Werk #13865: Agent controller on Unix: Deny registration if agent socket is not operational
Component | Checks & agents | ||||
Title | Agent controller on Unix: Deny registration if agent socket is not operational | ||||
Date | Apr 22, 2022 | ||||
Level | Trivial Change | ||||
Class | New Feature | ||||
Compatibility | Compatible - no manual interaction needed | ||||
Checkmk versions & editions |
|
Upon startup, the agent controller (cmk-agent-ctl) now checks if the agent socket is operational on Unix systems. If not, we refuse the agent registration (subcommands register, import), because a non- operational socket can hint at xinetd systems. On such systems, a successful registration would mislead the user into believing that the agent communication is now TLS-encrypted, which is not the case.
Furthermore, the operational status of the agent socket is also reported by the status subcommand.