=== chris14_ is now known as chris14
=== chris14_ is now known as chris14
=== cpaelzer_ is now known as cpaelzer
=== JanC_ is now known as JanC
=== kostkon_ is now known as kostkon
=== shokohsc0 is now known as shokohsc
samy1028Zabbix agent in Ubuntu 20.04 FIPS is v4.0, which is older.  Later versions (6.0+) I have to get from the Zabbix repository.  Unfortunately, the Zabbix repository uses incompatible ciphers compared to FIPS and failes TLS connections.20:12
samy1028Are there any updates planned for Zabbix and Zabbix-Agent2 for Ubuntu 20.04 FIPS?20:13
sarnoldsamy1028: you'll have to ask your zabbix sales agent20:13
samy1028sarnold, there is a Zabbix agent in the Ubuntu repository though.  So I guess there aren't any plans to release a later version at the moment?  Or is it provided to Ubuntu from Zabbix?20:14
sarnoldsamy1028: wholesale version upgrades of zabbix in the archive is very unlikely; I don't know much about the support end of canonical but "prepare a ppa with zabbix that has been configured to work with FIPS" certainly feels like a plausible thing the support team could do20:17
sarnoldsamy1028: heck, the support team might even be willing to make a ppa of newer zabbix, but it'd be worth knowing *why* you'd want a newer zabbix before approaching them20:17
samy1028specifically, to limit the actions of what Zabbix can do on the remote system, there's an option called "AllowedKey" which allows you to specify a specific remote script to run.  According to the documentation I can find the AllowKey options are only available in 5.0 and later.20:20
sarnoldaha, that sounds like a nice feature indeed20:20
sarnoldyou may be able to achieve something similar with an appropriate apparmor profile around the agent20:20
samy1028also, the 4.0 version only supports the original zabbix-agent whereas the later versions support zabbix-agent2 which gives more flexibility and control of scritps.20:24
=== chris14_ is now known as chris14
=== mrmango176 is now known as mrmango17

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!