Checkmk git commits April 2022

checkmk-commits@lists.checkmk.com

1 participants
674 discussions

[tribe29/checkmk] e0ea6b: REST API: add internal endpoint which shows some h...

by Jörg Herbel

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: e0ea6b14b170d5105435cac72727d85b6c97071d https://github.com/tribe29/checkmk/commit/e0ea6b14b170d5105435cac72727d85b6… Author: Joerg Herbel <joerg.herbel(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: M agent-receiver/agent_receiver/checkmk_rest_api.py M cmk/gui/plugins/openapi/endpoints/host_internal.py M cmk/gui/plugins/openapi/restful_objects/response_schemas.py M cmk/gui/plugins/openapi/restful_objects/type_defs.py M tests/unit/cmk/gui/plugins/openapi/test_openapi_host_internal.py Log Message: ----------- REST API: add internal endpoint which shows some host attributes This new endpoint will be used by the agent receiver during host registration. To avoid collisions with the existing official endpoint, the new endpoint uses the domain "host_config_internal". Also move the existing endpoint link_uuid to host_config_internal for consistency. CMK-10258 Change-Id: If99aa74a1920e0bf5500ad3415d742981a2102e1

2 years, 5 months

[tribe29/checkmk] 549b79: 13851 FIX Baked windows agent packages are not sig...

by Sergey Kipnis

Branch: refs/heads/2.1.0 Home: https://github.com/tribe29/checkmk Commit: 549b79ab2ee30881081be73b0b09d8de4fe0180d https://github.com/tribe29/checkmk/commit/549b79ab2ee30881081be73b0b09d8de4… Author: Sergey Kipnis <sergey.kipnis(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: A .werks/13851 M cmk/utils/msi_engine.py M tests/integration/cmk/utils/test_msi_engine_it.py Log Message: ----------- 13851 FIX Baked windows agent packages are not signed anymore Previously the agent bakery used a signed MSI file as a basis to assemble windows agent packages. As a result the package got an invalid signature. With this release the agent bakery uses an unsigned MSI file, thus solving the problem. Change-Id: Ida08f23a0aa15724fc40b79664f6bf860d39a9e1

2 years, 5 months

[tribe29/checkmk] 64fb7e: Fix command injection vulnerability

by Sergey Kipnis

Branch: refs/heads/2.0.0 Home: https://github.com/tribe29/checkmk Commit: 64fb7e6f00bd9830b8c26453711b5c9be63cb7d0 https://github.com/tribe29/checkmk/commit/64fb7e6f00bd9830b8c26453711b5c9be… Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: A .werks/13897 M cmk/base/notify.py Log Message: ----------- Fix command injection vulnerability Previously to this Werk an attacker who could control certain notification variables such as <tt>NOTIFICATIONTYPE</tt> or <tt>HOSTNAME</tt> was able to inject commands to the fall-back mail command. The commands were then executed as site user. With this werk the variable <tt>MAIL_COMMAND</tt> is no longer available in notification scripts. You can reduce the risk of exploitation with disabling the listening of the notification spooler (the default is disabled) (CEE/CME only feature). All maintained versions (>=1.6) are subject to this vulnerability. It is likely that also previous versions were vulnerable. To detect possible exploitation <tt>var/log/mknotifyd.log</tt> and <tt>var/log/notify.log</tt> can be checked for special shell characters like <tt>&&</tt> and odd quoting. CMK-8780 Change-Id: I98236d1aa7854773862aee6fedcd669b09ba5fc0 Commit: 3e00e603e098801308444c0add7e6b2b3c5f7c0e https://github.com/tribe29/checkmk/commit/3e00e603e098801308444c0add7e6b2b3… Author: Sergey Kipnis <sergey.kipnis(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: M Makefile M agents/wnx/clean_artefacts.cmd M buildscripts/scripts/build-cmk-version.jenkins M buildscripts/scripts/lib/windows.groovy M scripts/fake-windows-artifacts Log Message: ----------- Rename MSI from `no_sign` to `unsigned` Change-Id: I6f4e56fe6893329df3414e864ea2119aee1fb0a1 Compare: https://github.com/tribe29/checkmk/compare/37d591be6e82...3e00e603e098

2 years, 5 months

[tribe29/checkmk] de49f9: Fix command injection vulnerability

by Maximilian

Branch: refs/heads/2.1.0 Home: https://github.com/tribe29/checkmk Commit: de49f9f9b7611a8504aabfb5ffe3dea8c5fb16a6 https://github.com/tribe29/checkmk/commit/de49f9f9b7611a8504aabfb5ffe3dea8c… Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: A .werks/13897 M cmk/base/notify.py Log Message: ----------- Fix command injection vulnerability Previously to this Werk an attacker who could control certain notification variables such as <tt>NOTIFICATIONTYPE</tt> or <tt>HOSTNAME</tt> was able to inject commands to the fall-back mail command. The commands were then executed as site user. With this werk the variable <tt>MAIL_COMMAND</tt> is no longer available in notification scripts. You can reduce the risk of exploitation with disabling the listening of the notification spooler (the default is disabled) (CEE/CME only feature). All maintained versions (>=1.6) are subject to this vulnerability. It is likely that also previous versions were vulnerable. To detect possible exploitation <tt>var/log/mknotifyd.log</tt> and <tt>var/log/notify.log</tt> can be checked for special shell characters like <tt>&&</tt> and odd quoting. CMK-8780 Change-Id: I98236d1aa7854773862aee6fedcd669b09ba5fc0

2 years, 5 months

[tribe29/checkmk] 984190: Make the default timeout consistent in proxmox

by scolakovic

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 98419069aada791b8bbc70b8b3c74623072040e9 https://github.com/tribe29/checkmk/commit/98419069aada791b8bbc70b8b3c746230… Author: Konstantin Baikov <konstantin.baikov(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: M cmk/gui/plugins/wato/special_agents/proxmox_ve.py M cmk/special_agents/agent_proxmox_ve.py Log Message: ----------- Make the default timeout consistent in proxmox It was 20 and 60 in different places. 50 is optimal becausethe global special agent timeout is 60. Change-Id: Ica0a55d1389019dd219d05c0d3533329662ea4cb Commit: 189854f97b75d05704af36b60506629b6f02c2ae https://github.com/tribe29/checkmk/commit/189854f97b75d05704af36b60506629b6… Author: Sofia Colakovic <sofia.colakovic(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: M .werks/first_free Log Message: ----------- Reserved 30 Werk IDS Change-Id: If43fb5f65a65170d37a81cdc5e4df9b3a1416891 Compare: https://github.com/tribe29/checkmk/compare/9463d4967430...189854f97b75

2 years, 5 months

[tribe29/checkmk] 2a9958: Format file

by Lars

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 2a9958d83906dc9e9ebf5e57cf937b96336077a5 https://github.com/tribe29/checkmk/commit/2a9958d83906dc9e9ebf5e57cf937b963… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: M doc/documentation/conf.py Log Message: ----------- Format file Change-Id: I9df8ba60ac6ac92584c8facf1b984b6e09ff773a Commit: 9463d49674306bd50945b4d3c1f22598306c6d74 https://github.com/tribe29/checkmk/commit/9463d49674306bd50945b4d3c1f225983… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: A buildscripts/scripts/update-architecture-documentation.jenkins M doc/documentation/Makefile M doc/documentation/conf.py Log Message: ----------- Add job to generate up-to-date architecture docs Change-Id: I1cbaa3052e4a893a06efb7a0af02679c9bcc7b09 Compare: https://github.com/tribe29/checkmk/compare/677477b58af5...9463d4967430

2 years, 5 months

[tribe29/checkmk] 677477: 13464 citrix_state.controller: Provide info on pow...

by scolakovic

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 677477b58af5641cd74d128024c353f646dca6fd https://github.com/tribe29/checkmk/commit/677477b58af5641cd74d128024c353f64… Author: Sofia Colakovic <sofia.colakovic(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: A .werks/13464 Log Message: ----------- 13464 citrix_state.controller: Provide info on powered off machine In case of an empty "controller" field, the message "Machine powered off" is displayed. Closes #454 Change-Id: I12b286bf70f3edb33cf84aaeeb6d3435db6157c9

2 years, 5 months

[tribe29/checkmk] 440e3a: citrix_state.controller respects powered off machines

by Andreas Döhler

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 440e3a9462eca1f208a7e242e092157fe54d8bed https://github.com/tribe29/checkmk/commit/440e3a9462eca1f208a7e242e092157fe… Author: Andreas Döhler <andreas.doehler(a)gmail.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: M checks/citrix_state Log Message: ----------- citrix_state.controller respects powered off machines To get a valid output the check must handle powered off machines. If a machine is powered off it has no assigned controller and the controller field is an empty string. Change-Id: I875a45fc1cf2ba05267214e3f7172e48183d6bd6

2 years, 5 months

[tribe29/checkmk] 37d591: REST API: Fix scheduling host downtimes from read-...

by Lars

Branch: refs/heads/2.0.0 Home: https://github.com/tribe29/checkmk Commit: 37d591be6e82059fd410455a09569b4b5ad42ccd https://github.com/tribe29/checkmk/commit/37d591be6e82059fd410455a09569b4b5… Author: Thierry Trafelet <thierry.tra(a)bluewin.ch> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: M cmk/gui/plugins/openapi/restful_objects/request_schemas.py M tests/unit/cmk/gui/plugins/openapi/test_openapi_downtime.py Log Message: ----------- REST API: Fix scheduling host downtimes from read-only sites Because: - Werk #13080 in b85f1c2ad4c07f4e08ddeb2fe554e959257d2fea introduced a change that should have allowed read-only sites that are attached to a master site to set downtimes for hosts. - The original fix did not consider the default value for `should_exist` on fields.HostField, which is `True`. And therefore, had no effect. This commit changes the following: - Fix scheduling of host downtimes from read-only sites on REST API - Add unit test for host downtime scheduling on host without config - Fix unit test for scheduling host downtime on non-existing host Change-Id: Idf193cff62d1641ebbaf7d05cd1a50d415ab3011

2 years, 5 months

[tribe29/checkmk] 9e1004: Switch bin_dir from str to Path object

by Maximilian

Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 9e10043527e1e5d8b3cfd5ffc07d99c13c1a761a https://github.com/tribe29/checkmk/commit/9e10043527e1e5d8b3cfd5ffc07d99c13… Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: M cmk/utils/paths.py M tests/unit/cmk/utils/test_paths.py Log Message: ----------- Switch bin_dir from str to Path object Change-Id: I9c8624d558d5bc487a7a2b475d06298b93df9b64 Commit: 693535c45ddbe6330f61efed76521e0b46ef9e6a https://github.com/tribe29/checkmk/commit/693535c45ddbe6330f61efed76521e0b4… Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com> Date: 2022-04-14 (Thu, 14 Apr 2022) Changed paths: A .werks/13897 M cmk/base/notify.py Log Message: ----------- Fix command injection vulnerability Previously to this Werk an attacker who could control certain notification variables such as <tt>NOTIFICATIONTYPE</tt> or <tt>HOSTNAME</tt> was able to inject commands to the fall-back mail command. The commands were then executed as site user. With this werk the variable <tt>MAIL_COMMAND</tt> is no longer available in notification scripts. You can reduce the risk of exploitation with disabling the listening of the notification spooler (the default is disabled) (CEE/CME only feature). All maintained versions (>=1.6) are subject to this vulnerability. It is likely that also previous versions were vulnerable. To detect possible exploitation <tt>var/log/mknotifyd.log</tt> and <tt>var/log/notify.log</tt> can be checked for special shell characters like <tt>&&</tt> and odd quoting. CMK-8780 Change-Id: I98236d1aa7854773862aee6fedcd669b09ba5fc0 Compare: https://github.com/tribe29/checkmk/compare/fff03407ea47...693535c45ddb

2 years, 5 months

← Newer
1
...
28
29
30
31
32
33
34
...
68
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Checkmk git commits April 2022