On Fri, Mar 24, 2006 at 05:23:01PM +0100, David Lesaffre wrote: > udp problem not completely solved :) > when run manually with poller.php, it reports udp ports as up > when run from within the cron job, with poller2.php, it reports udp > ports as down Are you running it manually as root and cron runs it as a different user? udp probing needs root (or a setuid binary) - Craig
Nice hint:
# su - jffnms -c "cd /opt/jffnms/engine && php poller.php 10 298"
09:39:05 : H 10 : Poller Start : 4 Items.
You requested a scan type which requires root privileges. Sorry dude.
QUITTING!
09:39:05 : H 10 : I 298 : P 10 : udp_status,conn_delay(): | -> multi_buffer(): 0 (time P:49.88 | 0.86)
09:39:05 : H 10 : I 298 : P 20 : udp_status(): -> alarm(22): Nothing was done (time P:0.24 | 1.99)
09:39:05 : H 10 : I 298 : P 30 : no_poller(): 0 -> rrd(*): (time P:0.29 | 3.36)
09:39:05 : H 10 : I 298 : P LPD : last_poll_date(): 1143445145 -> db(last_poll_date): 1 (time P:0.51 | 7.28)
09:39:05 : H 10 : Poller End, Total Time: 77.12 msec.
Making php interpreter setuid:
# chmod u+s /usr/bin/php4
# su - jffnms -c "cd /opt/jffnms/engine && php poller.php 10 298"
09:41:41 : H 10 : Poller Start : 4 Items.
09:41:42 : H 10 : I 298 : P 10 : udp_status,conn_delay(): open|filtered|0.563 -> multi_buffer(): 2 (time P:610.99 | 0.65)
09:41:42 : H 10 : I 298 : P 20 : udp_status(): open -> alarm(22): Event Added: 87628 (time P:0.32 | 22.66)
09:41:42 : H 10 : I 298 : P 30 : no_poller(): 0 -> rrd(*): (time P:0.27 | 3.12)
09:41:42 : H 10 : I 298 : P LPD : last_poll_date(): 1143445302 -> db(last_poll_date): 1 (time P:0.31 | 2.41)
09:41:42 : H 10 : Poller End, Total Time: 652.9 msec.
That fixes it alright
But now my php interpreter is setuid, which makes jffnms run setuid, basically.
This does not seem right.
Any idea on how to narrow the setuid a bit?
David
