ID: 12952
Title: REST API: make endpoint responses more specific
Component: Core & setup
Level: 1
Class: Bug fix
Version: 2.1.0i1
Some endpoints of host_config and folder_config had the unspecific endpoint-type of
DomainObject and DomainObjectCollection. These have now been upgraded to HostConfigCollection,
HostConfigObject, FolderObject and FolderCollection.
Some automatically generated API clients for statically typed programming languages may
throw exceptions after these changes. You will have to recreate your API client based on
the specification provided with the 2.0.0p8 release.
The behaviour of the endpoints have not been changes, so if you use an API client in a
dynamically typed language or a hand-written one, you may not have to change anything.
ID: 12954
Title: generate default site configuration before Apache starts
Component: Core & setup
Level: 2
Class: Bug fix
Version: 2.1.0i1
Before this Werk, the default configuration was created by Checkmk
on the first request to the GUI.
This has been changed to happend *before* the Apache process starts up
the first time. The reason for this is that some parts of Checkmk
(e.g. the REST API) now need the default configuration to already be
present at startup.
This may cause issues with server configuration management systems (e.g.
Puppet, Chef or Ansible) when these systems expect a certain file to be
missing in a newly created site, whereas now these files will exist.
The files in question are:
etc/check_mk/multisite.d/wato/ca-certificates.mk
etc/check_mk/multisite.d/wato/groups.mk
etc/check_mk/multisite.d/wato/global.mk
etc/check_mk/multisite.d/wato/tags.mk
etc/check_mk/multisite.d/wato/users.mk
etc/check_mk/conf.d/wato/contacts.mk
etc/check_mk/conf.d/wato/groups.mk
etc/check_mk/conf.d/wato/rules.mk
etc/check_mk/conf.d/wato/global.mk
etc/check_mk/conf.d/wato/notifications.mk
etc/check_mk/conf.d/wato/tags.mk
ID: 13074
Title: API: modification of acknowledgement endpoint to allow management in distributed setup
Component: Core & setup
Level: 1
Class: New feature
Version: 2.1.0i1
In the previous version, acknowledgements were restricted to a non distributed
monitoring setup. This werk resolves this restriction and allows the user to equally
handle acknowledgements in a distributed setup.
ID: 12951
Title: response format of all host_config/folder_config REST API endpoints
Component: Core & setup
Level: 2
Class: Bug fix
Version: 2.1.0i1
The response format of some host_config and folder_config endpoints
did not fully conform to the OpenAPI spec. This has now been fixed, but
this also means that the following endpoints
create folder
hosts of folder
update folder
bulk update folders
move a folder
bulk create hosts
list hosts
will have a different format in SOME attributes on the attributes key
within the "extensions" key. The now documented format in the OpenAPI
documentation is the correct one now.
ID: 12697
Title: Fix problem with removing acknowledgements
Component: Core & setup
Level: 1
Class: Bug fix
Version: 2.1.0i1
If the comment to an acknowledgement was removed first, for
example, from the "Monitor | Comments" menu, the acknowledgement
would stick and could not be removed anymore.
ID: 13346
Title: <tt>logwatch_ec</tt>: Fix crash with <tt>KeyError</tt> in cluster mode
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.1.0i1
In a clustered setup, the check plugin <tt>logwatch_ec</tt>, used for
forwarding log messages collected by the logwatch agent plugin to the
Event Console, might have crashed with a <tt>KeyError</tt>. This
happened if a logfile was present only on some, but not all cluster
nodes.
ID: 13244
Title: wut_webio: Fix AssertionError on rules page
Component: Multisite
Level: 1
Class: Bug fix
Version: 2.1.0i1
When opening the rules page for "W&T WebIO" from the effective parameters page
of a host, an AssertionError occured.
ID: 13221
Title: OMD apache status metrics have different titles now
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.1.0i1
The mettrics of the <i>OMD apache status</i> services did
not include the unit of the measurement, leading to three
metrics with the same name each. This is fixed by adding
the units <i>"Requests"</i>, <i>"Bytes"</i> and <i>"Secs"</i>
to each metric title.
ID: 13329
Title: Add missing state colors in analyze configuration
Component: Multisite
Level: 1
Class: Bug fix
Version: 2.1.0i1
The state colors in the right columns in the analyze configuration
page of the setup menu was missing.
ID: 13193
Title: XSS in report editing
Component: Reporting & Availability
Level: 1
Class: Security fix
Version: 2.1.0i1
It was possible to Inject HTML code in various Content elments. This could also be used in shared reports.
CVSS: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H 9.0
Affected Versions: all below
Workarounds: Disallow users to customize reports (Set 'General Permissions' > 'Customize reports and use them' to no)
Exploit detections: Check `var/check_mk/web/*/user_reports.mk` for html specialchars.