Do not launch a shell for each check

Andreas Ericsson ae at op5.se
Mon Oct 4 11:28:45 CEST 2010


On 10/04/2010 06:33 AM, Thomas Guyot-Sionnest wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 10-10-03 10:53 PM, Ethan Galstad wrote:
>> Ton Voon wrote:
>>> On 29 Sep 2010, at 12:36, Matthieu Kermagoret wrote:
>>>
>>>> On Tue, Jun 1, 2010 at 3:49 PM, Matthieu Kermagoret
>>>> <mkermagoret at merethis.com>  wrote:
>>>>> The patch I propose, handle simple commands with shell quoting
>>>>> (simple
>>>>> and double quote). Every command containing any of these characters
>>>>> (escaped or not) will be handled by the shell -->  !$^&*()~[]|{};<>?`
>>>>> <--
>>>>>
>>>>> So any feedback on this new proposal ?
>>>>>
>>>> Could it somehow make it into HEAD ? It would resolve issue #86.
>>>
>>> Is it possible to get some libtap tests running against these?
>>>
>>> If so, I'd be happy to review what you have done in the tests.
>>>
>>> However, this is quite an intrusive change, so would have to go into
>>> the next feature branch.
>>>
>>> Ton
>>
>> Agreed - Nice idea, but it should probably wait for a 3.3.x release.
>>
>> Once I release 3.2.3, I'll create a 3.2.x branch and this can get
>> committed to HEAD.
> 
> FWIW I've suggested something like that for a long time but never got
> around coding it. I think we should use a different command type (i.e.
> two possible command line option, either one of them and never both
> would be required). Just like for command arguments, they could be
> separated with "!".
> 
> For example take my (slightly complex) SNMP load average command:
>> command_line $USER1$/check_snmp -H $HOSTADDRESS$ -o .1.3.6.1.4.1.2021.10.1.3.1,.1.3.6.1.4.1.2021.10.1.3.2,.1.3.6.1.4.1.2021.10.1.3.3 -w $ARG1$ -c $ARG2$ -C $USER5$ -l 1min: -l 5min: -l 15min: -l Load -D ", " -m UCD-SNMP-MIB
> 
> It could be rewritten as:
>> command_exec $USER1$/check_snmp!-H!$HOSTADDRESS$!-o!.1.3.6.1.4.1.2021.10.1.3.1,.1.3.6.1.4.1.2021.10.1.3.2,.1.3.6.1.4.1.2021.10.1.3.3!-w!$ARG1$!-c!$ARG2$!-C!$USER5$!-l!1min:!-l!5min:!-l!15min:!-l!Load!-D!, !-m!UCD-SNMP-MIB
> 
> This also allow passing empty arguments and doesn't require nagios to do
> any single/double quote parsing, which could break some complex command
> definitions (that would likely be much easier to write in the _exec form
> anyway...)
> 
> And I think the same would be beneficial for NRPE as well, allowing at
> the same time to safely pass arguments using the exec form...
> 

Parsing arguments is not that hard, and if we run into pipes and sub-shells
we can always fall back very easily to running

 const char *cmd_args = {"sh", "-c", cmd}
 execv("/bin/sh", cmd_args);

but only if we keep the command-line separated with spaces instead of
exclamation marks. Otherwise the tricky case will still have to be parsed
for escaped exclamation marks.

Don't go down this road. It adds complexity and breaks compatibility for
no real gain.

I like the original suggestion though. Parse quotation marks (double
and single) and if we hit IO redirection or subshells we just let the
shell handle it. It's not that hard.

-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231

Considering the successes of the wars on alcohol, poverty, drugs and
terror, I think we should give some serious thought to declaring war
on peace.

------------------------------------------------------------------------------
Virtualization is moving to the mainstream and overtaking non-virtualized
environment for deploying applications. Does it make network security 
easier or more difficult to achieve? Read this whitepaper to separate the 
two and get a better understanding.
http://p.sf.net/sfu/hp-phase2-d2d




More information about the Developers mailing list