Module: check_mk
Branch: master
Commit: 7dabf8bfc9ecb78b85ab28fa9a83355c85816886
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=7dabf8bfc9ecb7…
Author: Jukka Aro <ja(a)mathias-kettner.de>
Date: Mon Mar 5 17:37:01 2018 +0100
5706 FIX Windows agent: fix endianness of IP addresses
The string conversion of IP addresses was falsely done manually in
network byte order, resulting in incorrect ouput for IPv6 addresses.
Now the conversion is done correctly.
This fix will shortly break the compatibility of logwatch state files
stored by the mk_logwatch plugin of previous versions of the Windows
agent as they use the remote IP address(es) of the monitoring host(s).
When upgrading to the new agent, those log entries that are created
exactly after stopping the old agent but before starting the new agent
will be lost in monitoring. After starting the new agent, monitoring
should work as before.
---
.werks/5706 | 22 ++++
agents/windows/ListenSocket.cc | 25 -----
agents/windows/ListenSocket.h | 3 -
agents/windows/WinApi.cc | 8 ++
agents/windows/WinApi.h | 4 +
agents/windows/WinApiAdaptor.h | 7 ++
agents/windows/build_version | 2 +-
agents/windows/check_mk_agent.cc | 19 +---
agents/windows/stringutil.cc | 133 ++++++++++++++++++++++-
agents/windows/stringutil.h | 27 +++++
agents/windows/test/MockWinApi.h | 5 +
agents/windows/test/stringutilTest.cc | 192 ++++++++++++++++++++++++++++++++++
12 files changed, 403 insertions(+), 44 deletions(-)
Diff: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commitdiff;h=7dabf8bfc9…
Module: check_mk
Branch: master
Commit: 82bb40508ab6fe850eb12a0ebf03b8a3bed7e9fd
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=82bb40508ab6fe…
Author: Andreas Boesl <ab(a)mathias-kettner.de>
Date: Mon Mar 5 16:54:26 2018 +0100
5785 FIX User notification rules: Now also checks if the user is restricted to authorized sites
If a user gets a restriction to authorized sites, it will also restrict the notifications to these sites.
Previously, if no </i>Match site</i> filter was set as specific condition, the user rule matched on all sites.
So, with this change a user notification rule is only checked on the users authorized sites.
Change-Id: I52065e4119075a70a91a9d68ee78dfd5df3ddce4
---
.werks/5785 | 17 +++++++++++++++++
cmk_base/notify.py | 4 ++++
web/htdocs/config.py | 12 ++++++++++++
web/htdocs/valuespec.py | 13 ++++++-------
web/htdocs/wato.py | 3 ++-
5 files changed, 41 insertions(+), 8 deletions(-)
diff --git a/.werks/5785 b/.werks/5785
new file mode 100644
index 0000000..de47572
--- /dev/null
+++ b/.werks/5785
@@ -0,0 +1,17 @@
+Title: User notification rules: Now also checks if the user is restricted to authorized sites
+Level: 1
+Component: notifications
+Compatible: compat
+Edition: cre
+Version: 1.5.0i4
+Date: 1520264909
+Class: fix
+
+If a user gets a restriction to authorized sites, it will also restrict the notifications to these sites.
+Previously, if no </i>Match site</i> filter was set as specific condition, the user rule matched on all sites.
+
+
+With this change a user notification rule is only checked on the users authorized sites.
+
+
+Furthermore, a user can no longer select foreign (non-authorized) sites in the <i>Match site</i> dropdown field.
diff --git a/cmk_base/notify.py b/cmk_base/notify.py
index 4ecffbe..cf1e6f4 100644
--- a/cmk_base/notify.py
+++ b/cmk_base/notify.py
@@ -606,6 +606,10 @@ def user_notification_rules():
# is handled by WATO. Contact specific rules are a
# WATO-only feature anyway...
user_rules.append(rule)
+
+ if "authorized_sites" in config.contacts[contactname] and not "match_site" in rule:
+ rule["match_site"] = config.contacts[contactname]["authorized_sites"]
+
notify_log_debug("Found %d user specific rules" % len(user_rules))
return user_rules
diff --git a/web/htdocs/config.py b/web/htdocs/config.py
index 86f63e2..cdb288d 100644
--- a/web/htdocs/config.py
+++ b/web/htdocs/config.py
@@ -812,6 +812,18 @@ def is_single_local_site():
return site_is_local(sitename)
+def site_attribute_default_value():
+ default_site = default_site()
+ authorized_site_ids = map(lambda x: x[0], user.authorized_sites(unfiltered_sites=configured_sites()))
+ if default_site and default_site in authorized_site_ids:
+ return default_site
+
+
+def site_attribute_choices():
+ authorized_site_ids = map(lambda x: x[0], user.authorized_sites(unfiltered_sites=configured_sites()))
+ return site_choices(filter_func=lambda site_id, site: site_id in authorized_site_ids)
+
+
def site_choices(filter_func=None):
choices = []
for site_id, site in sites.items():
diff --git a/web/htdocs/valuespec.py b/web/htdocs/valuespec.py
index 6472fd7..ad46ae1 100644
--- a/web/htdocs/valuespec.py
+++ b/web/htdocs/valuespec.py
@@ -4608,18 +4608,17 @@ class SiteChoice(DropdownChoice):
return False
import config
- default_site = config.default_site()
- authorized_site_ids = map(lambda x: x[0], config.user.authorized_sites(unfiltered_sites=config.configured_sites()))
- if default_site and default_site in authorized_site_ids:
- return default_site
- return self.canonical_value()
+ default_value = config.site_attribute_default_value()
+ if default_value:
+ return default_value
+ else:
+ return self.canonical_value()
def _site_choices(self):
import config
- authorized_site_ids = map(lambda x: x[0], config.user.authorized_sites(unfiltered_sites=config.configured_sites()))
- return config.site_choices(filter_func=lambda site_id, site: site_id in authorized_site_ids)
+ return config.site_attribute_choices()
class TimeperiodSelection(DropdownChoice):
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index 6c752fd..9b279f3 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -7972,6 +7972,7 @@ def vs_notification_rule(userid = None):
validate = validate_notification_rule,
)
+
def simple_host_rule_match_conditions():
return [
( "match_site",
@@ -7979,7 +7980,7 @@ def simple_host_rule_match_conditions():
title = _("Match site"),
help = _("This condition makes the rule match only notifications that have been "
"created on the selected sites."),
- choices = config.site_choices,
+ choices = config.site_attribute_choices,
),
),
( "match_folder",
Module: check_mk
Branch: master
Commit: e690356daa440f1569491af0e7ec62e6470699bd
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=e690356daa440f…
Author: Tom Baerwinkel <tb(a)mathias-kettner.de>
Date: Mon Mar 5 15:52:38 2018 +0100
Remove ra32e_sensors.heatindex man page and dict key
Change-Id: I12911b3f3869178026fd9e4429d1d9d8870df88c
---
checkman/ra32e_sensors.heatindex | 21 ---------------------
checks/ra32e_sensors | 1 -
2 files changed, 22 deletions(-)
diff --git a/checkman/ra32e_sensors.heatindex b/checkman/ra32e_sensors.heatindex
deleted file mode 100644
index 2085bf9..0000000
--- a/checkman/ra32e_sensors.heatindex
+++ /dev/null
@@ -1,21 +0,0 @@
-title: AVTECH Room Alert 32E: Sensor heat index
-agents: snmp
-catalog: hw/environment/avtech
-license: GPL
-distribution: check_mk
-description:
- This check monitors the internal heat index
- and the heat index of sensors connected to
- a AVTECH Room Alert 32E device.
- Upper and lower levels can be configured
- via WATO.
-
-item:
- "Internal" for the device sensor and "Sensor X"
- for connected sensors where X=1-8 is the ID
- connected sensor.
-
-inventory:
- One service for the internal sensor and one
- service for each sensor that delivers temperature
- data.
\ No newline at end of file
diff --git a/checks/ra32e_sensors b/checks/ra32e_sensors
index 0677291..4c740e6 100644
--- a/checks/ra32e_sensors
+++ b/checks/ra32e_sensors
@@ -44,7 +44,6 @@ def parse_ra32e_sensors(info):
parsed = {
'temperature': {},
'humidity': {},
- 'heatindex': {},
'voltage': {},
'power': {},
}
Module: check_mk
Branch: master
Commit: 511ca69dd06065a1bdceb7a5b9fd59884b277e1e
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=511ca69dd06065…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Mon Mar 5 15:34:57 2018 +0100
5887 FIX Protect against checks overriding Check_MK internal config variables
When a check declares a Check_MK internal configuration variable in it's global
namespace, for example "service_descriptions", it was overrding Check_MK internal
configuration variables with this statement in previous Check_MK versions.
Check_MK now prevents the checks from overriding already known configuration
variables.
Change-Id: I132a2d651d3a3b8e69bfb97a806cae53f1fccb4b
---
.werks/5887 | 15 +++++++++++++++
cmk_base/checks.py | 7 +++++++
2 files changed, 22 insertions(+)
diff --git a/.werks/5887 b/.werks/5887
new file mode 100644
index 0000000..53cdf4e
--- /dev/null
+++ b/.werks/5887
@@ -0,0 +1,15 @@
+Title: Protect against checks overriding Check_MK internal config variables
+Level: 1
+Component: core
+Compatible: compat
+Edition: cre
+Version: 1.5.0i4
+Date: 1520260398
+Class: fix
+
+When a check declares a Check_MK internal configuration variable in it's global
+namespace, for example "service_descriptions", it was overrding Check_MK internal
+configuration variables with this statement in previous Check_MK versions.
+
+Check_MK now prevents the checks from overriding already known configuration
+variables.
diff --git a/cmk_base/checks.py b/cmk_base/checks.py
index e84da07..debe872 100644
--- a/cmk_base/checks.py
+++ b/cmk_base/checks.py
@@ -106,6 +106,8 @@ def load_checks(filelist):
# Initialize some data structures which are populated while loading the checks
_check_variables.clear()
+ cmk_global_vars = set(config.get_variable_names())
+
loaded_files = set()
check_variable_defaults = {}
ignored_variable_types = [ type(lambda: None), type(os) ]
@@ -164,6 +166,11 @@ def load_checks(filelist):
# Save check variables for e.g. after config loading that the config can
# be added to the check contexts
for varname, value in new_check_vars.items():
+ # Do not allow checks to override Check_MK builtin global variables. Silently
+ # skip them here. The variables will only be locally available to the checks.
+ if varname in cmk_global_vars:
+ continue
+
if varname[0] != '_' and type(value) not in ignored_variable_types:
check_variable_defaults[varname] = value
Module: check_mk
Branch: master
Commit: d7afc50b9c5f30470a3bd02e3fe1f05df245b774
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=d7afc50b9c5f30…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Mon Mar 5 14:47:55 2018 +0100
5886 FIX Improved performane of "ineffective ruleset" searching
Pages that do analyze the matching of rules on folders / hosts were
not performing good when having a lot of rules and match objects
configured. This has been improved by introducing some internal caches.
Change-Id: Ia18e46df823b718ddcab85d2a37ab32df1ddad93
---
.werks/5886 | 13 +++++++++++
web/htdocs/watolib.py | 61 +++++++++++++++++++++++++++++++++++++++++++--------
2 files changed, 65 insertions(+), 9 deletions(-)
diff --git a/.werks/5886 b/.werks/5886
new file mode 100644
index 0000000..63153c2
--- /dev/null
+++ b/.werks/5886
@@ -0,0 +1,13 @@
+Title: Improved performane of "ineffective ruleset" searching
+Level: 1
+Component: wato
+Class: fix
+Compatible: compat
+Edition: cre
+State: unknown
+Version: 1.5.0i4
+Date: 1520257450
+
+Pages that do analyze the matching of rules on folders / hosts were
+not performing good when having a lot of rules and match objects
+configured. This has been improved by introducing some internal caches.
diff --git a/web/htdocs/watolib.py b/web/htdocs/watolib.py
index 7bfa980..64ae001 100644
--- a/web/htdocs/watolib.py
+++ b/web/htdocs/watolib.py
@@ -813,6 +813,7 @@ class WithPermissionsAndAttributes(WithPermissions):
def __init__(self):
super(WithPermissionsAndAttributes, self).__init__()
self._attributes = {}
+ self._effective_attributes = None
# .--------------------------------------------------------------------.
# | ATTRIBUTES |
@@ -846,6 +847,22 @@ class WithPermissionsAndAttributes(WithPermissions):
del self.attributes()[attrname]
+ def drop_caches(self):
+ self._effective_attributes = None
+
+
+ def _cache_effective_attributes(self, effective):
+ self._effective_attributes = effective.copy()
+
+
+ def _get_cached_effective_attributes(self):
+ if self._effective_attributes is None:
+ raise KeyError("Not cached")
+ else:
+ return self._effective_attributes.copy()
+
+
+
#.
# .--BaseFolder----------------------------------------------------------.
# | ____ _____ _ _ |
@@ -1195,7 +1212,6 @@ class CREFolder(BaseFolder):
self._subfolders = {}
self._choices_for_moving_host = None
- self._effective_attributes = None
self._root_dir = root_dir
if self._root_dir:
@@ -1418,6 +1434,13 @@ class CREFolder(BaseFolder):
self.need_permission("write")
if self._hosts != None:
self._save_hosts_file()
+
+ # Clean up caches of all hosts in this folder, just to be sure. We could also
+ # check out all call sites of save_hosts() and partially drop the caches of
+ # individual hosts to optimize this.
+ for host in self._hosts.values():
+ host.drop_caches()
+
call_hook_hosts_changed(self)
@@ -1672,12 +1695,15 @@ class CREFolder(BaseFolder):
def drop_caches(self):
+ super(CREFolder, self).drop_caches()
self._choices_for_moving_host = None
- self._effective_attributes = None
for subfolder in self._subfolders.values():
subfolder.drop_caches()
+ for host in self._hosts.values():
+ host.drop_caches()
+
# .-----------------------------------------------------------------------.
# | ELEMENT ACCESS |
@@ -1880,8 +1906,10 @@ class CREFolder(BaseFolder):
def effective_attributes(self):
- if self._effective_attributes != None:
- return self._effective_attributes.copy() # cached :-)
+ try:
+ return self._get_cached_effective_attributes() # cached :-)
+ except KeyError:
+ pass
effective = {}
for folder in self.parent_folder_chain():
@@ -1894,8 +1922,7 @@ class CREFolder(BaseFolder):
if attrname not in effective:
effective.setdefault(attrname, host_attribute.default_value())
- self._effective_attributes = effective.copy()
-
+ self._cache_effective_attributes(effective)
return effective
@@ -2702,12 +2729,18 @@ class CREHost(WithPermissionsAndAttributes):
self._name = host_name
self._attributes = attributes
self._cluster_nodes = cluster_nodes
+ self._cached_host_tags = None
def __repr__(self):
return "Host(%r)" % (self._name)
+ def drop_caches(self):
+ super(CREHost, self).drop_caches()
+ self._cached_host_tags = None
+
+
# .--------------------------------------------------------------------.
# | ELEMENT ACCESS |
# '--------------------------------------------------------------------'
@@ -2760,6 +2793,9 @@ class CREHost(WithPermissionsAndAttributes):
# Compute tags from settings of each individual tag. We've got
# the current value for each individual tag. Also other attributes
# can set tags (e.g. the SiteAttribute)
+ if self._cached_host_tags is not None:
+ return self._cached_host_tags # Cached :-)
+
tags = set([])
effective = self.effective_attributes()
for attr, topic in all_host_attributes():
@@ -2773,6 +2809,7 @@ class CREHost(WithPermissionsAndAttributes):
if "no-snmp" in tags and "no-agent" in tags:
tags.add("ping")
+ self._cached_host_tags = tags
return tags
@@ -2800,8 +2837,14 @@ class CREHost(WithPermissionsAndAttributes):
def effective_attributes(self):
+ try:
+ return self._get_cached_effective_attributes() # cached :-)
+ except KeyError:
+ pass
+
effective = self.folder().effective_attributes()
effective.update(self.attributes())
+ self._cache_effective_attributes(effective)
return effective
@@ -8302,9 +8345,6 @@ class Rule(object):
if not self._matches_hostname(hostname):
yield _("The host name does not match.")
- if not self.folder.is_transitive_parent_of(host_folder):
- yield _("The rule does not apply to the folder of the host.")
-
host_tags = host.tags()
for tag in self.tag_specs:
if tag[0] != '/' and tag[0] != '!' and tag not in host_tags:
@@ -8312,6 +8352,9 @@ class Rule(object):
elif tag[0] == '!' and tag[1:] in host_tags:
yield _("The host has the tag %s") % tag
+ if not self.folder.is_transitive_parent_of(host_folder):
+ yield _("The rule does not apply to the folder of the host.")
+
if item != NO_ITEM and self.ruleset.item_type():
if not self.matches_item(item):
yield _("The %s \"%s\" does not match this rule.") % \