pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/sysutils/monit monit: Update to 5.32.0
details: https://anonhg.NetBSD.org/pkgsrc/rev/15dfdb1a750f
branches: trunk
changeset: 390864:15dfdb1a750f
user: leot <leot%pkgsrc.org@localhost>
date: Sat Dec 31 12:49:05 2022 +0000
description:
monit: Update to 5.32.0
Changes:
5.32.0
------
* Fixed: Issue #1028: If the Monit statefile was removed, the monit start
<service> action for services with onreboot nostart option started the
service, but did not enable monitoring of said service. The same problem
occurred if a new onreboot nostart service was added, even if the statefile
did exist.
* Fixed: Issue #1029: The generic protocol test truncated received data if
the response contained zeros.
* Fixed: PAM authentication: Users with a valid password for a disabled
account could still login to Monit. Thanks to Youssef Rebahi-Gilbert.
* Fixed: The Monit HTTP interface could be blocked by sending a request with
an infinite stream of HTTP headers. Thanks to Youssef Rebahi-Gilbert for
report.
5.31.0
------
* New: Issue #1021: Add support for Linux OpenZFS 2.x I/O statistics.
* New: Issue #555: Add support for FreeBSD ZFS I/O statistics for FreeBSD
12.x or later.
* Fixed: Issue #1025: If Monit 5.30.0 CLI action was executed for a
non-existent service name, the error message was not reported properly.
Thanks to Lutz Mader for fix.
* Fixed: Issue #1026: If Monit reload was requested during the optional start
delay interval, Monit still waited for the delay to pass and performed one
test cycle with the old configuration, before the reload was performed.
Monit will reload the configuration immediately now.
5.30.0
------
* New: Add a read-only option to the set httpd statement. The option can be
used on the TCP socket, the unix socket, or both. Example for setting the
TCP socket in the read-only mode (for connections from other hosts) and the
unix socket in the read-write mode (for local Monit CLI actions, like
service restart, status, etc.):
set httpd
port 2812
read-only
allow 192.168.1.0/24
unixsocket /run/monit.socket
Thanks to Christian Goettsche for contributing this feature.
* Changed: Issue #1011: The include statement was limited to 512 files,
increase the limit to 1024 files.
* Fixed: The disk read and write bytes didn't show up in M/Monit for Monit
5.27.0 or later.
* Fixed: Issue #998: Monit 5.29.0 may fail to compile on platforms without
the monotonic clock support. Thanks to Lutz Mader.
* Fixed: Issue #1002: 32-bit Linux machines with more then 4GB of RAM
reported wrong system memory size and swap size values.
* Fixed: Issue #1005: When the port statement was used with the generic
protocol test and the target server returned zeros in response, Monit >=
5.20.0 may crash.
* Fixed: Issue #1009: When one executes an action via the Monit HTML GUI
(uses a POST request), the Monit HTTP server will redirect the browser back
to the base URL, so the browser won't perform the POST request again on an
automatic page refresh, which is performed to poll for status changes.
* Fixed: Issue #1015: The set httpd statement supports only one address
option. Display warning if multiple address options are used.
5.29.0
------
* New: Issue #715: The PostgreSQL protocol test has been improved and now
supports authentication with username, password and database when testing
connection. Example:
if failed port 5432
protocol pgsql username "username" password "12345" database "test"
then alert
Previous Monit versions used hardcoded credentials when testing connection
to postgresql (user=root and database=root). This could trigger thousands
of messages like this in the postgresql log:
root@root FATAL: password authentication failed for user "root"
root@root DETAIL: Role "root" does not exist.
Note: Monit will continue to use the hardcoded credentials (for backward
compatibility) unless username and password are set.
* New: Issue #973: You can now test program output using a regular
expression. Syntax:
IF CONTENT [!]= <regex> THEN action
Example:
check program disk0_smart with path "/usr/sbin/nvme smart-log /dev/nvme0"
if content != "critical_warning[ ]+: 0" then alert
* New: Issue #974: Monit CLI: Added support for the -g (group) option to the
report command. Example:
monit -g database report
* Fixed: Issue #991 (Monit 5.28.1 regression): MacOS: Monit didn't compile on
MacOS 10.13 or older. Thanks to Lutz Mader.
* Fixed: Issue #994 (Monit 5.28.1 regression): The check program statement
with every did not work properly.
* Fixed: Issue #995: Monit start delay was vulnerable to time jumps when
Monit is waiting for the delay to pass. Thanks to Daniel Crowe.
* Fixed: Issue #975: Monit CLI: Monit did not report a warning if -s, -p, -l,
-g or -c command-line options were specified multiple times and silently
used the last value only. Monit will generate a warning now.
* Fixed: Issue #972: Monit GUI: The log view had no size limit when reading
the Monit log file and could block the browser if the log file was large.
* Fixed: Issue #955: If more than one every statement is used in a
check-service context only the last value is (silently) used. We now report
a warning in this case.
5.28.1
------
* New: Issue #979: If filesystem mount flags changed, show both old and new
value. Originally only the new value was reported.
* Fixed: Issue #960: The memory usage may report wrong value if system memory
size changed after Monit start. The problem was frequent on KVM/LXC
containers where MemTotal is dynamicaly updated.
* Fixed: Issue #965: Monit CLI: if a custom configuration file was used with
the -c option, and the file cannot be read by Monit, an AssertException was
thrown. Monit will report normal error instead of the exception now.
* Fixed: Issue #966: Monit CLI: The service name pattern was changed to
case-sensitive in Monit 5.28.0. Revert the behaviour back to
case-insensitive.
* Fixed: Issue #971: The LINK UP and LINK DOWN tests now support short form
of the optional ELSE condition, in addition to the verbose ELSE IF
<SUCCEEDED|FAILED> form.
* Fixed: Issue #976: The space free test recovery always reported value in
percent, regardless of the test setting. If the test uses absolute limit,
Monit will report absolute space usage now.
* Fixed: Issue #986: Services checks with custom schedule (the EVERY
statement) did set the data collection timestamp even if the monitoring was
skipped in the given cycle. The timestamp is now updated only when the
check was performed.
* Fixed: Issue #990: Monit built with libressl may crash during verification
of the expired SSL certificate.
* Fixed: Issue #968: Systemd and upstart templates: templates used to set the
path to the configuration file in the sysconfdir, which is optionally set
via the configure script during the compilation. The path wasn't fully
expanded in the template though, so it was invalid. The template doesn't
specify the explicit path now and lets Monit search for the configuration
file in all supported locations (including the sysconfdir).
* Changed: Issue #984: The permission check of the SSL PEM key file allows
group read permissions now (originally Monit enforced that the file is
readable only by the file owner).
5.28.0
------
* Deprecated: Monit IF FAILED LINK test was renamed to IF LINK DOWN. The old
syntax is deprecated, but still works for backward compatibility.
* New: Added IF LINK UP network interface test, which allows to monitor
network interface that is by default down, and trigger action, when the
interface is enabled. Example:
if link up then "/usr/bin/monit start backup"
Notes: When link up test is used, the link errors tests are ignored, as
these tests share the same event type and would reset the status. Also,
mixing link up and link down in the same check network is not supported.
* New: Monit can now watch offline TCP/UDP ports and perform action on
successful connection. It can be used as a security check, e.g. if a
service like mysql should not be publicly available, or to perform custom
actions to initialize the service that depends on the one that was just
started. Thanks to Christian Goettsche for patch. Example:
if succeeded port 443 protocol https then exec "/bin/monit start myclient"
if succeeded host example.org port 3306 protocol mysql then alert
* New: Monit can watch unix sockets that doesn't exist or are offline and
perform action on successful connection. Example:
if succeeded unixsocket /var/run/mysql.sock protocol mysql then exec "/bin/myscript.sh initdb"
* New: Monit can ping hosts that are supposed to be offline and perform
action when they become available. Example:
if succeeded ping then alert
* New: Issue #915: Add support for sevice name regular expressions in monit
CLI status, summary, start, stop, restart, unmonitor, monitor commands.
Examples:
monit status myservice # exact match
monit status "data.*" # pattern which will match all services whos name contain "data" substring
* New: Issue #718: Add support for response time monitoring to TCP/UDP ports,
unix sockets and ping. Example for ping and port test:
if failed ping responsetime < 50 ms then alert
if failed port 443 protocol https and responsetime < 50 ms then alert
if failed port 443 protocol https and responsetime < 50 ms then alert
* Fixed: Issue #961: If a service depends on some other service, which is
member of the same service group, the service group restart would restart
the child service twice.
* Fixed: Minor memory leak when uptime test is used an monit is reloaded.
5.27.2
------
* Fixed: Issue #931. The "if does exist" test with unmonitor or stop action
did not work properly
* Fixed: Issue #937: If the filesystem check uses mountpoint instead of
device and multiple devices are defined for the same filesystem with
mismatch between /etc/mtab and device name in path, Monit reported error
and disk activity was not reported.
* Fixed: Issue #948. Cookie validation problem, Invalid CSRF Token, if the
request was more then 1024 bytes. Increased request size to 8kB.
* Fixed: Disk activity statistics if procfs fallback was used instead of
sysfs
* Fixed: LXC container: Monit could ignore the "start delay" option of the
set daemon statement when the container was rebooted, but not the host (the
LXC container's boot time is not virtualized and inherited from the host).
* Changed: Monit in debug mode no longer logs open errors about procfs /proc/
/io and /proc//fd if monit is not running as root. These errors are common
as linux doesn't allow to read such files if the process belongs to a
different user. These errors are now only logged in extra verbose mode (-vv
option).
5.27.1
------
* Fixed: Issue #932. Require that the program in a 'check program' statement
exist on Monit startup.
* Fixed: Issue #916: Linux: Monit procmatch failed to show all matching
processes if a non-root user ran Monit. Thanks to Lutz Mader for fix.
* Fixed: Linux: The CAP_SYS_RESOURCE capability was needed to be able to
monitor filedescriptors usage of other processes if Monit was not started
as root. Thanks to Christian Goettsche for report.
* Fixed: Issue #920: On AIX, NetBSD, Solaris, Monit 5.27.0 logged "Cannot
test filesdescriptors usage as the statistics is not available on this
system" every cycle even if no filedescriptors test was used in Monit's
configuration.
* Fixed: Issue #926: Linux: Remove trailing white space from collected
process name
* Fixed: Issue #928: Fixed a race condition in Monit's HTTP interface on
reload when SIGHUP were sent many times to the Monit process . Thanks to
Andy Spitzer for patch.
* Fixed: Improved cross-compile support. Thanks to Christian Goettsche and
Helmut Grohne for patch.
* Fixed: Monit could crash when sending heartbeat status to M/Monit.
* Fixed: If SSL certificate verification failed and certificate valid days
test was enabled, Monit could report the following false positive:
certificate expiry in 0 days matches check limit
* Changed: Use ISO 8601 format timestamp in log files
5.27.0
------
* New: The SSL version: auto now defaults to TLSv1.2 and TLSv1.3 only. If you
need to enable TLSv1.0 or TLSv1.1, you have to explicitly enable it via the
SSL option, example:
set ssl {
version: tlsv11
}
* New: Support for MySQL TLS encryption. Example:
if failed port 3306 protocol mysqls then alert
* New: Issue #839: Support for MySQL 8.x default authentication method,
caching_sha2_password. If unsecure (non-TLS) connection is used, it is also
possible to verify the server's RSA key checksum to protect against
man-in-the-middle attacks. Example:
check host mymachine with address 127.0.0.1
if failed
port 3306
protocol mysql
username monit
password mypassword123
rsakey checksum 29e512c06275a1b3f4617f8cb9ca583d642386fe
then alert
* New: The username in the mysql protocol test was limited to 16 bytes, this
limit was removed.
* New: Linux: Support for monitoring a process's filedescriptor usage. Thanks
to Marcel Baur and Lutz Mader. Example:
check process myproc with pidfile /var/run/myproc.pid
if filedescriptors >= 90% then alert
if filedescriptors >= 99% then restart
if total filedescriptors > 5000 then alert
* New: Linux, OpenBSD, FreeBSD, DragonflyBSD, MacOS: Added support for
monitoring of system-wide filedescriptors usage. Example:
check system $HOST
if filedescriptors >= 90% then alert
* New: You can now set a list of allowed TLS protocols (originally only one
was allowed). Also added an option to exclude protocols (put - in front of
the protocol name to disable it). Exclude list example:
set ssl {
version: auto -sslv2 -sslv3 -tlsv1 -tlsv11
}
* New: Optionally split certificate chain and key for the Monit HTTPS
interface. Thanks to Lutz Mader for patch. (The original pemfile with all
certificates in one pem file is still supported). Example:
set httpd
port 2812
with ssl {
pemchain: /etc/ssl/certs/monit.chain.pem
pemkey: /etc/ssl/certs/monit.key.pem
}
allow myuser:mypassword
* New: Linux: Enable monitoring of per-process disk read and write I/O
operations. Example:
check process foobar matching "myprocess"
if disk read activity > 500 operations/s then alert
if disk write activity > 500 operations/s then alert
* New: Linux: Added generic per-process I/O activity monitoring. Example:
if read activity > 1 mb/s then alert
if write activity > 1 mb/s then alert
* New: Issue #889: Linux: monitor detailed CPU statistics for nice, hardirq,
softirq, steal, guest, guestnice. The statistics for nice was originally
included in the cpu (user) statistics, but it now has its own counter.
* New: FreeBSD, OpenBSD, NetBSD, DragonflyBSD MacOS: Added CPU nice and
interrupt usage statistics.
* New: Issue #877: Linux: Added support for VxFS filesystem statistics.
Thanks to Lutz Mader for patch.
* New: Issue #894: Added year to the timestamp when monit logs to its own log
file.
* New: Issue #908: Add STARTTLS support to the IMAPS protocol test on port
143. Example:
if failed port 143 protocol imaps then alert
* Fixed: Issue #519: Monit could crash if a file check with restart on
content match was used and this file had dependant services.
* Fixed: Issue #867: If Monit was linked with musl libc, it could crash when
executing programs. Thanks to Rich Felker for report.
* Fixed: Monit incorrectly added CPU wait% to system CPU usage (the CPU is
idle when it's in the wait state, waiting for the I/O to complete).
* Fixed: The per-process I/O statistics on Linux, AIX, DragonflyBSD, NetBSD
and Solaris always displayed 0 activity.
* Fixed: Issue #843: Linux: Monit reported wrong memory usage in LXC
container if the ZFS filesystem was used. Monit now use MemAvailable on
Linux when calculating memory usage for more accurate statistics. Thanks to
Joe LeVeque for patch.
* Fixed: Issue #831: The HTTP protocol test returned unknown transfer
encoding HTTP error if either the content or checksum test was used and the
HTTP server didn't set the Content-Length header nor used chunked transfer
encoding.
* Fixed: Issue #880: If Monit was linked with AddresSanitizer, it could crash
when it generates an MD5 hash. Thanks to Lutz Mader for patch.
* Fixed: Issue #879: The HTML interface didn't escape strings that are part
of Monit's configuration file. Thanks to Hanno Boeck for report.
* Fixed: Issue #872: Monit's procmatch table can now display pids with up to
8 digits. Previously, pids where truncated after 5 digist.
* Fixed: Issue #891: The repeat option to an action was limited to 256
cycles.
* Fixed: Issue #851: Linux and AIX: The length of the string that describes
the process name and its arguments was limited to 4kB, so monit procmatch
might not find the process if the string was longer and unique after 4Kb.
This limit has been removed on Linux and raised on AIX to 8kB.
* Fixed: Issue #840: Network check: superfluous alerts if link is down.
Thanks to Lonnie Abelbeck.
* Fixed: MacOS: Only the first 16 characters of the process name was
displayed for privileged processes, so the pattern based process check and
Monit's procmatch could miss some processes.
* Fixed: Issue #886: Monit's command-line options are now position
independent.
* Fixed: If Monit is linked with AddresSanitizer and a custom configuration
file was passed via the -c option, monit could crash.
* Fixed: MQTT protocol test.
* Fixed: Issue #907: The onreboot nostart had no effect when a service was
newly added to Monit's configuration or the statefile was removed.
* Fixed: The PostgreSQL test was flapping with the following error if
connection via unix socket was used: PGSQL: connection terminator write
error -- Broken pipe
* Plus many more internal fixes and improvements
diffstat:
sysutils/monit/Makefile | 7 +++----
sysutils/monit/PLIST | 3 +--
sysutils/monit/distinfo | 8 ++++----
3 files changed, 8 insertions(+), 10 deletions(-)
diffs (48 lines):
diff -r c9b618cf44b3 -r 15dfdb1a750f sysutils/monit/Makefile
--- a/sysutils/monit/Makefile Sat Dec 31 12:44:25 2022 +0000
+++ b/sysutils/monit/Makefile Sat Dec 31 12:49:05 2022 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.21 2021/05/14 11:28:31 nia Exp $
+# $NetBSD: Makefile,v 1.22 2022/12/31 12:49:05 leot Exp $
-DISTNAME= monit-5.26.0
-PKGREVISION= 1
+DISTNAME= monit-5.32.0
CATEGORIES= sysutils
MASTER_SITES= https://mmonit.com/monit/dist/
@@ -45,7 +44,7 @@
EG_SUBDIR= share/examples/monit
EGDIR= ${PREFIX}/${EG_SUBDIR}
-M_DOCFILES= CHANGES COPYING README
+M_DOCFILES= CHANGES COPYING
SUBST_CLASSES+= monit
SUBST_STAGE.monit= pre-configure
diff -r c9b618cf44b3 -r 15dfdb1a750f sysutils/monit/PLIST
--- a/sysutils/monit/PLIST Sat Dec 31 12:44:25 2022 +0000
+++ b/sysutils/monit/PLIST Sat Dec 31 12:49:05 2022 +0000
@@ -1,7 +1,6 @@
-@comment $NetBSD: PLIST,v 1.7 2019/08/30 14:00:14 nia Exp $
+@comment $NetBSD: PLIST,v 1.8 2022/12/31 12:49:05 leot Exp $
bin/monit
man/man1/monit.1
share/docs/monit/CHANGES
share/docs/monit/COPYING
-share/docs/monit/README
share/examples/monit/monitrc.sample
diff -r c9b618cf44b3 -r 15dfdb1a750f sysutils/monit/distinfo
--- a/sysutils/monit/distinfo Sat Dec 31 12:44:25 2022 +0000
+++ b/sysutils/monit/distinfo Sat Dec 31 12:49:05 2022 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.10 2021/10/26 11:19:52 nia Exp $
+$NetBSD: distinfo,v 1.11 2022/12/31 12:49:05 leot Exp $
-BLAKE2s (monit-5.26.0.tar.gz) = a95115689c62f3b6591e95c215fb5fc284f44a0c7d200e9d743f43a113abc1db
-SHA512 (monit-5.26.0.tar.gz) = ae5bfc9f2e8cf2d2efa7a121f3bb865dc5b66b647e23e005349799f3f4384dfa1534ed88d0767ca41dac4cea2674fb82cfb51098129d350b470143df548c6900
-Size (monit-5.26.0.tar.gz) = 1371327 bytes
+BLAKE2s (monit-5.32.0.tar.gz) = 85f7a379a4a7d6468e8f96471a778e05d2d2ca01921c044b9c5c962a037bab2b
+SHA512 (monit-5.32.0.tar.gz) = dcb56bee23c5fef4abe08a2b1633e58b60c8863b335d651d26e87f5306b4f98bd4887d2bf6311c2fc11c9b99eb853226d836b9d212ab65c0f150872c7297e005
+Size (monit-5.32.0.tar.gz) = 1480629 bytes
SHA1 (patch-aa) = bf1ef16d44d082443c34963bab1335767a4a8497
Home |
Main Index |
Thread Index |
Old Index