Skip to content

Commit

Permalink
Finishing touches for CVE-2016-10089 (#454). Adjusted the RAMDISK cre…
Browse files Browse the repository at this point in the history 
…ation in default-init, and cleaned up the check_config() calls a bit -BH
  • Loading branch information
@hedenface
hedenface committed Dec 30, 2017
1 parent f514311 commit 553fc81
Showing 1 changed file with 25 additions and 20 deletions.
45 changes: 25 additions & 20 deletions startup/default-init.in
View file
Expand Up @@ -72,16 +72,33 @@ USE_RAMDISK=${USE_RAMDISK:-0}
if test "$USE_RAMDISK" -ne 0 && test "$RAMDISK_SIZE"X != "X"; then
ramdisk=`mount |grep "${RAMDISK_DIR} type tmpfs"`
if [ "$ramdisk"X == "X" ]; then
mkdir -p -m 0755 ${RAMDISK_DIR}
mount -t tmpfs -o size=${RAMDISK_SIZE}m tmpfs ${RAMDISK_DIR}
mkdir -p -m 0755 ${RAMDISK_DIR}/checkresults
chown -h -R $NagiosUser:$NagiosGroup ${RAMDISK_DIR}
if [ ! -d ${RAMDISK_DIR} ]; then
mkdir -p -m 0755 ${RAMDISK_DIR}
if [ -d ${RAMDISK_DIR} ]; then
NagiosUserUID=`id -u ${NagiosUser}`
NagiosGroupGID=`id -g ${NagiosGroup}`
mount -t tmpfs -o uid=${NagiosUserUID},gid={$NagiosGroupGID},size=${RAMDISK_SIZE}m tmpfs ${RAMDISK_DIR}
su ${NagiosUser} -c "mkdir -m 0755 ${RAMDISK_DIR}/checkresults"
else
echo "ERROR: Unable to create ramdisk directory (${RAMDISK_DIR})"
exit 1
fi
else

This comment has been minimized.

Sign in to view

Copy link
@orlitzky

orlitzky Dec 30, 2017

Contributor

Is this going to cause problems if the service is stopped and restarted? (Can't the directory remain there in most cases?)

This comment has been minimized.

Sign in to view

Copy link
@hedenface

hedenface Dec 30, 2017

Author Contributor

That's a good point. Yes, it likely will.
echo "ERROR: Ramdisk directory (${RAMDISK_DIR}) already exists!"
exit 1
fi
fi
fi


check_config ()
{
if test "$checkconfig" != "true"; then
return 0
fi

echo "Running configuration check...\n"

rm -f "$NagiosCfgtestFile";
if test -e "$NagiosCfgtestFile"; then
echo "ERROR: Could not delete '$NagiosCfgtestFile'"
Expand Down Expand Up @@ -191,10 +208,7 @@ case "$1" in
start)
echo -n "Starting nagios:"

if test "$checkconfig" = "true"; then
check_config
# check_config exits on configuration errors.
fi
check_config

if test -f $NagiosRunFile; then
NagiosPID=`head -n 1 $NagiosRunFile`
Expand Down Expand Up @@ -256,10 +270,7 @@ case "$1" in
;;

checkconfig)
if test "$checkconfig" = "true"; then
printf "Running configuration check...\n"
check_config
fi
check_config

if [ $? -eq 0 ]; then
echo " OK."
Expand All @@ -270,20 +281,14 @@ case "$1" in
;;

restart)
if test "$checkconfig" = "true"; then
printf "Running configuration check...\n"
check_config
fi
check_config

$0 stop
$0 start
;;

reload|force-reload)
if test "$checkconfig" = "true"; then
printf "Running configuration check...\n"
check_config
fi
check_config

if test ! -f $NagiosRunFile; then
$0 start
Expand Down

0 comments on commit 553fc81

Please sign in to comment.