Permalink
Please
sign in to comment.
Browse files
Move OMD packaging things to Check_MK git
We want to have a single git repository for developing Check_MK. This makes several things a lot easier. Change-Id: I73ba0ee498798efdb7a81b9c0dc009cc49827ef2
- Loading branch information
LarsMichelsen
committed
Jul 17, 2017
1 parent
edc4d83
commit 133fb6c11192b860ddcc50595dc189b7313f8f86
| @@ -0,0 +1,13 @@ | ||
| Title: Being more robust against duplicat engineIDs when monitoring SNMPv3 devices | ||
| Level: 1 | ||
| Component: inline-snmp | ||
| Compatible: compat | ||
| Version: 1.2.7i2 | ||
| Date: 1433506248 | ||
| Class: fix | ||
|
|
||
| The engineID is defined to be a globally unique identifier of a SNMPv3 device, but it happens | ||
| that users configure the same engineID multiple times for different devices, which made | ||
| Check_MK only talk to one of them and reporting "No Response from host (Timeout 0/-24)" for | ||
| the other devices. This has been changed now that Check_MK disregards the misconfiguration | ||
| and works as usual. |
| @@ -0,0 +1,9 @@ | ||
| Title: Handling invalid core config problems during updates more friendly | ||
| Level: 1 | ||
| Component: omd | ||
| Class: fix | ||
| Compatible: compat | ||
| State: unknown | ||
| Version: 1.2.7i3 | ||
| Date: 1435235503 | ||
|
|
| @@ -0,0 +1,28 @@ | ||
| Title: Base URL redirects preserve https protocols now | ||
| Level: 1 | ||
| Component: packages | ||
| Class: fix | ||
| Compatible: compat | ||
| State: unknown | ||
| Version: 1.2.7i3 | ||
| Date: 1435659455 | ||
|
|
||
| Default redirects from /[site] and /[site]/ to /[site]/omd/ are | ||
| are now preserving the original requested protocol (http/https). | ||
| When using the apache shared mode (which is the default), having | ||
| the system apache service the pages via HTTPS, you will need to | ||
| configure the system apache to provide the X-Forwarded-Proto | ||
| request header to the site apache, which can be done by | ||
| adding the line 'RequestHeader set X-Forwarded-Proto "https"' to | ||
| the proxy configuration related to the site. | ||
|
|
||
| So if you want to secure your site using SSL, you will need | ||
| to configure the following things in the system apache: | ||
|
|
||
| a) Enable and configure HTTPS | ||
| b) Redirecting all HTTP requests to HTTPS | ||
| c) Set the request headers X-Forwarded-Proto, e.g. | ||
|
|
||
| <Location /[sitename]> | ||
| RequestHeader set X-Forwarded-Proto "https" | ||
| </Location> |
| @@ -0,0 +1,13 @@ | ||
| Title: Improved performance of Check_MK NagVis Maps Snapin | ||
| Level: 2 | ||
| Component: nagvis | ||
| Class: fix | ||
| Compatible: compat | ||
| State: unknown | ||
| Version: 1.2.7i3 | ||
| Date: 1436188027 | ||
|
|
||
| The NagVis Maps snapin of the Check_MK sidebar was not performing very well | ||
| when a lot of users were accessing the Check_MK GUI at the same time. NagVis | ||
| introduced a new caching for the snapin contents which should decrease the | ||
| loading time of the snapin dramatically. |
| @@ -0,0 +1,9 @@ | ||
| Title: Updated rrdtool to version 1.5.4 | ||
| Level: 1 | ||
| Component: packages | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1440594029 | ||
| Class: feature | ||
|
|
||
|
|
| @@ -0,0 +1,9 @@ | ||
| Title: Shipping check_mysql_health, check_oracle_health, check_nrpe and check_multi again | ||
| Level: 1 | ||
| Component: packages | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1445499247 | ||
| Class: feature | ||
|
|
||
|
|
| @@ -0,0 +1,10 @@ | ||
| Title: check_icmp: Fixed not using configured ping levels since IPv6 implementation | ||
| Level: 1 | ||
| Component: packages | ||
| Class: fix | ||
| Compatible: compat | ||
| State: unknown | ||
| Version: 1.2.7i3 | ||
| Date: 1445525306 | ||
|
|
||
|
|
| @@ -0,0 +1,14 @@ | ||
| Title: Fixed SNMP timeouts caused by invalid responses from devices | ||
| Level: 1 | ||
| Component: inline-snmp | ||
| Class: fix | ||
| Compatible: compat | ||
| State: unknown | ||
| Version: 1.2.7i3 | ||
| Date: 1447254477 | ||
|
|
||
| When a SNMP device which has a bug in it's SNMP implementation is responding | ||
| with a value which can not be parsed, e.g. a number which is increasing the | ||
| maximum value of a 32bit integer, the packet was dropped. The SNMP engine | ||
| was retrying to fetch the data and finally timing out. These timeouts | ||
| has been fixed now. |
| @@ -0,0 +1,11 @@ | ||
| Title: New dependency Python OpenSSL | ||
| Level: 1 | ||
| Component: packages | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1452846171 | ||
| Class: fix | ||
|
|
||
| The current Check_MK release requires a new dependency to be installed. | ||
| It is the Python OpenSSL module which is named python-openssl on most | ||
| distributions and pyOpenSSL on RedHat/CentOS. |
| @@ -0,0 +1,14 @@ | ||
| Title: msi generation: improved error handling, removed version information from product name | ||
| Level: 1 | ||
| Component: packages | ||
| Class: fix | ||
| Compatible: compat | ||
| Version: 1.2.7i2 | ||
| Date: 1433838935 | ||
|
|
||
| The agent version is no longer displayed in the product name. | ||
| This is because some software management tools have troubles to detect the same | ||
| product family if the name differs. | ||
|
|
||
| Additionally the error handling during the msi generation (done by the agent bakery) | ||
| has been improved. |
| @@ -0,0 +1,13 @@ | ||
| Title: Set correct bash environment for cronjobs | ||
| Level: 1 | ||
| Component: omd | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1460720891 | ||
| Class: fix | ||
|
|
||
| There were certain scenarios were the .profile file was not loaded for crontabs. | ||
| This fix always sets these environment variables for the crontabs | ||
| SHELL=/bin/bash | ||
| BASH_ENV=$OMD_ROOT/.profile | ||
|
|
| @@ -0,0 +1,9 @@ | ||
| Title: "omd cp --no-rrds" now excludes ~/var/check_mk/rrd/* | ||
| Level: 1 | ||
| Component: omd | ||
| Compatible: compat | ||
| Version: 1.4.0i3 | ||
| Date: 1479201047 | ||
| Class: fix | ||
|
|
||
|
|
| @@ -0,0 +1,29 @@ | ||
| Title: Fixed SSL connection issues in different situations | ||
| Level: 1 | ||
| Component: omd | ||
| Class: fix | ||
| Compatible: compat | ||
| Edition: cre | ||
| State: unknown | ||
| Version: 1.5.0i1 | ||
| Date: 1497013634 | ||
|
|
||
| Whenever a server component of Check_MK opens a SSL connection it uses the trusted certificate | ||
| authorities to verify the SSL certificate of the destination server. This is used for example | ||
| when performing WATO replication to slave sites or when special agents are communicating via | ||
| HTTPS. | ||
|
|
||
| In older Check_MK versions the system wide trusted CAs were used to do the verification. During | ||
| development of Check_MK 1.4 different parts of Check_MK that establish communications via HTTPS | ||
| have been refactored to use a new library (python requests) which does not care about the system | ||
| wide trusted CAs by default. This lead to SSL verification errors because former verifyable | ||
| certificates were now not verifyable anymore. The error messages were different in this situation, | ||
| one example is: "SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed". | ||
|
|
||
| The first change is that we have now fixed that to get the old functionality back. Check_MK is | ||
| now searching <tt>/etc/ssl/certs</tt> or </tt>/etc/pki/tls/certs</tt> for system wide trusted | ||
| CAs by default. | ||
|
|
||
| The second change is that we have now added a new global setting which you can use to change | ||
| the behaviour: <i>Site Management > Trusted certificate authorities for SSL</i>. You can | ||
| disable trusting system wide trusted CAs and upload your custom CAs if you need it. |
| @@ -0,0 +1,12 @@ | ||
| Title: Add missing empty directories after copying sites with omd cp -N | ||
| Level: 1 | ||
| Component: omd | ||
| Compatible: compat | ||
| Version: 1.2.7i2 | ||
| Date: 1433859685 | ||
| Class: fix | ||
|
|
||
| If you copied a site using the option <tt>-N</tt> on <tt>omd cp</tt> then | ||
| several directories would be missing - namely those that contain the omitted | ||
| data (log files, performance data etc.). This has been fixed and the empty | ||
| directories are correctly being created in the copy now. |
| @@ -0,0 +1,10 @@ | ||
| Title: Added OpenHardwareMonitor as a (soft) dependency for the windows agent | ||
| Level: 1 | ||
| Component: packages | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1453210138 | ||
| Class: feature | ||
|
|
||
| This adds a stripped down version of OpenHardwareMonitor as a plugin for the windows agent that can | ||
| (soon) be enabled through the bakery to enable monitoring of hardware sensors. |
| @@ -0,0 +1,14 @@ | ||
| Title: rrdcached: added commands to suspend writing to rrd files | ||
| Level: 1 | ||
| Component: packages | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1462804440 | ||
| Class: feature | ||
|
|
||
| using these commands, one can backup rrd files in a consistent state. | ||
| There are four new commands in total, 2 for suspend, 2 for resume, | ||
| one each applying to individual files (SUSPEND/RESUME) and one each | ||
| for all files at once (SUSPENDALL/RESUMEALL). | ||
| Please note that these mechanisms are independent from each other so | ||
| you can't use RESUMEALL to release files suspended with SUSPEND |
| @@ -0,0 +1,9 @@ | ||
| Title: CentOS 5.5: Shipping with compatible simplejson module now | ||
| Level: 1 | ||
| Component: distros | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1454497687 | ||
| Class: fix | ||
|
|
||
|
|
| @@ -0,0 +1,10 @@ | ||
| Title: Fixed broken NagVis Maps snapin | ||
| Level: 1 | ||
| Component: nagvis | ||
| Class: fix | ||
| Compatible: compat | ||
| State: unknown | ||
| Version: 1.2.7i3 | ||
| Date: 1455522475 | ||
|
|
||
|
|
| @@ -0,0 +1,12 @@ | ||
| Title: Silently ignoring deprecated "gadget_type" option now | ||
| Level: 1 | ||
| Component: nagvis | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1456864328 | ||
| Class: fix | ||
|
|
||
| Changed handling of deprecated map object attributes: They are silently | ||
| ignored by NagVis now. We inform users about deprecated (useless) | ||
| attributes in the ChangeLog and will mark old options in the documentation, | ||
| but the map loading will not be affected by the deprecated options anymore |
| @@ -0,0 +1,9 @@ | ||
| Title: BI-Backend: Is now handling the acknowledgement and downtime infos of BI | ||
| Level: 1 | ||
| Component: nagvis | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1456864378 | ||
| Class: feature | ||
|
|
||
|
|
| @@ -0,0 +1,18 @@ | ||
| Title: Fixed possible broken Check_MK web cron job when HTTPS is configured | ||
| Level: 1 | ||
| Component: packages | ||
| Class: fix | ||
| Compatible: compat | ||
| State: unknown | ||
| Version: 1.2.7i3 | ||
| Date: 1458230991 | ||
|
|
||
| When configuring a system apache for service the webpages via HTTPS and not | ||
| via HTTP, the default Check_MK web cron job which is executed once each minute | ||
| was not executed correctly because it used http://localhost/[siteid] to call | ||
| the cron job. This URL is only working when the system apache is listening | ||
| on port 80 (HTTP) at least on localhost. | ||
|
|
||
| We have now changed the default cron job to directly use the site apache instead | ||
| of the system apache for calling the cron job. This is working even when the | ||
| system apache is configured to only listen via HTTPS. |
| @@ -0,0 +1,14 @@ | ||
| Title: Shipping pyOpenSSL for Ubuntu 12.04 (precise) | ||
| Level: 1 | ||
| Component: packages | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1458548991 | ||
| Class: fix | ||
|
|
||
| This fixes an issue with the agent bakery where agents could not be signed. | ||
|
|
||
| Normally Ubuntu 12.04 has pyOpenSSL installed in version 0.12 which has a bug | ||
| in the sign method (https://bugs.launchpad.net/pyopenssl/+bug/653830). | ||
|
|
||
| Shipping pyOpenSSL 0.13.1 now. |
| @@ -0,0 +1,10 @@ | ||
| Title: Added missing MySQL-python module (needed by check_sql check) | ||
| Level: 1 | ||
| Component: packages | ||
| Class: fix | ||
| Compatible: compat | ||
| State: unknown | ||
| Version: 1.2.7i3 | ||
| Date: 1458820847 | ||
|
|
||
|
|
| @@ -0,0 +1,25 @@ | ||
| Title: Updated NSCA to be compatible with clients of newer distros | ||
| Level: 1 | ||
| Component: packages | ||
| Class: fix | ||
| Compatible: incomp | ||
| State: unknown | ||
| Version: 1.2.7i3 | ||
| Date: 1459428947 | ||
|
|
||
| Some distros ship newer version of send_nsca which are not compatible | ||
| anymore with the old NSCA 2.7 server shipped with Check_MK. So we had | ||
| to update NSCA to 2.9.1. | ||
|
|
||
| The version is incompatible in one detail: If you are submitting | ||
| multiple check results at once you can not use new lines (\n) anymore. | ||
| You will have to change it to use the ETB character. This was a subtile | ||
| and not well documented change in NSCA. The help text of send_nsca | ||
| contains the following text: | ||
|
|
||
| === | ||
| When submitting multiple simultaneous results, separate each set with the ETB | ||
| character (^W or 0x17) | ||
| === | ||
|
|
||
| This commit is related: https://github.com/NagiosEnterprises/nsca/commit/7256213ef1b3b937e991a8ff5d8782de98d5a11b |
| @@ -0,0 +1,9 @@ | ||
| Title: Fixed wrong redirect from /[site] to :80/[site] in case of HTTPS configuration | ||
| Level: 1 | ||
| Component: omd | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1460381649 | ||
| Class: fix | ||
|
|
||
|
|
| @@ -0,0 +1,9 @@ | ||
| Title: Fixed local dokuwiki settings being overwritten during updates | ||
| Level: 1 | ||
| Component: packages | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1460715938 | ||
| Class: fix | ||
|
|
||
|
|
| @@ -0,0 +1,9 @@ | ||
| Title: dokuwiki: Fixed broken cookie auth when customizing dokuwiki via GUI | ||
| Level: 1 | ||
| Component: packages | ||
| Compatible: compat | ||
| Version: 1.2.7i3 | ||
| Date: 1460716009 | ||
| Class: fix | ||
|
|
||
|
|
Oops, something went wrong.
0 comments on commit
133fb6c