ID: 13091
Title: Fixed event console time filters
Component: Event Console
Level: 2
Class: Bug fix
Version: 2.1.0i1
The event console contains logic to quickly skip history files which are not
relevant for a given query. This logic was broken from day one, often
resulting in superfluous processing of irrelevant history files, which in
turn could lead to e.g. timeouts in the GUI. This has been fixed now.
ID: 13512
Title: Fix possible "Request-URI Too Long" error on editing contact groups
Component: Setup
Level: 1
Class: Bug fix
Version: 2.1.0i1
If contact groups were edited and a large number of inventory paths or nagvis
maps were added in the "Permissions" section, an "Request-URI Too Long" error
could occur on saving the changes.
ID: 13480
Title: Veeam backup status: Ignore warning
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.1.0i1
Since Veeam 10 <tt>Get-VBRJob</tt> returns a warning which ends up in the agent output and confuses the <tt>veeam_tapejobs</tt> check.
This werk silently discards this warning and makes the check compatible with Veeam 10.
Thanks to Marius Rieder.
ID: 13324
Title: Shipping software bill of materials with Checkmk
Component: Site Management
Level: 1
Class: Security fix
Version: 2.1.0i1
A software bill of materials can be used to analyze the components that are
part of Checkmk. An accurate inventory of all components enables organizations
to identify risk, allows for greater transparency, and enables rapid impact
analysis.
Checkmk packages are now shipping a BOM in OWASP CycloneDX format. As of
Checkmk 2.1.0 and 2.0.0p18 it can be found in each site at the path
<tt>share/doc/bill-of-materials.json</tt>.
ID: 13509
Title: Fix impossible host renaming if uninvolved sites have changes
Component: Setup
Level: 1
Class: Bug fix
Version: 2.1.0i1
If a host was renamed on page "Properties of MYHOST" via "Hosts" - "Rename",
the renaming operation was not possible if any site in distributed environment
had pending changes.
This leaded to situations where no more renaming was possible, e.g. if remote sites
where continuous disabled.
>From now on, only the central site and the site the renamed host is monitored
on must have no pending changes.
ID: 13479
Title: Commandlets of active checks and special agents may be passed None as IP address
Component: Checks & agents
Level: 1
Class: New feature
Version: 2.1.0i1
This werk only affects users who have implemented their own plugins for active checks or special agents (the ones commonly named <tt>checks/check_*</tt> and <tt>checks/agent_*</tt>).
The functions implemented in those plugins have to a accept the IP address of the host as an argument.
For hosts without an IP address they used to get passed <tt>"0.0.0.0"</tt> or <tt>"::0"</tt>.
This has been changed to `None`.
Since most of these functions simply pass it on in a list, this should not make any difference.
ID: 13195
Title: Add validation to Documentation URL
Component: Setup
Level: 1
Class: Security fix
Version: 2.1.0i1
Previous to this Werk the URLs to Documentation were not validated (e.g. in the
rule creation dialog). This could have lead to malicious links, e.g. links
containing javascript. These links now will be validated. The URL schemes are
now restricted to "http" and "https".
ID: 13131
Title: custom_files: Fix permissions of custom deployed agent plugins
Component: agents
Level: 1
Class: Bug fix
Version: 2.1.0i1
This Werk fixes a regression that was introduced with Checkmk 2.0.0. Only agent installations that need
to call agent plugins with a non-root user are affected.
When deploying custom files with the "Deploy custom files with agent" agent rule, one would
expect files placed under <tt>pkgname/lib/plugins/</tt> to be deployed as plugin files.
This only partially held true before, because files placed under the <tt>plugins</tt>
subfolder weren't recognized as actual plugins. While <tt>lib</tt> files are deployed
with a permissions of <tt>0640</tt>, plugin files are to be deployed with permissions
of <tt>0755</tt>, which was not done for custom deployed files.
However, as the executable flag of all custom files is maintained during deployment, the plugins
are (if placed as executable on the Checkmk site) still executable on the hosts, but
without being accessible to non-root users. Hence, it was not possible to use the agent rule
"Plugins, local checks and MRPE for non-root users" or other techniques that need to call
plugins with a non-root user in combination with custom deployed plugin files.
Files under <tt>pkgname/lib/plugins</tt> now are deployed permissions of <tt>0755</tt>,
regardless of the initial permissions when placed at the custom files directory on the site.
ID: 13132
Title: mk_filestats: Deploy agent plugin without config
Component: agents
Level: 1
Class: Bug fix
Version: 2.1.0i1
It's now possible to bake agents with agent rule
"Count, size and age of files - mk_filestat (Linux)" while selecting
"Deploy the filestats plugin without configuration.
This fixes a regression introduced with Checkmk 2.0.0 that lead to a crash when
baking agents.