Source: spectre-meltdown-checker
Version: 0.27-1
Severity: normal
Tags: patch
Hi,
spectre-meltdown-checker should exit with a sensible exit code if
vulnerable. This saves cumbersome parsing of the —batch output and
is a bit more UNIXey.
Example patch attached.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` [email protected] / chris-lamb.co.uk
`-
diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index 2d587a7..fda11de 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -93,6 +93,8 @@ nrpe_critical=0
nrpe_unknown=0
nrpe_vuln=""
+ret=0
+
__echo()
{
opt="$1"
@@ -360,6 +362,9 @@ pvulnstatus()
VULN) pstatus red 'VULNERABLE' "$@";;
OK) pstatus green 'NOT VULNERABLE' "$@";;
esac
+ case "$vulnstatus" in
+ UNK|VULN) ret=1
+ esac
}
@@ -966,3 +971,5 @@ fi
if [ "$opt_batch" = 1 -a "$opt_batch_format" = "json" ]; then
_echo 0 ${json_output%?}]
fi
+
+exit $ret
