Syntax cleanup, removed some non-working SUID entries

This commit is contained in:
Emanuel Duss 2020-11-13 11:56:48 +01:00
parent bd1e3ce65d
commit 764b2685bc
16 changed files with 65 additions and 105 deletions

View File

@ -4,26 +4,18 @@ description: |
functions:
command:
- code: |
COMMAND='/usr/bin/id'
OUTPUT="output_file"
COMMAND=id
OUTPUT=output_file
TF=$(mktemp)
echo "ProxyCommand \"$COMMAND\" | tee \"$OUTPUT\"" > $TF
check_by_ssh -F "$TF" -H localhost -C something
cat $OUTPUT
suid:
- code: |
COMMAND='/usr/bin/id'
OUTPUT="output_file"
TF=$(mktemp)
echo "ProxyCommand \"$COMMAND\" | tee \"$OUTPUT\"" > $TF
check_by_ssh -F "$TF" -H localhost -C something
echo "ProxyCommand $COMMAND | tee $OUTPUT" > $TF
check_by_ssh -F $TF -H localhost -C something
cat $OUTPUT
sudo:
- code: |
COMMAND='/usr/bin/id'
OUTPUT="output_file"
COMMAND=id
OUTPUT=output_file
TF=$(mktemp)
echo "ProxyCommand \"$COMMAND\" | tee \"$OUTPUT\"" > $TF
check_by_ssh -F "$TF" -H localhost -C something
echo "ProxyCommand $COMMAND | tee $OUTPUT" > $TF
sudo check_by_ssh -F $TF -H localhost -C something
cat $OUTPUT
---

View File

@ -5,13 +5,9 @@ functions:
file-read:
- code: |
LFILE=file_to_read
check_cups --extra-opts=@"$LFILE"
suid:
- code: |
LFILE=file_to_read
./check_cups --extra-opts=@"$LFILE"
check_cups --extra-opts=@$LFILE
sudo:
- code: |
LFILE=file_to_read
sudo check_cups --extra-opts=@"$LFILE"
sudo check_cups --extra-opts=@$LFILE
---

View File

@ -6,25 +6,17 @@ functions:
- code: |
LFILE=file_to_read
OUTPUT=output_file
umask 022
check_log -F "$LFILE" -O "$OUTPUT"
cat "$OUTPUT"
check_log -F $LFILE -O $OUTPUT
cat $OUTPUT
file-write:
- code: |
LFILE=file_to_write
INPUT=output_file
umask 022
check_log -F "$INPUT" -O "$LFILE"
suid:
- code: |
LFILE=file_to_write
INPUT=output_file
umask 022
./check_log -F "$INPUT" -O "$LFILE"
check_log -F $INPUT -O $LFILE
sudo:
- code: |
LFILE=file_to_write
INPUT=output_file
umask 022
sudo check_log -F "$INPUT" -O "$LFILE"
sudo check_log -F $INPUT -O $LFILE
---

View File

@ -5,13 +5,9 @@ functions:
file-read:
- code: |
LFILE=file_to_read
check_memory --extra-opts=@"$LFILE"
suid:
- code: |
LFILE=file_to_read
./check_memory --extra-opts=@"$LFILE"
check_memory --extra-opts=@$LFILE
sudo:
- code: |
LFILE=file_to_read
sudo check_memory --extra-opts=@"$LFILE"
sudo check_memory --extra-opts=@$LFILE
---

View File

@ -5,13 +5,9 @@ functions:
file-read:
- code: |
LFILE=file_to_read
check_raid --extra-opts=@"$LFILE"
suid:
- code: |
LFILE=file_to_read
./check_raid --extra-opts=@"$LFILE"
check_raid --extra-opts=@$LFILE
sudo:
- code: |
LFILE=file_to_read
sudo check_raid --extra-opts=@"$LFILE"
sudo check_raid --extra-opts=@$LFILE
---

View File

@ -3,32 +3,24 @@ description: |
This is the `check_by_ssh` Nagios plugin, available e.g. in `/usr/lib/nagios/plugins/`.
functions:
command:
- code: |
COMMAND='/usr/bin/id'
OUTPUT="output_file"
- description: The host example.net must return a certificate via TLS
code: |
COMMAND=id
OUTPUT=output_file
TF=$(mktemp)
echo "$COMMAND | tee \"$OUTPUT\"" > $TF
echo "$COMMAND | tee $OUTPUT" > $TF
chmod +x $TF
check_ssl_cert --curl-bin "$TF" -H example.com # example.com must provide TLS
cat $OUTPUT
suid:
- code: |
COMMAND='/usr/bin/id'
OUTPUT="output_file"
umask 022
TF=$(mktemp)
echo "$COMMAND | tee \"$OUTPUT\"" > $TF
chmod +x $TF
./check_ssl_cert --curl-bin "$TF" -H example.com # example.com must provide TLS
check_ssl_cert --curl-bin $TF -H example.net
cat $OUTPUT
sudo:
- code: |
COMMAND='/usr/bin/id'
OUTPUT="output_file"
umask 022
- description: The host example.net must return a certificate via TLS
code: |
COMMAND=id
OUTPUT=output_file
TF=$(mktemp)
echo "$COMMAND | tee \"$OUTPUT\"" > $TF
echo "$COMMAND | tee $OUTPUT" > $TF
chmod +x $TF
sudo check_ssl_cert --curl-bin "$TF" -H example.com # example.com must provide TLS
umask 022
check_ssl_cert --curl-bin $TF -H example.net
cat $OUTPUT
---

View File

@ -5,13 +5,9 @@ functions:
file-read:
- code: |
LFILE=file_to_read
check_statusfile "$LFILE"
suid:
- code: |
LFILE=file_to_read
./check_statusfile "$LFILE"
check_statusfile $LFILE
sudo:
- code: |
LFILE=file_to_read
sudo check_statusfile "$LFILE"
sudo check_statusfile $LFILE
---

View File

@ -3,13 +3,13 @@ functions:
file-read:
- code: |
LFILE=file_to_read
column "$LFILE"
column $LFILE
suid:
- code: |
LFILE=file_to_read
./column "$LFILE"
./column $LFILE
sudo:
- code: |
LFILE=file_to_read
sudo column "$LFILE"
sudo column $LFILE
---

View File

@ -3,7 +3,7 @@ functions:
shell:
- code: |
ex
!/bin/sh
!sh
file-write:
- code: |
ex file_to_write
@ -20,9 +20,9 @@ functions:
sudo:
- code: |
sudo ex
!/bin/sh
limited-suid:
!sh
suid:
- code: |
./ex
!/bin/sh
!sh -p
---

View File

@ -4,15 +4,15 @@ functions:
- code: |
psql
\?
!/bin/sh
sudo:
- code: |
psql
\?
!/bin/sh
!sh
suid:
- code: |
psql
\?
!/bin/sh
!sh -p
sudo:
- code: |
psql
\?
!sh
---

View File

@ -3,13 +3,13 @@ functions:
file-read:
- code: |
LFILE=file_to_read
rev "$LFILE" | rev
rev $LFILE | rev
suid:
- code: |
LFILE=file_to_read
./rev "$LFILE" | rev
./rev $LFILE | rev
sudo:
- code: |
LFILE=file_to_read
sudo rev "$LFILE" | rev
sudo rev $LFILE | rev
---

View File

@ -5,13 +5,13 @@ functions:
file-read:
- code: |
LFILE=file_to_read
ss -a -F "$LFILE"
ss -a -F $LFILE
suid:
- code: |
LFILE=file_to_read
./ss -a -F "$LFILE"
./ss -a -F $LFILE
sudo:
- code: |
LFILE=file_to_read
sudo ss -a -F "$LFILE"
sudo ss -a -F $LFILE
---

View File

@ -5,13 +5,13 @@ functions:
file-read:
- code: |
LFILE=file_to_read
ssh-keyscan -f "$LFILE"
ssh-keyscan -f $LFILE
suid:
- code: |
LFILE=file_to_read
./ssh-keyscan -f "$LFILE"
./ssh-keyscan -f $LFILE
sudo:
- code: |
LFILE=file_to_read
sudo ssh-keyscan -f "$LFILE"
sudo ssh-keyscan -f $LFILE
---

View File

@ -5,13 +5,13 @@ functions:
file-read:
- code: |
LFILE=file_to_read
tbl "$LFILE"
tbl $LFILE
suid:
- code: |
LFILE=file_to_read
./tbl "$LFILE"
./tbl $LFILE
sudo:
- code: |
LFILE=file_to_read
sudo tbl "$LFILE"
sudo tbl $LFILE
---

View File

@ -5,13 +5,13 @@ functions:
file-read:
- code: |
LFILE=file_to_read
troff "$LFILE"
troff $LFILE
suid:
- code: |
LFILE=file_to_read
./troff "$LFILE"
./troff $LFILE
sudo:
- code: |
LFILE=file_to_read
sudo troff "$LFILE"
sudo troff $LFILE
---

View File

@ -5,13 +5,13 @@ functions:
file-read:
- code: |
LFILE=file_to_read
xmodmap -v "$LFILE"
xmodmap -v $LFILE
suid:
- code: |
LFILE=file_to_read
./xmodmap -v "$LFILE"
./xmodmap -v $LFILE
sudo:
- code: |
LFILE=file_to_read
sudo xmodmap -v "$LFILE"
sudo xmodmap -v $LFILE
---