mirror of
https://github.com/openwrt/packages.git
synced 2025-12-21 19:14:30 +04:00
fdc246b0c6
Updates Zabbix to 7.0.21-r1 (latest 7.0 LTS version)
Note that for the frontend, clearing browser cache, cookies and other
site data for the zabbix frontend server may be necessary.
Security fixes compared to 7.0.12 (most are frontend only):
* CVE-2025-27238: API hostprototype.get lists data to users with
insufficient authorization https://support.zabbix.com/browse/ZBX-26988
* CVE-2025-27236: User information disclosure via api_jsonrpc.php on
method user.get with param search:
https://support.zabbix.com/browse/ZBX-27060
* CVE-2025-27231: LDAP 'Bind password' field value can be leaked by a
Zabbix Super Admin: https://support.zabbix.com/browse/ZBX-27062
* CVE-2025-49641: Insufficient permission check for the
problem.view.refresh action:
https://support.zabbix.com/browse/ZBX-27063
* CVE-2025-49643: Frontend DoS vulnerability due to asymmetric
resource consumption: https://support.zabbix.com/browse/ZBX-27284
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
(cherry picked from commit 0488c96b08)
83 lines
2.2 KiB
Diff
83 lines
2.2 KiB
Diff
From da7f1292838f087e2179705f2778f78ddd85cba8 Mon Sep 17 00:00:00 2001
|
|
From: "Daniel F. Dickinson" <dfdpublic@wildtechgarden.ca>
|
|
Date: Wed, 17 Dec 2025 18:28:37 -0500
|
|
Subject: [PATCH] zabbix_agentd: Tweak config file for OpenWrt
|
|
|
|
Note: original patch had no header, header added 2025-12-16, while
|
|
bumping package version.
|
|
|
|
1. Use syslog not a file for logging
|
|
2. Do not use PidFile
|
|
3. Only start in passive agent by default
|
|
4. Do not do active checks by default
|
|
5. Use the system hostname as hostname.
|
|
6. Include configurations under /etc/zabbix_agentd.conf.d/
|
|
|
|
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
|
|
---
|
|
conf/zabbix_agentd.conf | 19 +++++++------------
|
|
1 file changed, 7 insertions(+), 12 deletions(-)
|
|
|
|
--- a/conf/zabbix_agentd.conf
|
|
+++ b/conf/zabbix_agentd.conf
|
|
@@ -3,12 +3,11 @@
|
|
|
|
############ GENERAL PARAMETERS #################
|
|
|
|
-### Option: PidFile
|
|
-# Name of PID file.
|
|
-#
|
|
-# Mandatory: no
|
|
-# Default:
|
|
-# PidFile=/tmp/zabbix_agentd.pid
|
|
+# We do not need PidFile with procd
|
|
+# PidFile=/var/run/zabbix_agentd.pid
|
|
+
|
|
+# use syslog
|
|
+LogType=system
|
|
|
|
### Option: LogType
|
|
# Specifies where log messages are written to:
|
|
@@ -27,8 +26,6 @@
|
|
# Default:
|
|
# LogFile=
|
|
|
|
-LogFile=/tmp/zabbix_agentd.log
|
|
-
|
|
### Option: LogFileSize
|
|
# Maximum size of log file in MB.
|
|
# 0 - disable automatic log rotation.
|
|
@@ -136,6 +133,7 @@ Server=127.0.0.1
|
|
# Range: 0-100
|
|
# Default:
|
|
# StartAgents=10
|
|
+StartAgents=1
|
|
|
|
##### Active checks related
|
|
|
|
@@ -164,8 +162,6 @@ Server=127.0.0.1
|
|
# Default:
|
|
# ServerActive=
|
|
|
|
-ServerActive=127.0.0.1
|
|
-
|
|
### Option: Hostname
|
|
# List of comma delimited unique, case sensitive hostnames.
|
|
# Required for active checks and must match hostnames as configured on the server.
|
|
@@ -175,8 +171,6 @@ ServerActive=127.0.0.1
|
|
# Default:
|
|
# Hostname=
|
|
|
|
-Hostname=Zabbix server
|
|
-
|
|
### Option: HostnameItem
|
|
# Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
|
|
# Does not support UserParameters or aliases.
|
|
@@ -545,5 +539,5 @@ Hostname=Zabbix server
|
|
# Include=
|
|
|
|
# Include=/usr/local/etc/zabbix_agentd.userparams.conf
|
|
-# Include=/usr/local/etc/zabbix_agentd.conf.d/
|
|
# Include=/usr/local/etc/zabbix_agentd.conf.d/*.conf
|
|
+Include=/etc/zabbix_agentd.conf.d/
|