Title: Respect site filter in summary dashlets
Class: fix
Compatible: compat
Component: multisite
Date: 1713780113
Edition: cre
Level: 1
Version: 2.2.0p26
If you used the "Site" filter in a dashboard with a host or service summary
dashlet, the filter was ignored.
Title: Logfile pattern analyzer: Fix crash for first rule without regex pattern
Class: fix
Compatible: compat
Component: multisite
Date: 1713341414
Edition: cre
Level: 1
Version: 2.2.0p26
The "Logfile pattern analyzer" page crashed when the first "Logfile pattern" rule in place did not hold a regex pattern and a later rule did hold a regex pattern.
The rendering of the table of rules would crash with
C+:
Internal error: list index out of range
C-:
This is fixed and all rules are rendered as expected.
Title: df: Wrong handling of lower levels for free space
Class: fix
Compatible: compat
Component: checks
Date: 1713530112
Edition: cre
Level: 1
Version: 2.2.0p26
This is a regression since Checkmk 2.2.0.
When configuring the Service Monitoring Rule "Filesystems (used space and growth)",
configured levels for free space were evaluated incorrectly.
As a result, affected services erroneously showed up as <em>CRIT</em>.
This happened because of a wrong rounding while evaluating the levels, and only affected
small filesystems with a size below 1MB.
[//]: # (werk v2)
# Fix crash in SNMPv1 and SNMPv2 connection tests
key | value
---------- | ---
date | 2024-04-19T15:28:03+00:00
version | 2.3.0b6
class | fix
edition | cre
component | wato
level | 1
compatible | yes
When running the SNMP connection tests for a host that has SNMPv3 credentials configured, the SNMPv1
and SNMPv2 connection tests crashed. With the Inline SNMP backend, the corresponding error message
read "argument 2 must be str, not tuple". With the Classic backend, there was no error message at
all.
[//]: # (werk v2)
# mk_oracle: fix two parse errors
key | value
---------- | ---
compatible | yes
version | 2.4.0b1
date | 2024-04-09T06:01:31+00:00
level | 1
class | fix
component | checks
edition | cre
Due to fixes introduced with
<a href="https://checkmk.com/werk/16232">Werk #16232</a> new error messages
have been introduced to sections which previously had not to handle any errors.
Now <tt>oracle_processes</tt> and <tt>oracle_recovery_area</tt> services can
handle the new error messages.
[//]: # (werk v2)
# mk_oracle: Follow-up to privilege escalation fix: sqlnet.ora
key | value
---------- | ---
compatible | no
version | 2.4.0b1
date | 2024-04-05T09:38:28+00:00
level | 1
class | fix
component | checks
edition | cre
You are affected by this Werk if you use mk_oracle agent plugin on unix.
<tt>mk_oracle</tt> only works if it can find a <tt>sqlnet.ora</tt> in your
<tt>$TNS_ADMIN</tt> folder. In the past, <tt>mk_oracle</tt> executed all oracle
binaries as root, so <tt>sqlnet.ora</tt> was alwas readable. With <a
href="https://checkmk.com/werk/16232">Werk #16232</a> the oracle binaries are
executed with a low privileged user, so it might be the case, that
<tt>sqlnet.ora</tt> can not be read by this user.
<tt>mk_oracle</tt> will exit early if it can not read <tt>sqlnet.ora</tt>. The
error message might look like:
<code>
/etc/check_mk/sqlnet.ora can not be read by user "oracle"! Either use 'sqlnet.ora permission group' bakery rule, or directly modify permissions of the file.
</code>
The error message will also be visible in the <tt>oracle_instance</tt> check.
If you use the agent bakery to roll out mk_oracle to unix servers using
<tt>.rpm</tt>, <tt>.deb</tt> or Solaris <tt>.pkg</tt> packages, you have to use
the 'sqlnet.ora permission group' bakery rule to adapt the group of the
<tt>sqlnet.ora</tt> file, otherwise your permission changes might be
overwritten by updating the agent.
Otherwise it is sufficient to adapt the permissions.
If you install the agent on Unix using the <tt>tgz</tt> package, you will have
to manually adjust the permissions of the <tt>sqlnet.ora</tt> file.
[//]: # (werk v2)
# mk_oracle: Follow-up to privilege escalation fix
key | value
---------- | ---
compatible | no
version | 2.4.0b1
date | 2024-04-04T07:59:38+00:00
level | 2
class | fix
component | checks
edition | cre
You might be affected by this Werk if you use <tt>mk_oracle</tt> on a unix
system.
You might be affected by this Werk if you use oracle wallet to connect to your
database.
You are definitively affected by this Werk if you use oracle wallet to connect to your
database and used the instructions of our official documentation to setup your
configuration.
This Werk fixes connection problems introduced with 2.1.0p41, 2.2.0p24 and 2.3.0b4.
Since <a href="https://checkmk.com/werk/16232">Werk #16232</a> we switch to a
unprivileged user when executing oracle binaries. This causes problems when
using an oracle wallet as the unprivileged user might not be able to access
files defining the connection details and credentials.
We introduced an additional permission check to the <code>-t</code> "Just check
the connection" option of <code>mk_oracle</code>. It should help you modifying
the permissions to continue using <code>mk_oracle</code> with oracle wallet.
You can execute it with the following command:
<pre>
MK_CONFDIR=/etc/check_mk/ MK_VARDIR=/var/lib/check_mk_agent /usr/lib/check_mk_agent/plugins/mk_oracle --no-spool -t
</pre>
The path to mk_oracle might be different if you execute it asynchronously. For a
60 second interval the path would be <code>/usr/lib/check_mk_agent/plugins/60/mk_oracle</code>
The script will test permissions of the files needed to connect to the database. It boils down to the following:
<code>mk_oracle</code> will switch to the owner of
<code>$ORACLE_HOME/bin/sqlplus</code> before executing <code>sqlplus</code>. So
this user has to have the following permissions:
<ul>
<li>read <code>$TNS_ADMIN/sqlnet.ora</code></li>
<li>read <code>$TNS_ADMIN/tnsnames.ora</code></li>
<li>execute the wallet folder (<code>/etc/check_mk/oracle_wallet</code> if followed the official documentation)</li>
<li>read files inside the wallet folder (<code>/etc/check_mk/oracle_wallet/*</code> if followed the official documentation)</li>
</ul>
Beside that we also fixed some bash syntax errors we introduced with
<a href="https://checkmk.com/werk/16232">Werk #16232</a>.
See <a href="https://checkmk.atlassian.net/wiki/spaces/KB/pages/70582273/Troubleshooting…">Troubleshooting mk_oracle for Windows and Linux</a>
for more information about troubleshooting this problem.
[//]: # (werk v2)
# mk_oracle: report failed login
key | value
---------- | ---
compatible | yes
version | 2.4.0b1
date | 2024-04-10T08:38:00+00:00
level | 1
class | fix
component | checks
edition | cre
Due to fixes introduced with
<a href="https://checkmk.com/werk/16234">Werk #16234</a> a failed login to the
oracle database was not reported as critical, but the services were going
stale. This is now fixed.
[//]: # (werk v2)
# Deprecate "Asynchronous execution of plug-ins" rule
key | value
---------- | ---
date | 2024-04-22T06:19:27+00:00
version | 2.4.0b1
class | fix
edition | cee
component | setup
level | 1
compatible | yes
Th rule "Asynchronous execution of plug-ins" has no affect on the execution of the scrips
therefore it is being deprecated.
This means it will eventually be removed in future versions.
[//]: # (werk v2)
# Re-enable inline SNMP for SNMPv1
key | value
---------- | ---
date | 2024-04-20T13:55:35+00:00
version | 2.4.0b1
class | fix
edition | cre
component | checks
level | 1
compatible | yes
Due to a memory leak in the underlying library, Checkmk was using the
'classic' SNMP backend for all SNMPv1 hosts regardless of the user
configuration.
This memory leak has since been fixed, so we remove the fallback.