Werk 16579 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: downtimes: Added 'modify downtimes' endpoint
Class: feature
Compatible: compat
Component: rest-api
Date: 1709289998
Edition: cre
Level: 1
Version: 2.2.0p26
With this Werk a new endpoint for modifying downtimes is incorporated.
It is possible to modify the comment and the end timestamp as in the GUI.
The selection of downtimes to modify can be done by id, by query, or by
hostname and service description.
Method: PUT
URL: domain-types/downtime/actions/modify/invoke
------------------------------------<diff>-------------------------------------------
Title: downtimes: Added 'modify downtimes' endpoint
Class: feature
Compatible: compat
Component: rest-api
Date: 1709289998
Edition: cre
Level: 1
- Version: 2.2.0p25
? ^
+ Version: 2.2.0p26
? ^
With this Werk a new endpoint for modifying downtimes is incorporated.
It is possible to modify the comment and the end timestamp as in the GUI.
The selection of downtimes to modify can be done by id, by query, or by
hostname and service description.
Method: PUT
URL: domain-types/downtime/actions/modify/invoke
Werk 16499 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: bluenet: allow discovery for newer devices
Class: fix
Compatible: compat
Component: checks
Date: 1707740421
Edition: cre
Level: 1
Version: 2.2.0p26
Prior to this werk, the snmp detect condition was too
restrictive which excluded subsequently new devices.
Those new devices had another oid section following the
initial condition. This werk makes the detect condition
more lenient to allow discovery of those devices.
------------------------------------<diff>-------------------------------------------
Title: bluenet: allow discovery for newer devices
Class: fix
Compatible: compat
Component: checks
Date: 1707740421
Edition: cre
Level: 1
- Version: 2.2.0p25
? ^
+ Version: 2.2.0p26
? ^
Prior to this werk, the snmp detect condition was too
restrictive which excluded subsequently new devices.
Those new devices had another oid section following the
initial condition. This werk makes the detect condition
more lenient to allow discovery of those devices.
Werk 16625 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: service_discovery/bulk_discovery: reformulate documentation for mode option
Class: fix
Compatible: compat
Component: rest-api
Date: 1710239567
Edition: cre
Level: 1
Version: 2.2.0p26
Previously, the single service discovery and the bulk discovery shared the same
documentation for the mode field. This covers the use cases for the bulk discovery
to a certain degree. This werk fixes this. In addition, this werk also
resolves previously non working modes 'fix_all' and 'tabula_rasa'.
------------------------------------<diff>-------------------------------------------
Title: service_discovery/bulk_discovery: reformulate documentation for mode option
Class: fix
Compatible: compat
Component: rest-api
Date: 1710239567
Edition: cre
Level: 1
- Version: 2.2.0p25
? ^
+ Version: 2.2.0p26
? ^
Previously, the single service discovery and the bulk discovery shared the same
documentation for the mode field. This covers the use cases for the bulk discovery
to a certain degree. This werk fixes this. In addition, this werk also
resolves previously non working modes 'fix_all' and 'tabula_rasa'.
Werk 16549 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: Agent updates failing on Solaris 10
Class: fix
Compatible: incomp
Component: agents
Date: 1709282638
Edition: cee
Level: 1
Version: 2.2.0p26
On some Solaris 10 systems, an agent update did crash with error message
C+:
/var/sadm/pkg/check-mk-agent/install/postremove: syntax error at line 19: `(' unexpected
pkgrm: ERROR: postremove script did not complete successfully
C-:
If you ran into this error, to make the update perform again, please delete the file
<code>/var/sadm/pkg/check-mk-agent/install/postremove</code> on affected systems.
Technical background:\
The postremove script used the subshell evaluation syntax <code>$(...)</code> that is incompatible to the standard <code>bin/sh</code> shell found on some Solaris 10 systems.
------------------------------------<diff>-------------------------------------------
Title: Agent updates failing on Solaris 10
Class: fix
Compatible: incomp
Component: agents
Date: 1709282638
Edition: cee
Level: 1
- Version: 2.2.0p25
? ^
+ Version: 2.2.0p26
? ^
On some Solaris 10 systems, an agent update did crash with error message
C+:
/var/sadm/pkg/check-mk-agent/install/postremove: syntax error at line 19: `(' unexpected
pkgrm: ERROR: postremove script did not complete successfully
C-:
If you ran into this error, to make the update perform again, please delete the file
<code>/var/sadm/pkg/check-mk-agent/install/postremove</code> on affected systems.
Technical background:\
The postremove script used the subshell evaluation syntax <code>$(...)</code> that is incompatible to the standard <code>bin/sh</code> shell found on some Solaris 10 systems.
Werk 16652 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: NVIDIA Graphics Card: Fix parsing error on new data format
Class: fix
Compatible: compat
Component: checks
Date: 1712312228
Edition: cre
Level: 1
Version: 2.2.0p26
------------------------------------<diff>-------------------------------------------
Title: NVIDIA Graphics Card: Fix parsing error on new data format
Class: fix
Compatible: compat
Component: checks
Date: 1712312228
Edition: cre
Level: 1
- Version: 2.2.0p25
? ^
+ Version: 2.2.0p26
? ^
Werk 16508 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: Make LDAP connection test errors more explicit
Class: feature
Compatible: compat
Component: wato
Date: 1709829281
Edition: cre
Level: 1
Version: 2.2.0p26
The LDAP connection test does not give enough information
about which DN configured results in an error.
This werk adds identifying information for the DN to the
error message to make it easier to identify the problem.
------------------------------------<diff>-------------------------------------------
Title: Make LDAP connection test errors more explicit
Class: feature
Compatible: compat
Component: wato
Date: 1709829281
Edition: cre
Level: 1
- Version: 2.2.0p25
? ^
+ Version: 2.2.0p26
? ^
The LDAP connection test does not give enough information
about which DN configured results in an error.
This werk adds identifying information for the DN to the
error message to make it easier to identify the problem.
Werk 16550 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: Linux remote alert handlers not running under non-root user
Class: fix
Compatible: compat
Component: agents
Date: 1710234878
Edition: cee
Level: 1
Version: 2.2.0p26
In the ruleset <em>Remote alert handlers (Linux)</em>, you have to specify
a user under that the remote alert handler will be executed on agent side.
This user is set to <em>root</em> by default, but it's possible to choose
an arbitrary user.
But, when choosing a non-root user, the alert handlers previously
failed to execute, because the handler files got deployed with root-ownership
and were not readable by others.
To fix the problem, the ownership of the files now get changed to the specified
user.
Security note:
In general, it's important that all internal files of the Checkmk
agent have root ownership, as they might be read/executed by the Checkmk agent
under root.
However, this is not the case for remote alert handlers, as they
always get executed under the specified user.
As an additional security measure, the dispatcher on agent side
checks the ownership of installed remote alert handlers, and refuses to execute
non-root owned handlers when called via SSH with root rights.
------------------------------------<diff>-------------------------------------------
Title: Linux remote alert handlers not running under non-root user
Class: fix
Compatible: compat
Component: agents
Date: 1710234878
Edition: cee
Level: 1
- Version: 2.2.0p25
? ^
+ Version: 2.2.0p26
? ^
In the ruleset <em>Remote alert handlers (Linux)</em>, you have to specify
a user under that the remote alert handler will be executed on agent side.
This user is set to <em>root</em> by default, but it's possible to choose
an arbitrary user.
But, when choosing a non-root user, the alert handlers previously
failed to execute, because the handler files got deployed with root-ownership
and were not readable by others.
To fix the problem, the ownership of the files now get changed to the specified
user.
Security note:
In general, it's important that all internal files of the Checkmk
agent have root ownership, as they might be read/executed by the Checkmk agent
under root.
However, this is not the case for remote alert handlers, as they
always get executed under the specified user.
As an additional security measure, the dispatcher on agent side
checks the ownership of installed remote alert handlers, and refuses to execute
non-root owned handlers when called via SSH with root rights.
Werk 16497 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: agent_aws: Use proxy for connections to 'STS' client
Class: fix
Compatible: compat
Component: checks
Date: 1709804740
Edition: cre
Level: 1
Version: 2.2.0p26
Previously, if configured, proxy was used to connect to all clients except for the 'STS' client.
This led to a crash in the agent if 'STS' client was only accessible via proxy.
Now, the configured proxy will be used for the 'STS' client as well.
------------------------------------<diff>-------------------------------------------
Title: agent_aws: Use proxy for connections to 'STS' client
Class: fix
Compatible: compat
Component: checks
Date: 1709804740
Edition: cre
Level: 1
- Version: 2.2.0p25
? ^
+ Version: 2.2.0p26
? ^
Previously, if configured, proxy was used to connect to all clients except for the 'STS' client.
This led to a crash in the agent if 'STS' client was only accessible via proxy.
Now, the configured proxy will be used for the 'STS' client as well.
Werk 16609 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: Publish permission handling for various components
Class: fix
Compatible: incomp
Component: multisite
Date: 1710410065
Edition: cre
Level: 1
Version: 2.2.0p26
Werk 13498 introduced the possibility to set limit publish permissions
to certain contact groups, sites etc. Still, the permission "Publish views"
(e.g. for publishing views) was needed to see the published views. With
Werk 16320 this has been fixed for dashboards, views and reports.
This werk fixes the behavior for the remaining components (Bookmarks, Graphs,
SLAs and Reports).
Note: Please check the respective publish configuration.
------------------------------------<diff>-------------------------------------------
Title: Publish permission handling for various components
Class: fix
Compatible: incomp
Component: multisite
Date: 1710410065
Edition: cre
Level: 1
- Version: 2.2.0p25
? ^
+ Version: 2.2.0p26
? ^
Werk 13498 introduced the possibility to set limit publish permissions
to certain contact groups, sites etc. Still, the permission "Publish views"
(e.g. for publishing views) was needed to see the published views. With
Werk 16320 this has been fixed for dashboards, views and reports.
This werk fixes the behavior for the remaining components (Bookmarks, Graphs,
SLAs and Reports).
Note: Please check the respective publish configuration.