[Nagiosplug-devel] [ nagiosplug-Bugs-1291126 ] Alternate ps for Solaris
SourceForge.net
noreply at sourceforge.net
Thu Sep 22 04:42:46 CEST 2005
Bugs item #1291126, was opened at 2005-09-14 12:04
Message generated for change (Comment added) made by seanius
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1291126&group_id=29880
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: CVS
Status: Open
Resolution: None
Priority: 5
Submitted By: Bob Ingraham (rwingraham)
Assigned to: M. Sean Finney (seanius)
Summary: Alternate ps for Solaris
Initial Comment:
Per Sean, I am uploading the source for an alternate ps
utility for Solaris that will work with the existing
check_procs plugin.
This alternate ps gets around the 80-character limitation
inherent in the native ps for Solaris.
It has been extensively testing on our corporate Solaris
farm.
Notes:
1. I've installed this alternate ps (called pst3) in the
libexec directory, along with the other plugins.
2. It needs setuid-root permissions to run, but accepts
no arguments and reads no input streams and therefore
isn't subject to exploitations such as buffer overflow and
the like. The only reason is needs the setuid-root
permission is so that it can open the running kernel
image, in READ-ONLY mode, in order to access the
process argument vectors.
3. It requires a patch to the configuration file which
substitutes this alternate utility instead of ps for Soalris
systems.
Bob
----------------------------------------------------------------------
>Comment By: M. Sean Finney (seanius)
Date: 2005-09-22 07:40
Message:
Logged In: YES
user_id=226838
slight complication, i'll email the list with details...
----------------------------------------------------------------------
Comment By: M. Sean Finney (seanius)
Date: 2005-09-22 05:32
Message:
Logged In: YES
user_id=226838
btw: why isn't pPsInfo->pr_pid included in the output?
----------------------------------------------------------------------
Comment By: M. Sean Finney (seanius)
Date: 2005-09-22 05:16
Message:
Logged In: YES
user_id=226838
hi bob, ton,
i just finished looking over the script, and it looks good.
unfortunately i no longer have root access to a solaris
server, so i can't install the plugin setuid root. i can
still throw together everything else (the configure patch,
etc), but the final test will need to be conducted by
someone else.
----------------------------------------------------------------------
Comment By: Ton Voon (tonvoon)
Date: 2005-09-21 06:14
Message:
Logged In: YES
user_id=664364
Sean,
plugins-root/ is created now. This would be the best place to put pst3.
Ton
----------------------------------------------------------------------
Comment By: Ton Voon (tonvoon)
Date: 2005-09-20 03:55
Message:
Logged In: YES
user_id=664364
Sean,
I have no problem with setuid scripts since we already have check_icmp
and check_dhcp, but they don't install as root at the moment (it is
manually done). I am trying to separate setuid scripts out to plugins-
root/ so then the installer can be configured to install with the correct
permissions, but haven't fully tested my local copy yet. Give me another
day to sort this out.
Ton
----------------------------------------------------------------------
Comment By: M. Sean Finney (seanius)
Date: 2005-09-19 11:27
Message:
Logged In: YES
user_id=226838
hi bob,
thanks for this, i've just taken a look over it. if this
program has to run setuid root to open the kmem structure,
would it be possible to drop priviliges immediately after
having done so?
ton: what are your thoughts about dropping this utility in
the libexec dir? i could throw together a pretty quick
configure patch to decide whether or not the ps utility was
needed. not sure how we're handling the other setuid
programs, but i could follow suit with whatever we're doing
for the others
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1291126&group_id=29880
More information about the Devel
mailing list