diff options
-rw-r--r-- | lib/utils_base.c | 15 | ||||
-rw-r--r-- | lib/utils_base.h | 7 | ||||
-rw-r--r-- | plugins-root/check_dhcp.c | 5 | ||||
-rw-r--r-- | plugins-root/check_icmp.c | 3 |
4 files changed, 29 insertions, 1 deletions
diff --git a/lib/utils_base.c b/lib/utils_base.c index db21ea15..da281286 100644 --- a/lib/utils_base.c +++ b/lib/utils_base.c @@ -228,3 +228,18 @@ char *np_escaped_string (const char *string) { data[j] = '\0'; return data; } + +int np_check_if_root(void) { return (geteuid() == 0); } + +int np_warn_if_not_root(void) { + int status = np_check_if_root(); + if(!status) { + printf(_("Warning: ")); + printf(_("This plugin must be either run as root or setuid root.\n")); + printf(_("To run as root, you can use a tool like sudo.\n")); + printf(_("To set the setuid permissions, use the command:\n")); + // XXX could we use something like progname? + printf("\tchmod u+s yourpluginfile\n"); + } + return status; +} diff --git a/lib/utils_base.h b/lib/utils_base.h index b722d0ec..bda76595 100644 --- a/lib/utils_base.h +++ b/lib/utils_base.h @@ -43,4 +43,11 @@ void die (int, const char *, ...) __attribute__((noreturn,format(printf, 2, 3))) #define NP_RANGE_UNPARSEABLE 1 #define NP_WARN_WITHIN_CRIT 2 +/* a simple check to see if we're running as root. + * returns zero on failure, nonzero on success */ +int np_check_if_root(void); +/* and a helpful wrapper around that. it returns the same status + * code from the above function, in case it's helpful for testing */ +int np_warn_if_not_root(void); + #endif /* _UTILS_BASE_ */ diff --git a/plugins-root/check_dhcp.c b/plugins-root/check_dhcp.c index 8559d634..7cb2d300 100644 --- a/plugins-root/check_dhcp.c +++ b/plugins-root/check_dhcp.c @@ -250,10 +250,13 @@ int main(int argc, char **argv){ int dhcp_socket; int result = STATE_UNKNOWN; + /* this plugin almost certainly needs root permissions. */ + np_warn_if_not_root(); + setlocale (LC_ALL, ""); bindtextdomain (PACKAGE, LOCALEDIR); textdomain (PACKAGE); - + if(process_arguments(argc,argv)!=OK){ usage4 (_("Could not parse arguments")); } diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c index 7e3b00f3..7f9160c4 100644 --- a/plugins-root/check_icmp.c +++ b/plugins-root/check_icmp.c @@ -372,6 +372,9 @@ main(int argc, char **argv) int result; struct rta_host *host; + /* print a helpful error message if geteuid != 0 */ + np_warn_if_not_root(); + /* we only need to be setsuid when we get the sockets, so do * that before pointer magic (esp. on network data) */ icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0; |