Werk #13865: Agent controller on Unix: Deny registration if agent socket is not operational

Component

Checks & agents

Title

Agent controller on Unix: Deny registration if agent socket is not operational

Date

Apr 22, 2022

Level

Trivial Change

Class

New Feature

Compatibility

Compatible - no manual interaction needed

Checkmk versions & editions

2.2.0b1	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk Cloud (CCE), Checkmk MSP (CME)
2.1.0b9	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)

Upon startup, the agent controller (cmk-agent-ctl) now checks if the agent socket is operational on Unix systems. If not, we refuse the agent registration (subcommands register, import), because a non- operational socket can hint at xinetd systems. On such systems, a successful registration would mislead the user into believing that the agent communication is now TLS-encrypted, which is not the case.

Furthermore, the operational status of the agent socket is also reported by the status subcommand.

To the list of all Werks