Source: spectre-meltdown-checker Version: 0.27-1 Severity: normal Tags: patch
Hi, spectre-meltdown-checker should exit with a sensible exit code if vulnerable. This saves cumbersome parsing of the —batch output and is a bit more UNIXey. Example patch attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh index 2d587a7..fda11de 100755 --- a/spectre-meltdown-checker.sh +++ b/spectre-meltdown-checker.sh @@ -93,6 +93,8 @@ nrpe_critical=0 nrpe_unknown=0 nrpe_vuln="" +ret=0 + __echo() { opt="$1" @@ -360,6 +362,9 @@ pvulnstatus() VULN) pstatus red 'VULNERABLE' "$@";; OK) pstatus green 'NOT VULNERABLE' "$@";; esac + case "$vulnstatus" in + UNK|VULN) ret=1 + esac } @@ -966,3 +971,5 @@ fi if [ "$opt_batch" = 1 -a "$opt_batch_format" = "json" ]; then _echo 0 ${json_output%?}] fi + +exit $ret