Werk 16508 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: Make LDAP connection test errors more explicit
Class: feature
Compatible: compat
Component: wato
Date: 1709829281
Edition: cre
Level: 1
Version: 2.2.0p25
The LDAP connection test does not give enough information
about which DN configured results in an error.
This werk adds identifying information for the DN to the
error message to make it easier to identify the problem.
------------------------------------<diff>-------------------------------------------
Title: Make LDAP connection test errors more explicit
Class: feature
Compatible: compat
Component: wato
Date: 1709829281
Edition: cre
Level: 1
- Version: 2.2.0p24
? ^
+ Version: 2.2.0p25
? ^
The LDAP connection test does not give enough information
about which DN configured results in an error.
This werk adds identifying information for the DN to the
error message to make it easier to identify the problem.
Werk 16582 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: passwords: Fix internal server error when creating a password in CME with a non existent customer
Class: fix
Compatible: compat
Component: rest-api
Date: 1710234772
Edition: cre
Level: 1
Version: 2.2.0p25
Previous this Werk, a status code 500 (Internal server error) was raised when creating a password with a non existent customer. This werk fixes that and now it returns a status code 400 (Bad request) with proper informaiton about the error
------------------------------------<diff>-------------------------------------------
Title: passwords: Fix internal server error when creating a password in CME with a non existent customer
Class: fix
Compatible: compat
Component: rest-api
Date: 1710234772
Edition: cre
Level: 1
- Version: 2.2.0p24
? ^
+ Version: 2.2.0p25
? ^
Previous this Werk, a status code 500 (Internal server error) was raised when creating a password with a non existent customer. This werk fixes that and now it returns a status code 400 (Bad request) with proper informaiton about the error
Werk 16584 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: REST API: Fix httpie examples
Class: fix
Compatible: compat
Component: rest-api
Date: 1710939092
Edition: cre
Level: 1
Version: 2.2.0p25
Some httpie examples had a backslash at the end of the last line causing
these examples to fail when executed. This Werk fixes the way REST API
examples are generated to prevent backslashes at the end of the last line.
------------------------------------<diff>-------------------------------------------
Title: REST API: Fix httpie examples
Class: fix
Compatible: compat
Component: rest-api
Date: 1710939092
Edition: cre
Level: 1
- Version: 2.2.0p24
? ^
+ Version: 2.2.0p25
? ^
Some httpie examples had a backslash at the end of the last line causing
these examples to fail when executed. This Werk fixes the way REST API
examples are generated to prevent backslashes at the end of the last line.
Werk 16629 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: Virtual host tree links work for more than three host tag groups
Class: fix
Compatible: compat
Component: multisite
Date: 1710494682
Edition: cre
Level: 1
Version: 2.2.0p25
A virtual host tree (Setup > General > Global settings > User interface > Virtual host trees) can be configured with more than three host tag tree levels. Yet, the corresponding views that are linked to from the sidebar element "Virtual host trees" were not able to display more than three rows in the "Host tags" filter and thus only filtered for the first three.
This is fixed. A virtual host tree link as described above now leads to a properly filtered view with all the given host tag filters shown in the filter popup.
------------------------------------<diff>-------------------------------------------
Title: Virtual host tree links work for more than three host tag groups
Class: fix
Compatible: compat
Component: multisite
Date: 1710494682
Edition: cre
Level: 1
- Version: 2.2.0p24
? ^
+ Version: 2.2.0p25
? ^
A virtual host tree (Setup > General > Global settings > User interface > Virtual host trees) can be configured with more than three host tag tree levels. Yet, the corresponding views that are linked to from the sidebar element "Virtual host trees" were not able to display more than three rows in the "Host tags" filter and thus only filtered for the first three.
This is fixed. A virtual host tree link as described above now leads to a properly filtered view with all the given host tag filters shown in the filter popup.
Werk 16550 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: Linux remote alert handlers not running under non-root user
Class: fix
Compatible: compat
Component: agents
Date: 1710234878
Edition: cee
Level: 1
Version: 2.2.0p25
In the ruleset <em>Remote alert handlers (Linux)</em>, you have to specify
a user under that the remote alert handler will be executed on agent side.
This user is set to <em>root</em> by default, but it's possible to choose
an arbitrary user.
But, when choosing a non-root user, the alert handlers previously
failed to execute, because the handler files got deployed with root-ownership
and were not readable by others.
To fix the problem, the ownership of the files now get changed to the specified
user.
Security note:
In general, it's important that all internal files of the Checkmk
agent have root ownership, as they might be read/executed by the Checkmk agent
under root.
However, this is not the case for remote alert handlers, as they
always get executed under the specified user.
As an additional security measure, the dispatcher on agent side
checks the ownership of installed remote alert handlers, and refuses to execute
non-root owned handlers when called via SSH with root rights.
------------------------------------<diff>-------------------------------------------
Title: Linux remote alert handlers not running under non-root user
Class: fix
Compatible: compat
Component: agents
Date: 1710234878
Edition: cee
Level: 1
- Version: 2.2.0p24
? ^
+ Version: 2.2.0p25
? ^
In the ruleset <em>Remote alert handlers (Linux)</em>, you have to specify
a user under that the remote alert handler will be executed on agent side.
This user is set to <em>root</em> by default, but it's possible to choose
an arbitrary user.
But, when choosing a non-root user, the alert handlers previously
failed to execute, because the handler files got deployed with root-ownership
and were not readable by others.
To fix the problem, the ownership of the files now get changed to the specified
user.
Security note:
In general, it's important that all internal files of the Checkmk
agent have root ownership, as they might be read/executed by the Checkmk agent
under root.
However, this is not the case for remote alert handlers, as they
always get executed under the specified user.
As an additional security measure, the dispatcher on agent side
checks the ownership of installed remote alert handlers, and refuses to execute
non-root owned handlers when called via SSH with root rights.
Werk 16497 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: agent_aws: Use proxy for connections to 'STS' client
Class: fix
Compatible: compat
Component: checks
Date: 1709804740
Edition: cre
Level: 1
Version: 2.2.0p25
Previously, if configured, proxy was used to connect to all clients except for the 'STS' client.
This led to a crash in the agent if 'STS' client was only accessible via proxy.
Now, the configured proxy will be used for the 'STS' client as well.
------------------------------------<diff>-------------------------------------------
Title: agent_aws: Use proxy for connections to 'STS' client
Class: fix
Compatible: compat
Component: checks
Date: 1709804740
Edition: cre
Level: 1
- Version: 2.2.0p24
? ^
+ Version: 2.2.0p25
? ^
Previously, if configured, proxy was used to connect to all clients except for the 'STS' client.
This led to a crash in the agent if 'STS' client was only accessible via proxy.
Now, the configured proxy will be used for the 'STS' client as well.
Werk 16498 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: cisco_redundancy: handle new swact reasons
Class: fix
Compatible: compat
Component: checks
Date: 1709890474
Edition: cre
Level: 1
Version: 2.2.0p25
Fixes a crash in the check plugin, caused by not handling two recently added switch of activity reasons.
------------------------------------<diff>-------------------------------------------
Title: cisco_redundancy: handle new swact reasons
Class: fix
Compatible: compat
Component: checks
Date: 1709890474
Edition: cre
Level: 1
- Version: 2.2.0p24
? ^
+ Version: 2.2.0p25
? ^
Fixes a crash in the check plugin, caused by not handling two recently added switch of activity reasons.
Werk 16579 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: downtimes: Added 'modify downtimes' endpoint
Class: feature
Compatible: compat
Component: rest-api
Date: 1709289998
Edition: cre
Level: 1
Version: 2.2.0p25
With this Werk a new endpoint for modifying downtimes is incorporated.
It is possible to modify the comment and the end timestamp as in the GUI.
The selection of downtimes to modify can be done by id, by query, or by
hostname and service description.
Method: PUT
URL: domain-types/downtime/actions/modify/invoke
------------------------------------<diff>-------------------------------------------
Title: downtimes: Added 'modify downtimes' endpoint
Class: feature
Compatible: compat
Component: rest-api
Date: 1709289998
Edition: cre
Level: 1
- Version: 2.2.0p24
? ^
+ Version: 2.2.0p25
? ^
With this Werk a new endpoint for modifying downtimes is incorporated.
It is possible to modify the comment and the end timestamp as in the GUI.
The selection of downtimes to modify can be done by id, by query, or by
hostname and service description.
Method: PUT
URL: domain-types/downtime/actions/modify/invoke
Werk 16494 was adapted. The following is the new Werk, a diff is shown at the end of the message.
Title: netapp_ontap_temp: restore check of list of sensors
Class: fix
Compatible: compat
Component: checks
Date: 1708967815
Edition: cre
Level: 1
Version: 2.2.0p25
The above-mentioned plugin now monitors the list of ambient and internal temperature sensors,
sticking to the logic of the netapp_api_temp plugin (old Netapp API).
A re-discovery is needed to monitor the new services.
------------------------------------<diff>-------------------------------------------
Title: netapp_ontap_temp: restore check of list of sensors
Class: fix
Compatible: compat
Component: checks
Date: 1708967815
Edition: cre
Level: 1
- Version: 2.2.0p24
? ^
+ Version: 2.2.0p25
? ^
The above-mentioned plugin now monitors the list of ambient and internal temperature sensors,
sticking to the logic of the netapp_api_temp plugin (old Netapp API).
A re-discovery is needed to monitor the new services.
Title: postfix: Fix Postfix status monitoring for agents run in Docker
Class: fix
Compatible: compat
Component: checks
Date: 1710323821
Edition: cre
Level: 1
Version: 2.2.0p24
Previously, Checkmk agent used the data from /proc to determine if Postfix instance is running.
Since docker containers don't have permissions to read /proc, the agent always reported
the Postfix instance as 'not running'.
This resulted in CRIT 'Postfix status' service even if Postfix instance was running correctly.