On 9/1/06, Julien TOUCHE <[EMAIL PROTECTED]> wrote:
i want to use fping with with nrpe/nagios. as security doc of OpenBSD
state, i want to use systrace privilege elevation but ...
$ sudo /bin/systrace -a -c 556:556 /usr/local/sbin/fping localhost
This program can only be run by root, or it must be setuid root.
$ sudo /bin/systrace -a /usr/local/sbin/fping -qc 5 localhost
localhost : xmt/rcv/%loss = 5/5/0%, min/avg/max = 0.71/1.07/1.92
seems fping runs a root check which cannot be overcome by a switch (at
least in man)
even if the policy of fping is with "as root" for everything it can't
run ...
anything beyond editing the code ?
tried setting the policy to have getuid return an error of 0?
