aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/utils_base.c15
-rw-r--r--lib/utils_base.h7
-rw-r--r--plugins-root/check_dhcp.c5
-rw-r--r--plugins-root/check_icmp.c3
4 files changed, 29 insertions, 1 deletions
diff --git a/lib/utils_base.c b/lib/utils_base.c
index db21ea15..da281286 100644
--- a/lib/utils_base.c
+++ b/lib/utils_base.c
@@ -228,3 +228,18 @@ char *np_escaped_string (const char *string) {
data[j] = '\0';
return data;
}
+
+int np_check_if_root(void) { return (geteuid() == 0); }
+
+int np_warn_if_not_root(void) {
+ int status = np_check_if_root();
+ if(!status) {
+ printf(_("Warning: "));
+ printf(_("This plugin must be either run as root or setuid root.\n"));
+ printf(_("To run as root, you can use a tool like sudo.\n"));
+ printf(_("To set the setuid permissions, use the command:\n"));
+ // XXX could we use something like progname?
+ printf("\tchmod u+s yourpluginfile\n");
+ }
+ return status;
+}
diff --git a/lib/utils_base.h b/lib/utils_base.h
index b722d0ec..bda76595 100644
--- a/lib/utils_base.h
+++ b/lib/utils_base.h
@@ -43,4 +43,11 @@ void die (int, const char *, ...) __attribute__((noreturn,format(printf, 2, 3)))
#define NP_RANGE_UNPARSEABLE 1
#define NP_WARN_WITHIN_CRIT 2
+/* a simple check to see if we're running as root.
+ * returns zero on failure, nonzero on success */
+int np_check_if_root(void);
+/* and a helpful wrapper around that. it returns the same status
+ * code from the above function, in case it's helpful for testing */
+int np_warn_if_not_root(void);
+
#endif /* _UTILS_BASE_ */
diff --git a/plugins-root/check_dhcp.c b/plugins-root/check_dhcp.c
index 8559d634..7cb2d300 100644
--- a/plugins-root/check_dhcp.c
+++ b/plugins-root/check_dhcp.c
@@ -250,10 +250,13 @@ int main(int argc, char **argv){
int dhcp_socket;
int result = STATE_UNKNOWN;
+ /* this plugin almost certainly needs root permissions. */
+ np_warn_if_not_root();
+
setlocale (LC_ALL, "");
bindtextdomain (PACKAGE, LOCALEDIR);
textdomain (PACKAGE);
-
+
if(process_arguments(argc,argv)!=OK){
usage4 (_("Could not parse arguments"));
}
diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c
index 7e3b00f3..7f9160c4 100644
--- a/plugins-root/check_icmp.c
+++ b/plugins-root/check_icmp.c
@@ -372,6 +372,9 @@ main(int argc, char **argv)
int result;
struct rta_host *host;
+ /* print a helpful error message if geteuid != 0 */
+ np_warn_if_not_root();
+
/* we only need to be setsuid when we get the sockets, so do
* that before pointer magic (esp. on network data) */
icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0;