7 May
2018
7 May
'18
10:20 a.m.
Module: check_mk
Branch: master
Commit: ab75928e4efea0825cb31938e77f03a046fa44ba
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=ab75928e4efea0…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Mon May 7 06:33:54 2018 +0200
6056 Analyze configuration: Test for old omdadmin default credentials
A new "Analyze configuration" test warns you in case a omdadmin user with the
pre
1.4 default password is found in the site.
Change-Id: I788abe3e0eedf1021fbc77340baf34ee54608611
---
.werks/6056 | 12 ++++++++++++
web/plugins/wato/ac_tests.py | 32 ++++++++++++++++++++++++++++++++
2 files changed, 44 insertions(+)
diff --git a/.werks/6056 b/.werks/6056
new file mode 100644
index 0000000..22aec27
--- /dev/null
+++ b/.werks/6056
@@ -0,0 +1,12 @@
+Title: Analyze configuration: Test for old omdadmin default credentials
+Level: 1
+Component: wato
+Class: feature
+Compatible: compat
+Edition: cre
+State: unknown
+Version: 1.6.0i1
+Date: 1525628120
+
+A new "Analyze configuration" test warns you in case a omdadmin user with the
pre
+1.4 default password is found in the site.
diff --git a/web/plugins/wato/ac_tests.py b/web/plugins/wato/ac_tests.py
index 17b549a..7c662b5 100644
--- a/web/plugins/wato/ac_tests.py
+++ b/web/plugins/wato/ac_tests.py
@@ -256,6 +256,38 @@ class ACTestHTTPSecured(ACTest):
+class ACTestOldDefaultCredentials(ACTest):
+ def category(self):
+ return ACTestCategories.security
+
+
+ def title(self):
+ return _("Default credentials")
+
+
+ def help(self):
+ return _("In versions prior to version 1.4.0 the first administrative user
of the "
+ "site was named <tt>omdadmin</tt> with the standard password
<tt>omd</tt>. "
+ "This test warns you in case the site uses these standard credentials.
"
+ "It is highly recommended to change this password.")
+
+
+ def is_relevant(self):
+ return userdb.user_exists("omdadmin")
+
+
+ def execute(self):
+ if userdb.HtpasswdUserConnector({}).check_credentials("omdadmin",
"omd") == "omdadmin":
+ yield ACResultCRIT(_("Found <tt>omdadmin</tt> with default
password. "
+ "It is highly recommended to change this
password."))
+ else:
+ yield ACResultOK(_("Found <tt>omdadmin</tt> using custom
password."))
+
+
+
+
+
+
class ACTestBackupConfigured(ACTest):
def category(self):
return ACTestCategories.reliability