Module: check_mk
Branch: master
Commit: 86cf5a8227fe1b230dcff5fed07dff4dfadea1b8
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=86cf5a8227fe1b…
Author: Mathias Kettner <mk(a)mathias-kettner.de>
Date: Mon Nov 23 21:16:45 2015 +0100
#2777 FIX check_mk_agent.linux: avoid execution of .deb temporary files as plugins
---
.werks/2777 | 9 +++++++++
ChangeLog | 1 +
agents/check_mk_agent.linux | 13 +++++++++----
3 files changed, 19 insertions(+), 4 deletions(-)
diff --git a/.werks/2777 b/.werks/2777
new file mode 100644
index 0000000..06aa6a2
--- /dev/null
+++ b/.werks/2777
@@ -0,0 +1,9 @@
+Title: check_mk_agent.linux: avoid execution of .deb temporary files as plugins
+Level: 1
+Component: checks
+Compatible: compat
+Version: 1.2.7i4
+Date: 1448309782
+Class: fix
+
+
diff --git a/ChangeLog b/ChangeLog
index 44c8f85..64a0988 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -96,6 +96,7 @@
* 2844 FIX: heartbeat_crm: Fixed problem processing the state of clone set resources
* 2798 FIX: netapp_api_cpu: fixed incorrect scaling of CPU data in NetApp
Clustermode...
* 2799 FIX: check_mail_loop: "Use TLS over SMTP" option did not work
+ * 2777 FIX: check_mk_agent.linux: avoid execution of .deb temporary files as plugins
Multisite:
* 2684 Added icons for downloading agent data / walks of hosts...
diff --git a/agents/check_mk_agent.linux b/agents/check_mk_agent.linux
index d32045d..949bc51 100755
--- a/agents/check_mk_agent.linux
+++ b/agents/check_mk_agent.linux
@@ -723,17 +723,22 @@ then
done
fi
+function is_valid_plugin () {
+ [[ -f "$1" && -x "$1" && ! "$1" =~
\.dpkg-(new|old|temp)$ ]] && true || false
+}
+
+
# Local checks
echo '<<<local>>>'
if cd $LOCALDIR ; then
for skript in $(ls) ; do
- if [ -f "$skript" -a -x "$skript" ] ; then
+ if is_valid_plugin "$skript" ; then
./$skript
fi
done
# Call some plugins only every X'th second
for skript in [1-9]*/* ; do
- if [ -x "$skript" ] ; then
+ if is_valid_plugin "$skript" ; then
run_cached local_${skript//\//\\} ${skript%/*} "$skript"
fi
done
@@ -742,13 +747,13 @@ fi
# Plugins
if cd $PLUGINSDIR ; then
for skript in $(ls) ; do
- if [ -f "$skript" -a -x "$skript" ] ; then
+ if is_valid_plugin "$skript" ; then
./$skript
fi
done
# Call some plugins only every Xth second
for skript in [1-9]*/* ; do
- if [ -x "$skript" ] ; then
+ if is_valid_plugin "$skript" ; then
run_cached plugins_${skript//\//\\} ${skript%/*} "$skript"
fi
done