Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
[dev.icinga.com #10693] Add running_kernel_use_sudo option for the running_kernel check #3691
This issue has been migrated from Redmine: https://dev.icinga.com/issues/10693
Created by hostedpower on 2015-11-20 15:32:11 +00:00
This is the latest version of the script: https://raw.githubusercontent.com/oftc/dsa-nagios/master/dsa-nagios-checks/checks/dsa-check-running-kernel
I don't see any reason why we would call it with sudo. I tried on a few OS's and did not need sudo at all...
Was this put in by mistake?
I propose for removal if we can avoid sudo requirements :)
2015-11-22 11:36:50 +00:00 by (unknown) 1d1f15c
2015-11-23 06:51:36 +00:00 by (unknown) 0adf001
2015-11-23 07:04:57 +00:00 by (unknown) e571e22
2015-11-23 12:10:25 +00:00 by (unknown) 2320f7a
2015-11-23 12:29:45 +00:00 by (unknown) 5f22076
2015-11-26 10:18:05 +00:00 by (unknown) 3916ef0
2015-11-26 10:19:32 +00:00 by (unknown) b14a48d
2015-11-26 10:19:33 +00:00 by (unknown) 330e8db
2015-11-26 10:19:33 +00:00 by (unknown) 141f255
Updated by gbeutner on 2015-11-21 03:33:22 +00:00
Updated by gbeutner on 2015-11-21 03:34:31 +00:00
Arguably there's no reason why the kernel image wouldn't be world-readable (considering that you could just download the .deb file from the mirror and unpack it somewhere else) - but that's apparently the way things work on Ubuntu right now.
Updated by hostedpower on 2015-11-21 07:55:30 +00:00
Thanks gunnarbeutner, that was one of the few I did not test.
However does it require sudo in the check? Or is it enough to remove the sudo from the check explicitly and just put icinga user into the sudo'ers on Ubuntu? I have no idea if there is a more intelligent way of using sudo for this so it's not required on all OS'es.
Another idea would be to split the check with and without sudo and set the option as a config variable. Something like: running_kernel_use_sudo = true/false.
It's a pity that for 1 OS we now have to give sudo on all other OS'es as well.
Updated by gbeutner on 2015-11-21 10:49:34 +00:00
The kernel belongs to root:root and is not group/world readable. Adding the Icinga user to the sudo group would make no difference:
Updated by hostedpower on 2015-11-21 11:08:55 +00:00
What about something like this?
I wonder if it would not be a better idea to create a method which could be used generally in icinga. Because some other plugins like check_yum and check_apt normally run without sudo, but for some actions they require it.If we could specify it with some parameter what we want when running a check, I think it would be better.
PS: I tested older Ubuntu here, even there it seems not required. I don't have a 14.04 to test unfortunately.
Updated by gbeutner on 2015-11-23 12:12:50 +00:00
This would obviously always be false. However I'm going to add a few global variables which can be used to detect the operating system Icinga 2 is running on.