Module: check_mk
Branch: master
Commit: 00d27085deca4ed09a1974be9d04124eb800162e
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=00d27085deca4e…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Wed Sep 5 11:33:14 2018 +0200
6550 FIX Fixed warning "bad ps syntax" when stopping a site on e.g. SLES11
When using older ps versions like procps 3.2.7, which is used e.g. on SLES11, a warning message
like this was displayed when executing "omd stop" on a site:
Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html
Stopping 1 remaining site processes...OK
Change-Id: I7643eeb156c4e6a0a0e1150f94f7dde0559cb296
---
.werks/6550 | 15 +++++++++++++++
omd/packages/omd/omd | 2 +-
2 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/.werks/6550 b/.werks/6550
new file mode 100644
index 0000000..3b4bee7
--- /dev/null
+++ b/.werks/6550
@@ -0,0 +1,15 @@
+Title: Fixed warning "bad ps syntax" when stopping a site on e.g. SLES11
+Level: 1
+Component: omd
+Class: fix
+Compatible: compat
+Edition: cre
+State: unknown
+Version: 1.6.0i1
+Date: 1536139894
+
+When using older ps versions like procps 3.2.7, which is used e.g. on SLES11, a warning message
+like this was displayed when executing "omd stop" on a site:
+
+Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html
+Stopping 1 remaining site processes...OK
diff --git a/omd/packages/omd/omd b/omd/packages/omd/omd
index ea8da3e..c5a2d35 100644
--- a/omd/packages/omd/omd
+++ b/omd/packages/omd/omd
@@ -3957,7 +3957,7 @@ def site_user_processes(exclude_current_and_parents):
if exclude_current_and_parents:
exclude = get_current_and_parent_pids()
- p = subprocess.Popen(["ps", "-U", g_sitename, "-o", "pid", "-h"], close_fds=True,
+ p = subprocess.Popen(["ps", "-U", g_sitename, "-o", "pid", "--no-headers"], close_fds=True,
stdin=open(os.devnull), stdout=subprocess.PIPE)
exclude.append(p.pid)
Module: check_mk
Branch: master
Commit: 4bfdc76bd04eaafe106ec8e5405b46f948f6cefe
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=4bfdc76bd04eaa…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Wed Sep 5 10:20:41 2018 +0200
6549 FIX Crash reports: Filter out password/_password from HTTP vars of GUI crashes
When a crash occurs during the login procedure where a user entered his password during
verification of this password, the crash could contain this password in plain text in
the HTTP variable data structure. The vars named password/_password are now explicitly
filtered to prevent this.
FEED-932
Change-Id: Ief4909a2a64e2ac8f79521a273170a4fa0a710a3
---
.werks/6549 | 14 ++++++++++++++
cmk/gui/crash_reporting.py | 3 ++-
2 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/.werks/6549 b/.werks/6549
new file mode 100644
index 0000000..1564ca1
--- /dev/null
+++ b/.werks/6549
@@ -0,0 +1,14 @@
+Title: Crash reports: Filter out password/_password from HTTP vars of GUI crashes
+Level: 1
+Component: multisite
+Class: fix
+Compatible: compat
+Edition: cre
+State: unknown
+Version: 1.6.0i1
+Date: 1536130136
+
+When a crash occurs during the login procedure where a user entered his password during
+verification of this password, the crash could contain this password in plain text in
+the HTTP variable data structure. The vars named password/_password are now explicitly
+filtered to prevent this.
diff --git a/cmk/gui/crash_reporting.py b/cmk/gui/crash_reporting.py
index 3ac10d8..57d20d6 100644
--- a/cmk/gui/crash_reporting.py
+++ b/cmk/gui/crash_reporting.py
@@ -444,7 +444,8 @@ def show_agent_output(tardata):
def create_crash_dump_info_file(tar, what):
crash_info = cmk.crash_reporting.create_crash_info(what, details={
"page" : html.myfile+".py",
- "vars" : html.request.vars,
+ "vars" : {key: "***" if value in ["password", "_password"] else value
+ for key, value in html.request.vars.iteritems()},
"username" : config.user.id,
"user_agent" : html.request.user_agent,
"referer" : html.request.referer,
Module: check_mk
Branch: master
Commit: 9133c6b0e98cf788aa0b93df9f84a4752b096b6c
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=9133c6b0e98cf7…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Tue Aug 21 19:38:13 2018 +0200
Extracted some config default setting loading to make testing easier
CMK-854
Change-Id: I834982de95fab96609076a84df63534322b1bea5
---
cmk/gui/config.py | 31 +++++++++++++++++++------------
1 file changed, 19 insertions(+), 12 deletions(-)
diff --git a/cmk/gui/config.py b/cmk/gui/config.py
index 9542047..7acf278 100644
--- a/cmk/gui/config.py
+++ b/cmk/gui/config.py
@@ -45,7 +45,7 @@ import cmk.gui.plugins.config
# This import is added for static analysis tools like pylint to make them
# know about all shipped config options. The default config options are
-# later handled with the default_config dict and load_default_config()
+# later handled with the default_config dict and _load_default_config()
from cmk.gui.plugins.config.base import *
if not cmk.is_raw_edition():
@@ -165,16 +165,7 @@ def load_config():
modification_timestamps = []
# Set default values for all user-changable configuration settings
- vars_before_plugins = all_nonfunction_vars(globals())
- load_plugins(True)
- vars_after_plugins = all_nonfunction_vars(globals())
- load_default_config(vars_before_plugins, vars_after_plugins)
-
- # Apply the default configuration to the module global level
- for k, v in default_config.items():
- if isinstance(v, (dict, list)):
- v = copy.deepcopy(v)
- globals()[k] = v
+ _initialize_with_default_config()
# Initialze sites with default site configuration. Need to do it here to
# override possibly deleted sites
@@ -205,7 +196,23 @@ def load_config():
migrate_old_sample_config_tag_groups(wato_host_tags, wato_aux_tags)
-def load_default_config(vars_before_plugins, vars_after_plugins):
+def _initialize_with_default_config():
+ vars_before_plugins = all_nonfunction_vars(globals())
+ load_plugins(True)
+ vars_after_plugins = all_nonfunction_vars(globals())
+ _load_default_config(vars_before_plugins, vars_after_plugins)
+
+ _apply_default_config()
+
+
+def _apply_default_config():
+ for k, v in default_config.items():
+ if isinstance(v, (dict, list)):
+ v = copy.deepcopy(v)
+ globals()[k] = v
+
+
+def _load_default_config(vars_before_plugins, vars_after_plugins):
default_config.clear()
_load_default_config_from_module_plugins()
_load_default_config_from_legacy_plugins(vars_before_plugins, vars_after_plugins)