From patchwork Wed Feb 9 23:26:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Robin Roevens X-Patchwork-Id: 8 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4JvGNl0PHrz3xfS for ; Wed, 9 Feb 2022 23:31:35 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4JvGNg50hRz5G6; Wed, 9 Feb 2022 23:31:31 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4JvGNf596dz323P; Wed, 9 Feb 2022 23:31:30 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4JvGNd1XMNz2xkv for ; Wed, 9 Feb 2022 23:31:29 +0000 (UTC) Received: from knopi.disroot.org (knopi.disroot.org [178.21.23.139]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPS id 4JvGNb2rf1z3L8 for ; Wed, 9 Feb 2022 23:31:27 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id 91B768EB25 for ; Thu, 10 Feb 2022 00:31:26 +0100 (CET) X-Virus-Scanned: SPAM Filter at disroot.org Received: from knopi.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S-1se1nBrJ3A for ; Thu, 10 Feb 2022 00:31:24 +0100 (CET) Received: from chojin.sicho.home (amaterasu.sicho.home [192.168.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (no client certificate requested) (Authenticated sender) by hachiman (MailScanner Milter) with SMTP id 176CEEF64 for ; Thu, 10 Feb 2022 00:30:53 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1644449483; bh=jmFe3cMu9BVJ6a8JibOda9VbdNOl9SPVlCPjX338n2s=; h=From:To:Subject:Date; b=SN+pFQK2453mblq5LnGY3EB7MEPyUeuzHHf64xx8zxurgPmxrJCs+dywIsYi3lDe3 xI8YTkkEGk7vUXkeIXrEJ2+c8EsSmOYBFChEmS7TSALE8RBB7w405P0IE1cRp80cHF NMdDdHwFIAQKLY4wKzbYH2CSrUBDIyy0lrrwj2+cEheXJ6qx0BtETLNNzKK7XThnXt mYnG+i4an4n6MaKSZwXDD4nQ5syiLPWbGWYHNgavNxupRIz5zPS90YKqLKwVXDaMqs ZX6HgRVi1pmwUhxX+xlNDpSAxw4QlQjlFQfClbEBMKNg03ikHvpnjrD0t1EnuiLeRO roToaYSVIUXBA== From: Robin Roevens To: development@lists.ipfire.org Subject: [PATCH v3 0/5] zabbix_agentd: Update to v5.0.20 (LTS) and more Date: Thu, 10 Feb 2022 00:26:26 +0100 Message-Id: <20220209232631.14673-1-robin.roevens@disroot.org> Mime-Version: 1.0 X-sicho-MailScanner-ID: 176CEEF64.A2AA4 X-sicho-MailScanner: Found to be clean X-sicho-MailScanner-From: robin.roevens@disroot.org X-sicho-MailScanner-Watermark: 1645054253.74371@TnsNX8iLFYF/8XTXEAMzOw ARC-Seal: i=1; s=202003rsa; d=lists.ipfire.org; t=1644449487; a=rsa-sha256; cv=none; b=VWOU3tbZ2dZNHP0Aqsd9TavagqksizUOBGj0WeoOlp+lGr2VzEkzNqyGQM+GWsXyxvpQee 1wyVbUMWPAZ2Ev6opxwcYJLFGg7W2W/cQCP6d+WLJT5irXWr+ggH+EgmOqC5CLnS78RgTj DCpjx/dTzwKTBCmefNhvYe1zku3101qPN6t0dTwDw2vDlTChS+2A2gzyVK/5uONSahHXzk 34Kzl9OCNkypwxg+MdG3nnc57Ooka/S5M3nzNvYNRjAIY5h7mOuydQSjdqoTNLnnanc8oi oeLkxvBhMg+rWuIFKYC9f6aEx8pPWe2iij2W1o90hXJHYWkYHtY/cQkkTmAQbw== ARC-Authentication-Results: i=1; mail01.ipfire.org; dkim=pass header.d=disroot.org header.s=mail header.b=SN+pFQK2; spf=pass (mail01.ipfire.org: domain of robin.roevens@disroot.org designates 178.21.23.139 as permitted sender) smtp.mailfrom=robin.roevens@disroot.org; dmarc=pass (policy=quarantine) header.from=disroot.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=lists.ipfire.org; s=202003rsa; t=1644449487; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding:dkim-signature; bh=94NL8rOMIkmMZwz1nnReoRJfXWiSjPMfrrXRGbeEwPU=; b=t8zXlXhm9T870gAnzS1Vy9ZWez4GoL7QViWediPeDQ2N8aDh+sAhSrBg3ew+yolUUMW1TI AwX9pNxk1fFD+OTqo5BhlL+dl6fegEkMKaDPTDfOZIqt8AnBTMhffutcMZptoKN6NOMw1c G1gNkH9nj9OqZyzJJYl/NgxaaD0cjx5fWyur3jwI+/2LBA/ILSkjOAbJsNIsqf1dwnPex5 XfB6O2YAJW4TlbeFvPWcP7J6TIKtlCFzai+RP2UNvH+ei91CMgSlk2WW6/XaXbY0TC97nd mAElF+q8AxIVSI4r0GGDIg0YyO39W5aIl9QnGPn7WqtEm7M3k+bhhoZNCzrDtQ== Authentication-Results: mail01.ipfire.org; dkim=pass header.d=disroot.org header.s=mail header.b=SN+pFQK2; spf=pass (mail01.ipfire.org: domain of robin.roevens@disroot.org designates 178.21.23.139 as permitted sender) smtp.mailfrom=robin.roevens@disroot.org; dmarc=pass (policy=quarantine) header.from=disroot.org X-Rspamd-Server: mail01.haj.ipfire.org X-Spamd-Result: default: False [-0.60 / 11.00]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM(-0.87)[-0.874]; SPF_REPUTATION_HAM(-0.71)[-0.706034091173]; DMARC_POLICY_ALLOW(-0.50)[disroot.org,quarantine]; MV_CASE(0.50)[]; R_MISSING_CHARSET(0.50)[]; R_DKIM_ALLOW(-0.20)[disroot.org:s=mail]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain]; MX_GOOD(-0.01)[]; IP_REPUTATION_HAM(-0.01)[asn: 50673(0.00), country: NL(-0.01), ip: 178.21.23.139(0.00)]; BAYES_SPAM(0.00)[15.96%]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[development@lists.ipfire.org]; ASN(0.00)[asn:50673, ipnet:178.21.23.0/24, country:NL]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; DKIM_TRACE(0.00)[disroot.org:+]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; RCPT_COUNT_ONE(0.00)[1]; ARC_SIGNED(0.00)[lists.ipfire.org:s=202003rsa:i=1] X-Rspamd-Queue-Id: 4JvGNb2rf1z3L8 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Hi all A new take on updating current zabbix_agentd 4.2.6 to latest LTS version. This set updates the agent version, fixes a few problems with the original addon and adds a few ipfire-specific metrics for the user to monitor out of the box (which I will document on the wiki when the patch-set is accepted). The differences with the previous patch submission are: - patch 1: update to v5.0.20 - patch 2: - In the previous version the correct modules dir was commented out in the rootfile and was manually removed in the uninstall script if it was not empty. But since it is also included in the backup I figured it can be removed always by remove_files so I kept it in the rootfile now. - Checks before creating dirs are added in install script to see if dir is not already existing (like most other addons seem to do) - Function extract_backup_includes was not called in update.sh script causing possible scenarios where those includes are not present when backup needs to be taken or restored. - patch 3: Made sure to remove all configfiles upon uninstall as everything is in the backup. Also made sure that the ipfire supplied userparameter_pakfire.conf file is not added in addon-backup hence correctly updated on pak update. - patch 4: Is a small new patch to default the zabbix agent to listen only on GREEN as that is probably where the user's Zabbix server is and is a safer default than listening on all interfaces. - patch 5: was formerly patch4. - Grouped all ipfire (non-pakfire) related metrics in a single config file for simplicity. - Replaced the previous problematic iptables related metric and sudo rights with the renewed and safer getipstats binary. - Removed the services related metrics and perl script for now as we first need to have the new services metadata in the pak's and related pakfire functions so that I don't need to copy the bad code from services.cgi as I did before. - Added 2 new metrics: number of active dhcp leases and number of captive portal users. Those where contributed by StackKorora on my Zabbix template for IPFire on github. As it was almost a year ago, previous patch submission and discussion can be found here: https://lists.ipfire.org/pipermail/development/2021-April/009872.html I hope I addressed all concerns there where on the previous submission. Regards Robin