Module: check_mk
Branch: master
Commit: 45ec371fe2d1d86ffc94a5500d4319fa717645b2
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=45ec371fe2d1d8…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Fri Jul 29 10:18:23 2016 +0200
3728 Automatically creating automation user for Check_MK internal use with WATO default
config
We are adding now a default automation user named <i>cmkautomation</i> to
Check_MK with the
WATO default configuration. This user will currently only be added to new sites, but may
be
added to existing sites in future, too.
The user has the administrative role to be able to access all hosts and do all actions.
The
authentication secret is randomly created for each site. In distributed setups the
authentication
secret will be synchronized from the central site.
The idea of this user is, that components of Check_MK can automatically authenticate with
the Web GUI using an always existing user. This is currently not used, but may be used
for
the internal cron job, fetching of graphs and performing checks against the GUI.
If you don't like this user, you are free to disable or delete it. But this may lead
to issues
in future when we start using the user for internal things.
---
.werks/3728 | 22 ++++++++++++++++++++++
ChangeLog | 1 +
web/htdocs/userdb.py | 21 ++++++++++++++++++++-
web/htdocs/wato.py | 2 ++
4 files changed, 45 insertions(+), 1 deletion(-)
diff --git a/.werks/3728 b/.werks/3728
new file mode 100644
index 0000000..0cd165b
--- /dev/null
+++ b/.werks/3728
@@ -0,0 +1,22 @@
+Title: Automatically creating automation user for Check_MK internal use with WATO default
config
+Level: 1
+Component: wato
+Compatible: compat
+Version: 1.4.0i1
+Date: 1469780006
+Class: feature
+
+We are adding now a default automation user named <i>cmkautomation</i> to
Check_MK with the
+WATO default configuration. This user will currently only be added to new sites, but may
be
+added to existing sites in future, too.
+
+The user has the administrative role to be able to access all hosts and do all actions.
The
+authentication secret is randomly created for each site. In distributed setups the
authentication
+secret will be synchronized from the central site.
+
+The idea of this user is, that components of Check_MK can automatically authenticate
with
+the Web GUI using an always existing user. This is currently not used, but may be used
for
+the internal cron job, fetching of graphs and performing checks against the GUI.
+
+If you don't like this user, you are free to disable or delete it. But this may lead
to issues
+in future when we start using the user for internal things.
diff --git a/ChangeLog b/ChangeLog
index ef2e826..9646aaf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -432,6 +432,7 @@
* 3154 added ability to retrieve passwords for active checks from a password store
* 3667 Search expressions in host search can now be given as regexes...
* 3724 Password input fields: Added note about plain text storing (if done so)
+ * 3728 Automatically creating automation user for Check_MK internal use with WATO
default config...
* 3060 FIX: Folder properties: Fixed exception when a user has no alias set...
* 3062 FIX: Git integration: Fixed not adding files in WATO folders to git control
* 3203 FIX: Distributed WATO: Fixed exception in remote host service discovery...
diff --git a/web/htdocs/userdb.py b/web/htdocs/userdb.py
index f81b872..043df3c 100644
--- a/web/htdocs/userdb.py
+++ b/web/htdocs/userdb.py
@@ -836,7 +836,26 @@ def save_users(profiles):
def rewrite_users():
- users = load_users(lock = True)
+ users = load_users(lock=True)
+ save_users(users)
+
+
+def create_cmk_automation_user():
+ secret = gen_id()
+
+ users = load_users(lock=True)
+ users["cmkautomation"] = {
+ 'alias' : u'Check_MK internal - Used for site local
authentication',
+ 'contactgroups' : [],
+ 'automation_secret' : secret,
+ 'password' : encrypt_password(secret),
+ 'roles' : ['admin'],
+ 'locked' : False,
+ 'serial' : 0,
+ 'email' : '',
+ 'pager' : '',
+ 'notifications_enabled' : False,
+ }
save_users(users)
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index d3c2b44..feb30a3 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -14293,6 +14293,8 @@ def create_sample_config():
save_mkeventd_sample_config()
+ userdb.create_cmk_automation_user()
+
def has_agent_bakery():
return 'bake_agents' in globals()