ID: 11510
Title: Discovered host labels are stored for cluster and each node
Component: WATO
Level: 1
Class: New feature
Version: 2.0.0i1
A Chechmk cluster host inherits host labels from its nodes. These labels are
discovered on the nodes. Previously these labels were stored only for the
cluster. Now the host labels are stored for the cluster and each node. This
means that host labels can now be used on clusters and nodes.
ID: 11116
Title: job: Failed jobs are not OK just because a new one is running
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.0.0i1
The job plugin determines its state from the age of the last job
and its exit code.
Previously, a job was considered {OK} regardless of its exit code
whenever a job was running at the time of checking. This way a long
running job could appear to be {OK} most of the time, even if it
was constantly failing.
ID: 11417
Title: GUI livestatus connection: Fixed race condition which caused needless reconnection to liveproxyd
Component: Livestatus Proxy
Level: 1
Class: Bug fix
Version: 2.0.0i1
The livestatus connection from the GUI resend its request several times if the liveproxyd has closed the socket connection (even if it had a good reason).
ID: 11416
Title: Folder changes from normal monitoring users were not always applied on the first save
Component: WATO
Level: 1
Class: Bug fix
Version: 2.0.0i1
Users without the role Read access to all hosts and folders had to save folders twice to get their changes applied.
ID: 11327
Title: fileinfo.groups, filestats: enable additional rules for specific files in a file group
Component: Checks & agents
Level: 1
Class: New feature
Version: 1.7.0i1
The plugins fileinfo.groups and filestats allow the user to monitor the size,
age and count of a group of files on the Linux filesystem. With this extension,
the rules for file size and age can be overwritten for specific files within a
particular group. This can be done by defining a filename or a regular
expression, and additional rules for those files. This functionality is
optional and can be activated by checking the 'Additional rules for files'
option in the "Size, age and count of file groups" and "Size, age and count of
file groups (mk_filestats)" rulesets respectively.
ID: 11395
Title: Filter for multiple sites
Component: Multisite
Level: 1
Class: New feature
Version: 2.0.0i1
Views can now be filtered by multiple sites instead of one only at the
time. This filter "Multiple Sites" is not complatible with the existing
sites filters "Site" and "Site (enforced)" and will only be applied if the
other site filters are removed from the view.
ID: 11415
Title: liveproxyd logging: fixed incorrect logrotate behaviour
Component: Livestatus Proxy
Level: 1
Class: Bug fix
Version: 2.0.0i1
The liveproxyd always wrote into the intially opened logfile, even if it was renamed/moved by logrotate.
ID: 11337
Title: job: addition of job monitoring to AIX agent
Component: Checks & agents
Level: 1
Class: New feature
Version: 2.0.0i1
This change introduces the job monitoring functionality to the
AIX agent. The behaviour is similar to the job monitoring process
of the Solaris and Linux agent. The resulting services contain time
related information of the jobs.
ID: 11499
Title: Improve login session security
Component: Multisite
Level: 1
Class: Security fix
Version: 2.0.0i1
In previous Checkmk versions the login sessions were not tracked on the Checkmk
server side. This means that a logout in the GUI was a pure client action
destroying the authentication cookie. When the cookie was stored and reused
later, the user was able to access the GUI again with that old login session
which was logged out.
This change extends the authentication cookie with a session ID which has to be
known on the Checkmk server to result in a successful login. Once a login
session is logging out from the GUI, the session is invalidated on the Checkmk
server. If a client tries to access the GUI with an invalidated authentication
cookie, the login will be rejected from now.
Please note that we have added some limitations with this change:
<ul>
<li>Per user we can now have up to 20 parallel login sessions. Once a user
account reaches the 21st sessions, the session with the longest inactivity will
be invalidated.</li>
<li>Existing sessions with an inactivity of more than 7 days will be invalidated.</li>
</ul>
The change of the authentication cookie requires all users to login again to the
GUI after updating to Checkmk 2.0, because the cookie format is now incompatible
with the authentication cookies issued by previous Checkmk versions.
We use the incompatibility to switch the authentication cookie hashing
algorithm from to sha256. The previous md5 at this point was not a security
problem, but it can be considered bad practice.
ID: 11329
Title: hr_mem: exclude invalid memory stats from discovery
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.0.0i1
Sometimes SNMP delivers invalid data for a device's memory, causing the hr_mem
check to crash when trying to evaluate it. The check has been modified to
exclude the Memory service if invalid data is received.