+ [ Peter Palfrader ]
+ * dsa-check-dabackup: use old logfile if lockfile indicates da-backup still
+ running.
+ * dsa-check-soas: on soa disagreement, list nameservers.
+
+ [ Aurelien Jarno ]
+ * dsa-check-libs: also ignore files that are open via normal file handles
+ on NFS.
+
+ [ Peter Palfrader ]
+ * dsa-check-libs: accept -v as short for --verbose.
+ * dsa-check-libs: ignore deleted CWDs.
+ * dsa-check-drbd: Add --ok-no-devices option.
+ * dsa-check-backuppg: allow specifying which timeline we expect a database
+ to be on.
+ * dsa-check-cert-expire-dir: add
+ * dsa-check-raid-3ware: modernize
+ * dsa-check-zone-rrsig-expiration-many: actually exit non-zero if there were
+ warnings.
+ * dsa-check-zone-rrsig-expiration-many: stop waiting for the timeout after
+ the last zone checker finished.
+ * dsa-check-zone-rrsig-expiration: Handle cases where a child and parent
+ domain share nameservers.
+ * dsa-check-zone-rrsig-expiration: Handle upper/lower case mismatch in
+ labels for NS responses.
+
+ [ Tollef Fog Heen ]
+ * dsa-update-unowned-file-status: ignore fdescfs, used for /dev/fd on
+ FreeBSD.
+ * dsa-update-unowned-file-status: avoid printing the apex of pruned
+ directory trees.
+
+ [ Julien Cristau ]
+ * dsa-check-hpacucli: accept 3.0Gbps as transfer speed for SATA
+ * Add dsa-check-hpssacli, replaces hpacucli for new hosts.
+ * dsa-check-hpssacli: accept 12.0Gbps as transfer speed for SAS
+
+ -- Peter Palfrader <weasel@debian.org> Wed, 23 Mar 2016 09:53:53 +0100
+
+dsa-nagios-checks (108) unstable; urgency=medium
+
+ * dsa-check-stunnel-sanity: Fix variable name in output.
+ * dsa-check-dabackup: Fix regex as rsync now adds thousands separator on its
+ numbers.
+ * dsa-check-config: check for DAD failures.
+ * dsa-check-config: retire ldap.conf check - we ship it with puppet
+ nowadays anyway.
+
+ -- Peter Palfrader <weasel@debian.org> Sun, 31 May 2015 19:16:43 +0200
+
+dsa-nagios-checks (107) unstable; urgency=medium
+
+ * Add dsa-check-stunnel-sanity.
+
+ -- Peter Palfrader <weasel@debian.org> Mon, 23 Mar 2015 13:32:18 +0100
+
+dsa-nagios-checks (106) unstable; urgency=medium
+
+ * Depend on libyaml-syck-perl.
+
+ -- Peter Palfrader <weasel@debian.org> Wed, 28 Jan 2015 14:17:39 +0100
+
+dsa-nagios-checks (105) unstable; urgency=medium
+
+ [ Peter Palfrader ]
+ * dsa-check-dnssec-delegation: Ignore revoked DNSKEYs in zone.
+ * dsa-check-libs: add.
+
+ [ Paul Wise ]
+ * dsa-check-backuppg: Ignore removed tmp files instead of crashing
+
+ -- Peter Palfrader <weasel@debian.org> Wed, 28 Jan 2015 00:10:25 +0100
+
+dsa-nagios-checks (104) unstable; urgency=medium
+
+ * Fix iptables-save cronjob.
+
+ -- Peter Palfrader <weasel@debian.org> Sun, 07 Dec 2014 14:29:31 +0100
+
+dsa-nagios-checks (103) unstable; urgency=medium
+
+ * dsa-update-apt-status: run apt-get update in a flock wrapper.
+
+ -- Peter Palfrader <weasel@debian.org> Sun, 07 Dec 2014 12:29:20 +0100
+
+dsa-nagios-checks (102) unstable; urgency=medium
+
+ * dsa-check-entropy: unbreak script by removing non-ASCII characters.
+
+ -- Peter Palfrader <weasel@debian.org> Sun, 07 Dec 2014 12:04:38 +0100
+
+dsa-nagios-checks (101) unstable; urgency=low
+
+ [ Peter Palfrader ]
+ * dsa-check-zone-rrsig-expiration-many: add --debug option to pass through.
+ * dsa-check-zone-rrsig-expiration: Do not ask for RRSIG directly, instead
+ ask for SOA with dnssec data. Apparently some nameservers do give you the
+ RRSIG on the DS record instead of a referral (rcode0's for instance).
+ * dsa-check-hpasm: Support supplying a list of things for which failures are
+ ignored.
+ * dsa-check-soas: do some queries without RD set.
+ * dsa-check-running-kernel: in cat_vmlinux(), only consider the first 5 hits
+ for the magic start sequence. This makes running times bearable on our
+ new octeons.
+ * dsa-check-config: check if existing ed25519 host keys are in ldap.
+
+ [ Hendrik Köhler ]
+ * Extend dsa-check-entropy output so Icinga2 can process performance
+ data (e.g. used by Graphite).
+
+ -- Peter Palfrader <weasel@debian.org> Sun, 07 Dec 2014 10:58:47 +0100
+
+dsa-nagios-checks (100) unstable; urgency=low
+
+ [ Peter Palfrader ]
+ * dsa-check-running-kernel: Check from all compression tokens.
+ * dsa-check-zone-rrsig-expiration-many: Initialize exit properly, in case
+ it does not get set later.
+ * dsa-check-running-kernel: fix kernel metapackage version regex
+
+ [ Evgeni Golov ]
+ * dsa-check-packages: go critical if there are security updates.
+
+ [ Helmut Grohne ]
+ * dsa-check-cert-expire: Make timers configurable.
+
+ [ George Kargiotakis ]
+ * dsa-check-hpacucli: Add Parity check for logical drives.
+
+ [ Stephen Gran ]
+ * dsa-check-mq-connection: Catch case when host has never connected
+
+ -- Peter Palfrader <weasel@debian.org> Mon, 19 May 2014 12:33:55 +0200
+
+dsa-nagios-checks (99) unstable; urgency=low
+
+ * dsa-check-hpacucli: SATA drives have different transfer speed.
+ * dsa-check-edac: add.
+
+ -- Peter Palfrader <weasel@debian.org> Mon, 31 Mar 2014 10:45:57 +0200
+
+dsa-nagios-checks (98) unstable; urgency=low
+
+ * Add dsa-check-dchroots-current.
+
+ -- Peter Palfrader <weasel@debian.org> Fri, 28 Feb 2014 19:40:16 +0100
+
+dsa-nagios-checks (97) unstable; urgency=low
+
+ [ Stephen Gran ]
+ * Update dsa-check-mq-connection to actually work
+
+ [ Peter Palfrader ]
+ * dsa-check-backuppg: allow BASE backup filenames without the WAL ID.
+ * dsa-check-config: Update for new TLS_CACERT config.
+
+ -- Peter Palfrader <weasel@debian.org> Mon, 27 Jan 2014 22:29:15 +0100
+
+dsa-nagios-checks (96) unstable; urgency=low
+
+ [ Peter Palfrader ]
+ * dsa-check-zone-rrsig-expiration, dsa-check-zone-rrsig-expiration-many:
+ Allow supplying the nameservers to start recursion at (per zone).
+ This is useful for reverse zones of RFC1918 space.
+ * dsa-check-bacula: exit status fix.
+ * dsa-check-hpacucli:
+ - support filtering controllers.
+ - add an option to accept no-controllers as an OK state.
+ * remove weak keys check
+ * dsa-check-dnssec-delegation
+ - handle zones with no keys that have the SEP bit.
+ - warn on all domains where parent has a non-empty DS bit that does
+ not match ours, even if we did not expect it to have one at all.
+ * dsa-check-zone-rrsig-expiration-many:
+ - expect dnssec by default now.
+ * dsa-check-zone-rrsig-expiration:
+ - in the OK message, clarify we only check sigs at the zone apex.
+ * dsa-check-dnssec-delegation:
+ - accept any ds/dnskey combination whose intersection is not empty.
+ (previously we required them to match exactly.)
+
+ [ Stephen Gran ]
+ * dsa-check-mq-connection:
+ Check that all messages have been consumed and that there is an active
+ consumer.
+ * kill some lintian warnings
+
+ -- Peter Palfrader <weasel@debian.org> Tue, 23 Apr 2013 20:12:09 +0200
+
+dsa-nagios-checks (95) unstable; urgency=low
+
+ * dsa-check-running-kernel: Try to fix zcat kernel case.
+
+ -- Peter Palfrader <weasel@debian.org> Tue, 16 Apr 2013 17:40:49 +0200
+
+dsa-nagios-checks (94) unstable; urgency=low
+
+ [ Stephen Gran ]
+ * Start new changelog
+
+ [ Peter Palfrader ]
+ * dsa-check-packages: work better with weird multi-arch cases.
+ * dsa-check-hpacucli: print errors to stdout so that nrpe can read it.
+ * dsa-check-hpacucli: new hpacucli changed case of transfer speed. Upcase
+ all before comparing.
+ * New bacula check:
+ - dsa-check-bacula
+ * Changed according to gitlog without corresponding debian/changelog entry:
+ - dsa-check-drbd
+ - dsa-check-filesystems
+ - dsa-check-running-kernel
+
+ -- Peter Palfrader <weasel@debian.org> Tue, 16 Apr 2013 11:32:23 +0200
+
+dsa-nagios-checks (93) unstable; urgency=low
+
+ [ Tollef Fog Heen ]
+ * dsa-update-unowned-file-status: Use -fstype proc rather than hard
+ coding /proc in order to match procfs in chroots too.
+ * dsa-update-apt-status: send the cron output to syslog rather than email
+
+ [ Peter Palfrader ]
+ * dsa-check-msa-eventlog: Add --verbose switch to show info level
+ event log entries.
+ * add dsa-check-crl-expire.
+ * rename checks/dsa-check-backuppg.conf.sample ->
+ etc/dsa-check-backuppg.conf.sample.
+ * dsa-check-running-kernel: Fix finding meta package for 3.x kernels.
+ * dsa-check-packages: Ignore :$arch in package names of dpkg -l output,
+ at least for the "primary" arch. Does not really handle multi-arch
+ packages, but it makes things work again for now.
+ * dsa-check-packages: A better multi-arch capable version.
+ * dsa-check-backuppg: Ignore .dotfiles and *.old in rootdir.
+ * dsa-check-hpacucli: Add --no-battery to ignore battery/capacitor failures
+ and disabled caches.
+ * dsa-check-hpasm: Typo fix.
+
+ [ Stephen Gran ]
+ * dsa-check-udldap-freshness: check new last_update.trace if it
+ exists instead of /var/lib/misc/thishost/passwd.{db,tdb}.
+ * dsa-check-statusfile: Complain if there is no extended information
+ * add dsa-check-filesystems (only checks ext at the moment)
+
+ [ Uli Martens ]
+ * dsa-check-soas: Add --no-soa-ns flag.
+
+ [ Martin Zobel-Helas ]
+ * Add dsa-check-drbd, taken from http://code.google.com/p/ganeti/wiki/DrbdDevicesMonitoring
+
+ -- Stephen Gran <sgran@debian.org> Sat, 29 Dec 2012 12:05:57 +0000
+
+dsa-nagios-checks (92.1) unstable; urgency=low
+
+ * Fix dsa-update-unowned-file-status cronjob entry more.
+
+ -- Peter Palfrader <weasel@debian.org> Sat, 25 Feb 2012 13:30:08 +0100
+
+dsa-nagios-checks (92) unstable; urgency=low
+
+ * Fix dsa-update-unowned-file-status cronjob entry.
+
+ -- Peter Palfrader <weasel@debian.org> Sat, 25 Feb 2012 12:40:00 +0100
+
+dsa-nagios-checks (91) unstable; urgency=low
+
+ [ Peter Palfrader ]
+ * dsa-check-zone-rrsig-expiration: configurable packet size, and change
+ default size.
+ * dsa-check-zone-rrsig-expiration-many: run checks in parallel and
+ properly timeout long checks.
+ * dsa-nagios-checks: add perfdata (Alexander Reichle-Schmehl).
+ * dsa-check-statusfile: change shebang from ruby to python and fix syntax
+ errors.
+ * dsa-check-soas: support supplying an IP address for additional nameservers
+ to check on with -a.
+
+ [ Tollef Fog Heen ]
+ * Make the unowned files check skip /proc.
+ * Limit the number of unowned files we register in the state file to 40.
+
+ [ Peter Palfrader ]
+ * Rewrite unowned files check into something that writes proper
+ nagios status files and behaves in a nice and sane way.
+
+ -- Peter Palfrader <weasel@debian.org> Fri, 24 Feb 2012 18:12:36 +0100
+
+dsa-nagios-checks (90) unstable; urgency=low
+
+ [ Peter Palfrader ]
+ * dsa-check-entropy:
+ - document watermark default
+ - fix off-by-one in output
+ * dsa-check-backuppg:
+ - ignore regular files in pg backup's root directory if they are still
+ fresh.
+ * dsa-check-config:
+ - fix a bashism.
+ * dsa-check-log-age-loghost
+ - allow minus (-) in hostnames.
+
+ [ Stephen Gran ]
+ * Add event_handler to restart services
+ * Add dsa-check-raid-megactl for awkward PeRC controllers
+
+ [ Martin Zobel-Helas ]
+ * add rudimentary check for unowned files
+
+ -- Martin Zobel-Helas <zobel@debian.org> Mon, 02 Jan 2012 16:46:33 +0100
+
+dsa-nagios-checks (89) unstable; urgency=low
+
+ * dsa-check-running-kernel: kFreeBSD support.
+ * Add dsa-check-entropy.
+
+ -- Peter Palfrader <weasel@debian.org> Mon, 28 Mar 2011 14:47:11 +0200
+
+dsa-nagios-checks (88) unstable; urgency=low
+
+ * dsa-check-hpacucli
+ - Also accept 'Unknown, 3.0GBPS' as a valid transfer speed in addition
+ to '3.0GBPS, Unknown'.
+ - accept 6.0Gbps for SAS disks.
+ - add --ignore-transfer-speed option.
+ - ignore the line for unassigned disks (patch by Emmanuel Lacour).
+ * Add dsa-check-ups.
+ * Add dsa-check-hpacucli-enclosure.
+ * dsa-check-running-kernel:
+ - check if 'strings' is installed and complain nicely if it isn't instead
+ of falling over. [Uli Martens]
+ - Make the check work with Ubuntu's kernel names (Alexander
+ Reichle-Schmehl).
+ * dsa-check-afs-*: add checks from Russ Allbery for monitoring our AFS
+ * Add dsa-check-port-closed.
+ * dsa-check-hpasm: Incorporate patch from Jan Wagner to ignore "N/A" DIMM
+ status.
+ * dsa-check-hpasm: Incorporate patch from Jan Wagner to ignore fan lines
+ that do not say 'Yes' in the present-line.
+ * dsa-check-udldap-freshness: Also check age of /var/lib/misc/passwd.db
+ in addition to /var/lib/misc/thishost/passwd.tdb.
+ * Add dsa-check-resolver.
+
+ -- Peter Palfrader <weasel@debian.org> Tue, 01 Mar 2011 18:10:25 +0100
+
+dsa-nagios-checks (87) unstable; urgency=low
+
+ [ Uli Martens ]
+ * dsa-check-running-kernel:
+ - Teach dsa-check-running-kernel about LZMA compressed kernel images.
+ - Handle cases where a meta package depends on a list of packages
+ (such as image and module package).
+
+ [ Stephen Gran ]
+ * dsa-check-apt-status: it's not an error to exit when we don't need to run
+ * Update check-hpacucli to deal with dual domain and 6GBPS SAS
+
+ [ Peter Palfrader ]
+ * Add checks/dsa-check-backuppg.
+ * dsa-check-mirrorsync: optionally allow some skew over mirror timestamps.
+ * Add dsa-check-log-age-loghost.
+ * dsa-check-zone-rrsig-expiration-many: also allow checking of geozones.
+ * dsa-check-dnssec-delegation: allow multiple dirs to be checked.
+
+ [ Martin Zobel-Helas ]
+ * Add checks/dsa-checks-file.
+
+ -- Martin Zobel-Helas <zobel@debian.org> Fri, 23 Jul 2010 19:26:00 +0200
+
+dsa-nagios-checks (86) unstable; urgency=low
+
+ [ Peter Palfrader ]
+ * Add dsa-check-raid-megaraid.
+ * make samhain check go WARN, not CRITICAL.
+
+ [ Stephen Gran ]
+ * Add dsa-check-uptime
+
+ -- Stephen Gran <sgran@debian.org> Fri, 02 Apr 2010 16:55:51 +0100
+
+dsa-nagios-checks (85) unstable; urgency=low
+
+ [ Stephen Gran ]
+ * dsa-update-apt-status: Fix bashism by making it a bash script
+ [ Peter Palfrader ]
+ * dsa-check-hpasm: Not all things where a temperature can be measured
+ might be installed (e.g. a second CPU). Don't do numeric computations
+ on a "-" instead of numbers then.
+ * dsa-check-hpasm: Support a --ps-no-redundant option. If supplied
+ then non-redundant power supply will not be a warning state.
+ * dsa-check-hpasm: Support a --fan-no-redundant option. If supplied
+ then non-redundant fans will not be a warning state.
+ * Add dsa-check-msa-eventlog.
+ * add dsa-check-zone-rrsig-expiration (therefore recommend
+ libnet-dns-sec-perl).
+ * add dsa-check-zone-rrsig-expiration-many.
+ * dsa-check-raid-aacraid: properly support beethoven's Adaptec AAC-RAID
+ controller with a battery: "ZMM Optimal" is the way it says "optimal".
+ * dsa-check-dabackup-server: check /etc/ssh/userkeys/root instead of
+ /root/.ssh/authorized_keys.
+ * add dsa-check-dnssec-delegation.
+ * dsa-check-hpasm: Add --fan-high to not tread high fan speeds as a
+ warning condition.
+ * weak-ssh-keys-check: Check all keys in files in /etc/ssh/userkeys
+ and /var/lib/misc/userkeys, not just the first. (Also doesn't
+ blow up if a file is empty.)
+
+ -- Peter Palfrader <weasel@debian.org> Mon, 22 Feb 2010 10:32:51 +0100
+
+dsa-nagios-checks (84) unstable; urgency=low
+
+ [ Peter Palfrader ]
projects / mirror / dsa-nagios.git / blobdiff