ID: 14888
Title: Fix wrong color for down hosts
Component: Reporting & Availability
Level: 1
Class: Bug fix
Version: 2.2.0i1
Down hosts were colored yellow in reports.
ID: 14956
Title: mk_logwatch: Make regular expression for logfiles configurable in agent bakery
Component: agents
Level: 1
Class: Bug fix
Version: 2.2.0i1
When configuring the mk_logwatch agent plugin, it's possible to specify the file
matching patterns more precisely by defining a regular expression pattern within
the applying options.
You can choose among the keywords <tt>regex</tt> or <tt>iregex</tt> for a case
sensitive or insensitive matching, respectively.
While this option already exists for a long time, it can now be specified via
agent bakery by configuring the "Text logfiles" agent rulespec.
ID: 14651
Title: Fix "KeyError('use_regular')"
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.2.0i1
If users configured a rule <i>"Encryption (Linux, Windows)"</i> without actually setting values in it and used the unencryted mode of the agent controller, the Checkmk service would go {CRIT}.
ID: 14918
Title: Change base image of docker container
Component: Linux Distributions
Level: 1
Class: Security fix
Version: 2.2.0i1
With this Werk we change the base image of the Checkmk docker container from Debian buster to Ubuntu jammy.
Ubuntu jammy has more up to date packages.
This should reduce the amount of "vulnerabilities" found in the docker container by ~90%.
Please note that these vulnerabilities are either fixed by a backport of the fix or the configuration did not allow a exploitation.
The packages in the container were updated whenever a new container was build.
Unfortunately not all vulnerability-scanners were able to recognise this.
To our knowledge none of the vulnerabilities were exploitable.
We rate this with a CVSS of 0 (None) (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N).
This CVSS is primarily meant to please automatic scanners.
ID: 14170
Title: Fixed hanging activate changes on unfortunate error reporting
Component: Core & setup
Level: 1
Class: Bug fix
Version: 2.2.0i1
The config generation process could hang forever when an error was reported at the wrong time.
This problem could only be solved by identifying and terminating the processes that were locking the file <tt>~/etc/check_mk/main.mk</tt>.
ID: 14838
Title: REST API: New endpoint for downloading the license usage report
Component: REST API
Level: 1
Class: New feature
Version: 2.2.0i1
With the endpoint {{domain-types/license_usage/actions/download/invoke}} the
license usage report can be downloaded.
ID: 14631
Title: drbd: If the resource role was Unknown and disk state was DUnknown check result is now CRIT
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.2.0i1
If the resource role was 'Unknown' and the disk state was 'DUnknown' the check result used to be UNKNOWN.
Now the check result will be CRIT, if not otherwise set in the appropriate ruleset.
ID: 14824
Title: Custom extensions: Potentially incompatible change in GUI code
Component: Setup
Level: 1
Class: New feature
Version: 2.2.0i1
This werk only affects developers of custom extensions to Checkmk.
The variable <tt>cmk.gui.config.builtin_role_ids</tt>, which specifies IDs for built-in user roles,
has been split into two new variables:
LI: <tt>cmk.gui.config.default_authorized_builtin_role_ids</tt>: IDs of built-in user roles which
are by default authorized to use dashlets, sidebar snapins etc., unless explicitly specified
differently (at the moment admin, user, guest).
LI: <tt>cmk.gui.config.default_unauthorized_builtin_role_ids</tt>: IDs of built-in user roles which
are by default <i>not</i> authorized to use dashlets, sidebar snapins etc., unless explicitly
specified differently.
Note that <tt>builtin_role_ids</tt> still exists (still containing all built-in role IDs), however,
most developer will likely want to use <tt>cmk.gui.config.default_authorized_builtin_role_ids</tt>
in the future to avoid unwanted authorizations of new user roles added to
<tt>default_unauthorized_builtin_role_ids</tt>.
Alternatively, you may explicitly declare the roles you want to permit by default using
<tt>["admin", "user", "guest"]</tt>.
ID: 14851
Title: Improve performance of "Archive events" actions
Component: Event Console
Level: 1
Class: New feature
Version: 2.2.0i1
This change makes the "Archive events" actions in the
Event Console faster and more reliable.
This concerns both the selected events and all events of one host.
Especially if you have remote sites configured,
since there is no more query round-trip.
ID: 14628
Title: 3par_ports: Check and discovery used to fail if the protocol was NVMe
Component: Checks & agents
Level: 1
Class: Bug fix
Version: 2.2.0i1
The discovery and check functions used to crash because the port protocol was NVMe.
Now the check support the following protocols:
<ul>
<li>FC</li>
<li>iSCSI</li>
<li>FCOE</li>
<li>IP</li>
<li>SAS</li>
<li>NVMe</li>
</ul>