Merge branch '6723-sudo' into 'master'

smartstatus - harden sudo command execution See merge request !198

Merge branch '6723-sudo' into 'master'
8cd3f7b0 · Hahn Axel (hahn) · 9a4d05bb · 840a770a · 8cd3f7b0
Commit 8cd3f7b0 authored 1 year ago by Hahn Axel (hahn)
--- a/check_smartstatus
+++ b/check_smartstatus
@@ -37,15 +37,15 @@
 # 2021-04-07  v1.2  <axel.hahn@iml.unibe.ch> update message if sudo smartctl -H fails
 # 2021-10-28  v1.3  <axel.hahn@iml.unibe.ch> detect -d param for smartctl
 # 2022-07-08  v1.4  <axel.hahn@iml.unibe.ch> remove pipe in status line
+# 2023-10-20  v1.5  <axel.hahn@unibe.ch>     harden sudo command execution
 # ======================================================================
-. `dirname $0`/inc_pluginfunctions
+. $(dirname $0)/inc_pluginfunctions
 typeset -i iFound=0
 typeset -i iErrors=0
 sOut=
-sDetails=
 tmpDetailsfile=/tmp/smartstatus-all.log
 # fix for v0.5
@@ -61,7 +61,7 @@ function detectParam(){
  local _moreparam
  grep '^# PARAM' $0 | cut -f 2- -d ':' | while read _moreparam
  do
-    sudo smartctl -H $_mydevice $_moreparam >/dev/null 2>&1 && echo "$_moreparam"
+    sudo -n smartctl -H $_mydevice $_moreparam >/dev/null 2>&1 && echo "$_moreparam"
  done
  echo "$_moreparam"
 }
@@ -132,7 +132,13 @@ ph.require smartctl
 rm -f $tmpDetailsfile 2>/dev/null
-for mydevice in `ls -1 /dev/sd* | grep -v "[0-9]"`
+# --- pre check for sudo permissions on smartctl
+if ! sudo -n smartctl -h >/dev/null 2>&1; then
+  ph.abort "UNKNOWN: No sudo permissions to execute smartctl."
+fi
+# --- loop over sd devices
+for mydevice in $(ls -1 /dev/sd* | grep -v "[0-9]")
 do
  iFound=$iFound+1