[Nagiosplug-devel] [ nagiosplug-Bugs-1291126 ] Alternate ps for Solaris

SourceForge.net noreply at sourceforge.net
Thu Sep 22 04:42:46 CEST 2005


Bugs item #1291126, was opened at 2005-09-14 12:04
Message generated for change (Comment added) made by seanius
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1291126&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: CVS
Status: Open
Resolution: None
Priority: 5
Submitted By: Bob Ingraham (rwingraham)
Assigned to: M. Sean Finney (seanius)
Summary: Alternate ps for Solaris

Initial Comment:
Per Sean, I am uploading the source for an alternate ps 
utility for Solaris that will work with the existing 
check_procs plugin.

This alternate ps gets around the 80-character limitation 
inherent in the native ps for Solaris.

It has been extensively testing on our corporate Solaris 
farm.

Notes:

1. I've installed this alternate ps (called pst3) in the 
libexec directory, along with the other plugins.

2. It needs setuid-root permissions to run, but accepts 
no arguments and reads no input streams and therefore 
isn't subject to exploitations such as buffer overflow and 
the like.  The only reason is needs the setuid-root 
permission is so that it can open the running kernel 
image, in READ-ONLY mode, in order to access the 
process argument vectors.

3. It requires a patch to the configuration file which 
substitutes this alternate utility instead of ps for Soalris 
systems.

Bob


----------------------------------------------------------------------

>Comment By: M. Sean Finney (seanius)
Date: 2005-09-22 07:40

Message:
Logged In: YES 
user_id=226838

slight complication, i'll email the list with details...

----------------------------------------------------------------------

Comment By: M. Sean Finney (seanius)
Date: 2005-09-22 05:32

Message:
Logged In: YES 
user_id=226838

btw: why isn't pPsInfo->pr_pid included in the output?

----------------------------------------------------------------------

Comment By: M. Sean Finney (seanius)
Date: 2005-09-22 05:16

Message:
Logged In: YES 
user_id=226838

hi bob, ton,

i just finished looking over the script, and it looks good.
 unfortunately i no longer have root access to a solaris
server, so i can't install the plugin setuid root.  i can
still throw together everything else (the configure patch,
etc), but the final test will need to be conducted by
someone else.


----------------------------------------------------------------------

Comment By: Ton Voon (tonvoon)
Date: 2005-09-21 06:14

Message:
Logged In: YES 
user_id=664364

Sean,

plugins-root/ is created now. This would be the best place to put pst3.

Ton

----------------------------------------------------------------------

Comment By: Ton Voon (tonvoon)
Date: 2005-09-20 03:55

Message:
Logged In: YES 
user_id=664364

Sean,

I have no problem with setuid scripts since we already have check_icmp 
and check_dhcp, but they don't install as root at the moment (it is 
manually done). I am trying to separate setuid scripts out to plugins-
root/ so then the installer can be configured to install with the correct 
permissions, but haven't fully tested my local copy yet. Give me another 
day to sort this out.

Ton

----------------------------------------------------------------------

Comment By: M. Sean Finney (seanius)
Date: 2005-09-19 11:27

Message:
Logged In: YES 
user_id=226838

hi bob,

thanks for this, i've just taken a look over it.  if this
program has to run setuid root to open the kmem structure,
would it be possible to drop priviliges immediately after
having done so?

ton:  what are your thoughts about dropping this utility in
the libexec dir?  i could throw together a pretty quick
configure patch to decide whether or not the ps utility was
needed.  not sure how we're handling the other setuid
programs, but i could follow suit with whatever we're doing
for the others

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1291126&group_id=29880




More information about the Devel mailing list