From: Costa Tsaousis (ktsaou) <costa@tsaousis.gr>
Date: Fri, 30 Dec 2016 03:54:38 +0000 (+0200)
Subject: check that apps.plugin runs before trusting setcap
X-Git-Tag: v1.5.0~70^2
X-Git-Url: https://arthur.barton.de/gitweb/?p=netdata.git;a=commitdiff_plain;h=fb64fb5a1cd7100d61d17c8ff8beb0f9a575d7dc

check that apps.plugin runs before trusting setcap
---

diff --git a/netdata-installer.sh b/netdata-installer.sh
index ac19452b..95732e9a 100755
--- a/netdata-installer.sh
+++ b/netdata-installer.sh
@@ -839,6 +839,15 @@ if [ ${UID} -eq 0 ]
         then
         run setcap cap_dac_read_search,cap_sys_ptrace+ep "${NETDATA_PREFIX}/usr/libexec/netdata/plugins.d/apps.plugin"
         setcap_ret=$?
+
+        if [ ${setcap_ret} -eq 0 ]
+            then
+            # if we managed to setcap
+            # but we fail to execute apps.plugin
+            # trigger setuid to root
+            "${NETDATA_PREFIX}/usr/libexec/netdata/plugins.d/apps.plugin" -v >/dev/null 2>&1
+            setcap_ret=$?
+        fi
     fi
 
     if [ ${setcap_ret} -ne 0 ]
diff --git a/src/apps_plugin.c b/src/apps_plugin.c
index 51cedaff..7d5c325e 100644
--- a/src/apps_plugin.c
+++ b/src/apps_plugin.c
@@ -2680,6 +2680,11 @@ static void parse_args(int argc, char **argv)
             }
         }
 
+        if(strcmp("version", argv[i]) == 0 || strcmp("-v", argv[i]) == 0) {
+            printf("apps.plugin %s\n", VERSION);
+            exit(0);
+        }
+
         if(strcmp("debug", argv[i]) == 0) {
             debug = 1;
             // debug_flags = 0xffffffff;
@@ -2728,7 +2733,7 @@ static void parse_args(int argc, char **argv)
 
         if(strcmp("-h", argv[i]) == 0 || strcmp("--help", argv[i]) == 0) {
             fprintf(stderr,
-                    "apps.plugin\n"
+                    "apps.plugin %s\n"
                     "(C) 2016 Costa Tsaousis"
                     "GPL v3+\n"
                     "This program is a data collector plugin for netdata.\n"
@@ -2755,6 +2760,10 @@ static void parse_args(int argc, char **argv)
                     "NAME              read apps_NAME.conf instead of\n"
                     "                  apps_groups.conf\n"
                     "                  (default NAME=groups)\n"
+                    "\n"
+                    "version           print program version and exit\n"
+                    "\n"
+                    , VERSION
             );
             exit(1);
         }