 38 | ||
39 | $ENV{'BASH_ENV'}=''; | 39 | $ENV{'PATH'}='@trusted_path@'; |
40 | $ENV{'BASH_ENV'}=''; | ||
40 | $ENV{'ENV'}=''; | 41 | $ENV{'ENV'}=''; |
41 | $ENV{'PATH'}=''; | ||
42 | $ENV{'LC_ALL'}='C'; | 42 | $ENV{'LC_ALL'}='C'; |
43 | 43 | ||
44 | #Initialise protocol for each progname number | 44 | #Initialise protocol for each progname number |
diff --git a/plugins-scripts/check_sensors.sh b/plugins-scripts/check_sensors.sh index 874e104..53db9b4 100755 --- a/plugins-scripts/check_sensors.sh +++ b/plugins-scripts/check_sensors.sh | |||
@@ -1,14 +1,13 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | 2 | ||
3 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin | ||
4 | |||
5 | PROGNAME=`basename $0` | 3 | PROGNAME=`basename $0` |
6 | PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'` | 4 | PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'` |
7 | REVISION="@NP_VERSION@" | 5 | REVISION="@NP_VERSION@" |
6 | TRUSTED_PATH="@trusted_path@" | ||
7 | PATH=${TRUSTED_PATH:-"/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"} | ||
8 | 8 | ||
9 | . $PROGPATH/utils.sh | 9 | . $PROGPATH/utils.sh |
10 | 10 | ||
11 | |||
12 | print_usage() { | 11 | print_usage() { |
13 | echo "Usage: $PROGNAME" [--ignore-fault] | 12 | echo "Usage: $PROGNAME" [--ignore-fault] |
14 | } | 13 | } |
diff --git a/plugins-scripts/check_wave.pl b/plugins-scripts/check_wave.pl index 2671112..8f9a4da 100755 --- a/plugins-scripts/check_wave.pl +++ b/plugins-scripts/check_wave.pl | |||
@@ -15,7 +15,7 @@ $PROGNAME = "check_wave"; | |||
15 | sub print_help (); | 15 | sub print_help (); |
16 | sub print_usage (); | 16 | sub print_usage (); |
17 | 17 | ||
18 | $ENV{'PATH'}=''; | 18 | $ENV{'PATH'}='@trusted_path@'; |
19 | $ENV{'BASH_ENV'}=''; | 19 | $ENV{'BASH_ENV'}=''; |
20 | $ENV{'ENV'}=''; | 20 | $ENV{'ENV'}=''; |
21 | 21 | ||
diff --git a/plugins-scripts/subst.in b/plugins-scripts/subst.in index a70ad88..49a95ca 100644 --- a/plugins-scripts/subst.in +++ b/plugins-scripts/subst.in | |||
@@ -61,18 +61,9 @@ BEGIN { | |||
61 | # add to libexecdir to INC for perl utils.pm | 61 | # add to libexecdir to INC for perl utils.pm |
62 | /^use/ { if (/lib/) { if (/utils.pm|"."/ ) {sub(/utils.pm|"."/,led() )} } } | 62 | /^use/ { if (/lib/) { if (/utils.pm|"."/ ) {sub(/utils.pm|"."/,led() )} } } |
63 | 63 | ||
64 | 64 | # Trusted path mechanism | |
65 | # Trusted path mechanism (deprecated) | 65 | /@trusted_path@/ {sub(/@trusted_path@/,"@with_trusted_path@");} |
66 | |||
67 | /^[ \t]*\$ENV[ \t]*\{[ \t'"]*PATH[ \t"']*\}[ \t]*=/ { | ||
68 | sub(/\=[ \t]*['"][^"']+["']/,"='@with_trusted_path@' # autoconf-derived"); | ||
69 | } | ||
70 | |||
71 | /^[\t ]*(export[\t ]*)?PATH[\t ]*=['"]+.+["']$/ { | ||
72 | sub(/\=.*$/,"='@with_trusted_path@' # autoconf-derived"); | ||
73 | } | ||
74 | 66 | ||
75 | { | 67 | { |
76 | print; | 68 | print; |
77 | } | 69 | } |
78 | |||