Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-17889

Default agent config has DenyKey, AllowKey in the wrong order

    XMLWordPrintable

Details

    • Problem report
    • Status: Closed
    • Trivial
    • Resolution: Cannot Reproduce
    • 5.0.0, 5.0.1
    • 5.2 (plan)
    • Agent (G)
    • None
    • Team C
    • Sprint 65 (Jun 2020), Sprint 66 (Jul 2020)
    • 0.125

    Description

      In the default agent configuration the DenyKey section is above the AllowKey section. Therefore, any system.run[...] item matches the predefined DenyKey=system.run[*] entry and is denied. To fix, move the AllowKey section before the DenyKey section.

      Steps to reproduce:

      1. Install the agent in version 5.0. Set EnableRemoteCommands=1. Do not modify the configuration with regard to the DenyKey, AllowKey options.
      2. Attempt to request "system.run[echo 1]". It fails as expected.
      3. Add an AllowKey configuration item: AllowKey=system.run[echo 1].
      4. Try the item again. It still fails, contrary to expectation.
      5. In the configuration file, move the AllowKey section above the DenyKey section.
      6. Try again. The "echo 1" item is correctly executed while other system.run[...] items are disabled as expected.

      Attachments

        Activity

          People

            arimdjonoks Artjoms Rimdjonoks
            chrullrich Christian Ullrich
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: