[Nagiosplug-devel] [Nagiosplug-help] SSH Plugins

Andreas Ericsson ae at op5.se
Fri Jun 18 09:55:19 CEST 2010

Previous message: [Nagiosplug-devel] [Nagiosplug-help] SSH Plugins
Next message: [Nagiosplug-devel] [Nagiosplug-help] SSH Plugins
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/18/2010 09:47 AM, Ton Voon wrote:
> 
> On 18 Jun 2010, at 04:29, Thomas Guyot-Sionnest wrote:
> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On 10-06-04 10:25 AM, Franz, Jay wrote:
>>> Has anyone had any success getting the nagios plugins, check_ssh and
>>> check_by_ssh to work through a socks firewall?  I can configure my
>>> ssh
>>> client, via environment variables or command line options, with no
>>> problems.  But, I have had no success with the plugins as there seems
>>> to be no way to pass either environment variables or command line
>>> options to the plugins.  Any help would be appreciated.
>>
>> I'm adding the devel list....
>>
>> This is an excellent point... lib/utils_cmd.c:140 creates a new empty
>> environment array with LC_ALL=C.
>>
>> Instead we could use the current environment in:
>> extern char **environ;
>>
>> Now I'm wondering if we should rewrite **environ with the LC_ALL
>> changed/added or if we can ignore it. Ton, since you added
>> utils_cmd, do
>> you have any idea?
> 
> I set to C, to ensure that the output is not localised from the other
> end. But that wouldn't work in different locales if you wanted to
> capture 3rd party error messages in other languages. So it probably
> should be a plugin writer's decision whether to set LC_ALL=C.
> 
> As to the whole environment, I can't recall why it is wiped. I can see
> that PATH could have been altered which maybe a security risk, but
> that seems like a bad excuse, especially if your system requires
> different PATHs to be set to get to some binaries (*cough*, Solaris).
> 

It was wiped in the old popen() based implementation. I retained that
behaviour when I wrote the runcmd() wrapper thing, and noone seems to
have gotten around to reverting that change. I think setting LC_ALL=C
explicitly and retaining the rest of the environment would be a far
better solution, although that environment should almost certainly be
passed in from the caller rather than automangled at the lowest level.
That way, we can simply use the incredibly portable

  int main(int argc, char **argv, char **env);

declaration of 'main'. I have no idea if 'extern char *environ;' is
around on all systems where we'd like to support plugin execution,
but the declaration style above works even on VMS and Ultrix, so it's
safe to assume it will work everywhere.

-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231

Considering the successes of the wars on alcohol, poverty, drugs and
terror, I think we should give some serious thought to declaring war
on peace.

Previous message: [Nagiosplug-devel] [Nagiosplug-help] SSH Plugins
Next message: [Nagiosplug-devel] [Nagiosplug-help] SSH Plugins
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Devel mailing list