* Thu Dec 14 2017 chris@computersalat.de
- remove double Req of %insserv_prereq
* Wed Dec 13 2017 chris@computersalat.de
- fix for boo#1072692
* monit: unable to start
* add systemd monit.service file
* still support SysVinit (SLE_11)
- update to 5.25.1
* https://mmonit.com/monit/changes/
- rebase patches
* monit-better_default_monitrc.patch
* monit-rundir.patch
- format specfile
- more use of macros
* Thu Nov 23 2017 rbrown@suse.com
- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)
* Fri Apr 21 2017 liedke@rz.uni-mannheim.de
- update to 5.22:
+ New: Linux: Added support for monitoring ZFS disk activity.
+ New: Added option to explicit specify if the HTTP method HEAD
or GET should be used in a HTTP protocol test. If not
specified, HEAD will be used unless a content or a checksum
test is also specified, in which case GET is used instead.
The default is normally what you want, but now you have the
option to specificially use GET instead of HEAD.
+ New: File, Directory, Fifo checks: Added support for explicit
testing access, change and modification time properties.
If the type is not specified, the original timestamp test
is performed, which checks the latest of ctime and mtime.
It is also possible to use newer and older operators in the
test now.
+ New: Renamed the statement, set logfile <path|syslog> to
set log <path|syslog>.
+ Fixed: Linux: If the monitored filesystem was not found in
/proc/diskstat, Monit could leak filedescriptors.
+ Fixed: Solaris on SPARC: Monit didn't trigger an event if a
protocol test failed.
+ Fixed: Systemd template for Monit: Added StandardOutput=null
option to prevent systemd to duplicate Monit log output.
+ Fixed: Monit cross-compilation
+ Fixed: configure --without-zlib
+ Fixed: If the connection test required STARTTLS, the certificate
valid days test was broken.
+ Fixed: Compile on MacOSX 10.6.x - 10.9.x.
+ Fixed: HTTP protocol test: Allow using a request string in addition
to path, to monitor e.g. a HTTP proxy.
+ Fixed: If connection or ping test repetition is set, log partial
failures with warning priority instead of error.
+ Fixed: Linux: Support rootfs ramdisk.
+ Fixed: Connection retry was broken and performed the test only
once with no retry on error.
+ Fixed: Linux: Subtract ZFS ARC size from the system memory usage.
+ Fixed: SSL certificate validity test and checksum test didn't work
for self-signed certificates.
* Fri Mar 17 2017 liedke@rz.uni-mannheim.de
- update to 5.21:
+ New: We have added a set of new tests that you can use to monitor
and check the performance of your file-systems and disks.
Disk i/o metrics are also displayed in the Monit GUI and
CLI. M/Monit 3.7.0 can be used to view statistics and charts.
+ New: We have also added disk i/o tests and metrics for each process.
Available metrics depends on the platform.
+ New: You can now use NFS/CIFS/SSHFS/etc. connection strings as path
for filesystem checks.
+ New: Report filesystem type in status output
+ New: Extended existence test to not only test if an object does not
exist, but also the inverse, to test if an object does exist.
+ New: You can now set the SSL/TLS version to be used by the Monit
HTTP interface. The syntax follows the general SSL/TLS options
settings, which was introduced in Monit 5.15.
+ New: It is now possible to set the SSL/TLS ciphers Monit's HTTP
server should use.
+ New: The certificate minimum valid days test now triggers the
timestamp event instead of connection event.
+ New: M/Monit: show MacOS version instead of Darwin kernel version.
+ New: Show textual representation of filesystem flags instead of numeric.
+ Fixed: A lot of bugs.
* Wed Mar 15 2017 dimstar@opensuse.org
- PreReq %insserv_prereq: we install legacy SyS-V init scripts and
need to handle them. It's our own duty to ensure the legacy
toolchain is present.
* Fri Nov 04 2016 liedke@rz.uni-mannheim.de
- update to 5.20:
+ New: Added gzip compression support to the HTTP GUI.
+ New: Added gzip compression when communicating with M/Monit.
+ New: Added global set onreboot <start | nostart | laststate>
statement which allows to set a default service startup
policy (the default is onreboot start).
+ New: Added new timeout options to the set limits statement:
+ New: The cpu, memory, swap, inode and space tests now allows
using decimal values when testing percent usage.
+ New: Set the HOME environment variable when executing program
as other user.
+ Fixed: CSRF vulnerability (CVE-2016-7067). (boo#1007455)
+ Fixed: A lot of bugs.
- update to 5.19:
+ New: Monit HTTP: support for IPv6 added.
+ New: Monit HTTP GUI: it is now possible to listen on both TCP
and unix sockets.
+ New: apache-status protocol test:
+ New: Added Basic Authentication support to the HTTP protocol test.
+ Fixed: A lot of bugs.
* Mon Jun 27 2016 liedke@rz.uni-mannheim.de
- update to 5.18:
+ New: Monit console commands now output text in tables and in
colors. Your terminal must support UTF-8 and colors. For
best rendering of tables, we recommend using a fixed width
font in your terminal such as Menlo for non-ascii fonts.
Please see this FAQ entry to learn how to setup your console
to support UTF-8 character encoding.
+ New: A new CLI command was added for succinct reporting and to make
it easy to query Monit from scripts: monit report [options].
Without option, prints a short overview of the state of all
services managed by Monit.
+ New: Environment variable MONIT_SERVICE was added to check program
scripts. The variable contains the name of the service
(from monitrc) for which the program is executed.
+ New: A new onreboot statement was added for controlling service
startup on reboot.
+ New: The old mode statement is reduced to active and passive. Where
active mode provides automatic restart of service on error,
while passive does not, and only provide alerts. Active mode
is the default mode. The third mode, manual, is deprecated
and replaced by onreboot laststate. The manual mode is still
supported for backward compatibility.
+ New: Test for checking system uptime. Can be used to test the uptime
of the system (boot time) and perform an action.
+ New: Added >= and <= as operators for use in comparison tests.
+ New: All errors will be listed if a service has multiple errors.
Previously, Monit displayed only the last error.
+ Fixed: A lot of bugfixes...
* Mon Apr 11 2016 liedke@rz.uni-mannheim.de
- update to 5.17.1:
+ Fixed: Monit crashed when trying to deliver alert by mail if monit
set alert was configured, but the set mail-format statement
was missing (regression in Monit 5.17).
- update to 5.17:
+ New: Extended the SMTP protocol test to support STARTTLS in addition
to SMTPS. Thanks to Robert Nelson for initial patch.
+ New: The SMTP protocol test can now, optionally, perform authentication
during testing. Just add username and password if you want to test
that authentication also works. We recommend using smtps if
authentication is to be performed to encrypt the communication.
+ New: Support extended e-mail format when specyfing from and reply-to
addresses. That is, instead of just the email address you can also
specify the name of the user.
+ New: A new environment variable MONIT_PROGRAM_STATUS was added to check
program to allow scripts called from exec to access the check programs
last exit status.
+ Fixed: The include statement now check if a file has already been included
to prevent circular or recursive inclusion of files.
+ Fixed: Reinitialize supplementary user groups in an exec action when
executing as a different user.
+ Fixed: The value in if changed checksum and if changed timestamp has been
made persistent across Monit restart/reload. If the value changes
while Monit is stopped, Monit will now notice.
+ Fixed: Related to Issue #316 above, we now also save file size, filesystem
flags, file/directory/fifo/filesystem permissions, network link speed
so the last known values will be persistent and if changed tests will
work as expected across a Monit restart/reload.
+ Fixed: favicon did not display properly in the Browser when Monit was behind
a reverse HTTP proxy.
+ Fixed: Monit CLI actions like monit monitor all could fail if you had more
than ~ 50 services in your config file.
+ Fixed: The send/expect protocol test returned error if the target server sent
more data than the buffer limit.
+ Fixed: On 32-bit platforms with more then 4GB of RAM, Monit reported incorrect
system and swap memory values (regression in Monit 5.16).
+ Fixed: Save state on exit when monit is executed in non-deamon mode.
* Fri Mar 18 2016 jgleissner@suse.com
- monit-rundir.patch: use /run/monit for pid file (bnc#971647)
- updated monit-better_default_monitrc.patch to set pid file
correctly in /etc/monitrc
* Tue Feb 09 2016 liedke@rz.uni-mannheim.de
- update to 5.16:
+ New: Added a new statement for overriding default limits used by Monit.
+ New: Issue #276: Allow specific source address for port and ping tests.
+ New: Issue #205: Enhanced process check with a new thread counts test.
+ New: Issue #280: Timestamp tests now reports both the old and the new
(changed) timestamp in alerts.
+ New: Issue #299: Show the last output of the program check when running
monit status from the console.
+ New: Issue #275: monit --version now shows the compile-time features that
were enabled at build time.
+ New: Issue #282: Added support for setting a custom URL path with
apache-status protocol test.
+ New: Changed responsetime for port and unixsocket tests to microseconds
precision.
+ New: Added support for DragonFly BSD. Thanks to Daniel Bilik.
+ Fixed: A lot of bugfixes
* Mon Jan 25 2016 liedke@rz.uni-mannheim.de
- update to 5.15:
+ New: Added a statement for setting global or local SSL/TLS options.
+ New: Added option to verify SSL server certificates.
+ New: Support SSL client certificate authentication for SSL connections.
+ New: To just connect using SSL/TLS without specifying a protocol, you can
now use SSL instead of the former type TCPSSL statement
(which is deprecated).
+ New: SSL certificate expiration test.
+ New: Extended SSL certificate fingerprint (checksum) test with the SHA1 hash
type in addition to the existing MD5 test.
+ New: Extended the ping test to optionally allow setting a packet size
(default is 64 bytes)
+ New: The ping tests now report network response time in milliseconds
rather than in seconds.
+ New: PAM and SSL support are now optional when building Monit RPM.
+ Fixed: The File content match test will move the read-cursor to the end
of the file the first time a file is added to Monit.
+ Fixed: Support for OpenSSL 0.9.8
+ Fixed: Abbreviated file permission error message (otherwise the message,
which was rather long, could get truncated in logs and become
unintelligible).
+ Fixed: Only add the User-Agent HTTP header if it is not already set.
Also allow single quotes in addition to double quotes around
header values.
+ Fixed: If a check host statement contains no if-tests, emit a more
comprehensible error message.
+ Fixed: Do not log "Error reading pid from ..." for non-process checks
on stop/restart.
+ Fixed: Monit could freeze for a period when performing a ping test.
+ Fixed: Do not cascade start action to dependant services if only parent
start was requested.
+ Fixed: Implement hard dependency between services. If a service depends
on another service, it will not start until the parent service
check returns no errors. For example, if Apache depends on MySQL,
Monit will not start Apache until MySQL is confirmed up and running
and passes all its tests. Previously, Monit would start MySQL,
but not wait for MySQL to be confirmed up and running before
it started Apache.
+ Fixed: The HTTP protocol test paused Monit for a few seconds if a
content match test was used and the server sent a response
using chunked encoding.
+ Fixed: Monit no longer exit if it fails to fork. This is debatable,
but for Monit's use-case we think it is better to try and continue.
+ Fixed: Monit leaked file descriptors if program execution failed.
Don't forget the shebang #! at the beginning of your script
+ Fixed: Monit stopped on reload if the control file did not end with
an empty newline.
+ Fixed: With OS X El Capitan, Apple introduced a new System Integrity
Protection policy (SIP) which, among other things, block the
system call, task_for_pid.We now check to see if SIP is enabled
and if it is, we do not call task_for_pid so as not to unnecessary
fill system logs with errors. This also means that Monit, on
El Capitan, can no longer check a process memory and CPU usage
as task_for_pid was needed to get this information.
+ Fixed: Executing a command with a timeout larger than 2147 seconds would
fail on 32-bit systems.
+ Fixed: Mask out SSLv3_client_method() in case SSLv3 support is not available
+ Fixed: SSL SNI is optional, so do not log as error if not supported by server
+ Fixed: SSL client certificate authentication with Monit's HTTP interface
+ Fixed: Access to resources via secondary group membership when executing a
program with a different UID
+ Fixed: Slow start/stop/restart/monitor/unmonitor actions on FreeBSD
- update to 5.14:
+ New: Enable HTTP Strict Transport Security (HSTS), ECDH ciphers and
disable IDEA ciphers on Monit HTTP interface if TLS/SSL is used.
+ New: Simpler system-wide cpu usage test (total of user%, system%, wait%).
+ New: Added options for the command-line commands monit status and monit
summary to only print status for a named service or a named service group.
+ New: Log client address in case of HTTP request errors
+ New: Report Monit version in the start/stop (instance) message
+ Fixed: MySQL test might produce "HOST blocked because of too many connection errors".
- update to 5.13:
+ New: Added support for free space and free inodes monitoring as an
inverse alternative to current space/inodes consumption monitoring.
Both forms, with absolute number of bytes and with percent are supported.
+ New: Added support for Server Name Indication to support testing connection to
name based virtual SSL servers.
+ Security: SSL/TLS compression has been disabled, as well as RC4 and DES ciphers.
+ Fixed: Monit will no longer try to check hostnames on start-up to start faster,
in case DNS is not available at start time.
+ Fixed: Filesystem uid, gid and permission as reported by monit status command.
+ Fixed: If the monit CLI command failed, the error description could contain
HTML in addition to plaintext.
+ Fixed: RPM will now preserve an existing monitrc configuration file on update.
+ Fixed: OS X system memory usage statistics included wrongly inactive memory
(i.e. memory that is available for reuse).
+ Fixed: FreeBSD, OpenBSD, NetBSD: System memory usage statistics did not
include the wired part (kernel memory).
- update to 5.12.2:
+ Fixed: Monit could freeze if an error occurred during SSL read or write.
+ Fixed: If Monit was started with the HTTP interface disabled, the CLI could
crashed when executing a command.
+ Fixed: Network check: support for IP alias [Linux and Solaris]
- update to 5.12.1:
+ New: Allow selecting IPv4 or IPv6 explicit for port and ping tests.
+ Fixed: The Upstart script needed to stop Monit earlier in the
shutdown sequence when the system stops to prevent a
possible race conditions
+ Fixed: Monit may crash if the hostname of the system failed to resolve.
+ Fixed: UDP connection test could fail on a dual-stack host
(IPv4 and IPv6) if the UDP service listens on IPv4 only.
+ Fixed: Only show first line of program output in the Monit dashboard.
+ Fixed: Monit skipped the connection test if no start program was specified.
- update to 5.12:
+ New: Support for IPv6 hosts testing.
+ New: Monit HTTP interface now supports Unix Socket as an
alternative to TCP port for easier deployment on virtualization
platforms which share the IP address for containers, such
as Docker. Thanks to Alberto Miorin for suggesting this feature.
+ New: The space usage test now ignore reserved blocks. Previously,
Monit excluded reserved blocks from the free space, so it
reported 100% usage as soon as all non-super user accessible
blocks were allocated, whereas the filesystem may still
have some space available for root user (usually 1-5%).
The space usage test value will now match the output of utilities
like df.
+ New: File permission change test added. Thanks to Ulrich
Windl for suggesting this feature.
+ New: Support for multiple existence tests (in process, file,
directory and fifo check contexts)
+ New: Support for multiple fsflag tests (in filesystem
check context):
+ New: Monit's HTTP interface now provides even more
details about failed HTTP requests
+ Fixed: Fix speed monitoring for 10Gb/s+ interfaces [Linux]
+ Fixed: Network total upload and download values could be invalid
for certain time frames.
- update to 5.11:
+ New: Monit now supports monitoring of network interfaces.
+ New: Sieve protocol test implemented.
+ New: The PID and PPID change tests are no longer implicit and
automatically executed.
+ New: Multiple PID and PPID tests can now be used.
+ Fixed: The CLI/GUI reported port timeout value in milliseconds
instead of seconds.
+ Fixed: Changed memory kilobytes total title to memory
total as the unit is dynamic since Monit 5.9.
+ Fixed: OpenBSD: don't narrow the 64-bit time_t on 32-bit
build (Y2038 problem).
+ Fixed: If the the test is on hold due to the every option
schedule, display last status instead of Waiting.
+ Fixed: If ping is not allowed (insufficient permissions),
display value as N/A instead of negative response time.
+ Fixed: If the not every <cron> option matched, the test
was skipped only once per minute.
* Deleted: monit-dirs.patch
* Updated: monit.spec
* Sat Nov 29 2014 lmuelle@suse.com
- update to 5.10:
+ New: Redis protocol test added.
+ New: MongoDB protocol test added.
+ New: Changes due to vulnerabilities in SSLv2 and SSLv3.
See CVE-2014-3566 aka "POODLE".
+ Fixed: Issue #101: Manual-mode monitored services state may not be restored
if the monitoring state was changed by user right before the system died.
+ Fixed: Issue #104: Keep umask Monit was started with when executing
start/stop/restart programs, check programs and creating files.
+ Fixed: Issue #107: Support multi-line response in the LMTP protocol test.
+ Fixed: Support TLSv1.1 and TLSv1.2 when FIPS is enabled.
- update to 5.9:
+ New: Output from your check program script is now displayed in Monit’s UI.
+ New: Aggregate and use human friendly units for memory, swap and space
usage values in the User Interface.
+ New: Support monitoring of filesystems by generic device strings such as
sshfs on Linux or ZFS filesystems on Solaris.
+ New: You can now send HTTP headers with the HTTP protocol test.
+ New: Program check now supports exit status change monitoring.
+ New: Added option to run check program as a different user and/or group.
+ New: Changed name of ICMP ECHO statement to Ping which is the more common
name used for a network ping.
+ New: Simplified HTTP and SMTP protocol test with SSL.
+ Fixed: Issue #59, Issue #88: Some systems with upstart (e.g. RHEL/CentOS)
had problems with Monit's restart action which consists of a
stop/start sequence.
+ Fixed: Issue #54: MySQL protocol test.
+ Fixed: Issue #64: Resets counter once a service has successfully restarted
+ New: Issue #84. You can now test for '\0' in an expect string.
+ Fixed: Issue #55: Only run cron style checks once per minute.
+ Fixed: Issue #78: Include open slots in Apache status check calculations
+ Fixed: Issue #57: Inode usage check and space usage check now show correct
result for large filesystems on 32-bit platforms.
+ Fixed: Issue #70: Removed newline in Monit's $ENV strings
+ Fixed: Issue #72: Monit no longer requires a start, stop or restart
program defined for a check.
+ Fixed: P.R. #17: Bug fix, missing "check file" target files result in error
"Invalid checksum" sha1 has a string length of 40.
+ Fixed: P.R. #18: Add missing space in the timeout text in UI.
+ Fixed: Issue #71: Subtract SLAB reclaimable memory from the system memory
usage on Linux
+ Fixed: Support TLSv1.1 and TLSv1.2 in "set mailserver"
+ Fixed: Sporadic "PPID changed from 0 to ..." alert after process restart
+ Fixed: PID/PPID changed events were sometimes triggered after program
restart
+ Fixed: Linux: filesystem space usage on some network based filesystems
such as sshfs
+ Fixed: Automatically reload Monit if ID was reset using --resetid CLI
option.
+ Fixed: Improved speed of send/expect protocol test
+ Fixed: Fixed SMTP protocol test to check the response code
* Sat Nov 29 2014 lmuelle@suse.com
- Remove /var from path in rpmlintrc of the .monit.id file.
- Package /run only on post-11.1 systems.
* Sat Nov 29 2014 lmuelle@suse.com
- Modify shebang to point to bash where bash is required in
vendor-files/tools/monit-modifyinittab.tmpl
- Align used SUSE trade name in the vendor-files.
* Wed Jul 30 2014 sfalken@opensuse.org
- update to 5.8.1:
* Changed all /var/run to /run to fix rpmlint check failure in Factory
* Added: monit-5.8.1.tar.gz
* Deleted: monit-5.6.tar.gz
monit-page_shift.patch as new version deprecates it
* Updated: monit-better_default_monitrc.patch
* Wed Sep 04 2013 pascal.bleser@opensuse.org
- update to 5.6:
* SMTP AUTH LOGIN support added (MS Exchange SMTP authentication should now
work)
* favicon.ico added to the HTTP interface
* Bugfixes:
- If an undefined checksum test was used and the file did not exist on
Monit start, Monit would return an error
- If the configuration file ended with a comment but with no trailing LF
character, Monit would return syntax error
- If a service timed out after too many restarts and alert was used as the
action, then the Timeout flag remained set even if the service recovered
- Escape mail messages properly for sending via SMTP
- Escape XML messages properly
* Wed Jun 05 2013 lars@samba.org
- update to 5.5.1:
* Info and debug messages are no longer sent to stderr, only to stdout.
* Improved output from 'check program', If the program returns an error
message, include only that message in alert $DESCRIPTION so users can
compose their own alert format. If program provided no output on
error, use a default message.
* Improved "check system", $HOST can now be used as a service name.
$HOST will expand to the system hostname. Example: check system $HOST
* Fixed "Unable to read magic" which was reported on first Monit start.
* Tue Mar 12 2013 poelzleithner@b1-systems.de
- use relative path for dirname in init script. dirname is not
longer in /bin, therefor the init script is broken
* Sun Nov 04 2012 lars@samba.org
- update to 5.5:
* check program:
- Multiple exit values can be tested within single program check
- Exit value test supports multiple cycles option ("for X cycles")
- If exit value test matches and the stderr has no data, try stdout
* Renamed mail header (message-id and mime-version) to prevent
triggering spam check of capitalization.
* The 'check system <name>' statement sets the system hostname in mail
alerts and initial hostname in M/Monit.
* Increase the default mailserver timeout to 30 seconds.
* Fix the rare hung on linux which may occur during program execution.
* In the case that the process start/restart execution failed, monit kept
"Execution failed" flag even if the process was recovered later (for
example it was starting slowly or manually recovered).
* Fix the mail alert (strict SMTP implementation) to pass MTA-side sanity
checks like postscreen.
* The -t option tests the configuration file syntax even if the
file permissions are wrong.
* Do not display the default non-existence test for the check
program (not applicable in the check program context).