Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-17889

Default agent config has DenyKey, AllowKey in the wrong order

XMLWordPrintable

    • Icon: Problem report Problem report
    • Resolution: Cannot Reproduce
    • Icon: Trivial Trivial
    • 5.2 (plan)
    • 5.0.0, 5.0.1
    • Agent (G)
    • None
    • Sprint 65 (Jun 2020), Sprint 66 (Jul 2020)
    • 0.125

      In the default agent configuration the DenyKey section is above the AllowKey section. Therefore, any system.run[...] item matches the predefined DenyKey=system.run[*] entry and is denied. To fix, move the AllowKey section before the DenyKey section.

      Steps to reproduce:

      1. Install the agent in version 5.0. Set EnableRemoteCommands=1. Do not modify the configuration with regard to the DenyKey, AllowKey options.
      2. Attempt to request "system.run[echo 1]". It fails as expected.
      3. Add an AllowKey configuration item: AllowKey=system.run[echo 1].
      4. Try the item again. It still fails, contrary to expectation.
      5. In the configuration file, move the AllowKey section above the DenyKey section.
      6. Try again. The "echo 1" item is correctly executed while other system.run[...] items are disabled as expected.

            arimdjonoks Artjoms Rimdjonoks
            chrullrich Christian Ullrich
            Team C
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: