| === chris14_ is now known as chris14 | ||
| === chris14_ is now known as chris14 | ||
| === cpaelzer_ is now known as cpaelzer | ||
| === JanC_ is now known as JanC | ||
| === kostkon_ is now known as kostkon | ||
| === shokohsc0 is now known as shokohsc | ||
| samy1028 | Zabbix agent in Ubuntu 20.04 FIPS is v4.0, which is older. Later versions (6.0+) I have to get from the Zabbix repository. Unfortunately, the Zabbix repository uses incompatible ciphers compared to FIPS and failes TLS connections. | 20:12 |
|---|---|---|
| samy1028 | Are there any updates planned for Zabbix and Zabbix-Agent2 for Ubuntu 20.04 FIPS? | 20:13 |
| sarnold | samy1028: you'll have to ask your zabbix sales agent | 20:13 |
| samy1028 | sarnold, there is a Zabbix agent in the Ubuntu repository though. So I guess there aren't any plans to release a later version at the moment? Or is it provided to Ubuntu from Zabbix? | 20:14 |
| sarnold | samy1028: wholesale version upgrades of zabbix in the archive is very unlikely; I don't know much about the support end of canonical but "prepare a ppa with zabbix that has been configured to work with FIPS" certainly feels like a plausible thing the support team could do | 20:17 |
| sarnold | samy1028: heck, the support team might even be willing to make a ppa of newer zabbix, but it'd be worth knowing *why* you'd want a newer zabbix before approaching them | 20:17 |
| samy1028 | specifically, to limit the actions of what Zabbix can do on the remote system, there's an option called "AllowedKey" which allows you to specify a specific remote script to run. According to the documentation I can find the AllowKey options are only available in 5.0 and later. | 20:20 |
| sarnold | aha, that sounds like a nice feature indeed | 20:20 |
| sarnold | you may be able to achieve something similar with an appropriate apparmor profile around the agent | 20:20 |
| samy1028 | also, the 4.0 version only supports the original zabbix-agent whereas the later versions support zabbix-agent2 which gives more flexibility and control of scritps. | 20:24 |
| === chris14_ is now known as chris14 | ||
| === mrmango176 is now known as mrmango17 | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!