[OBS-4246] distro_ver too short for HardenedBSD - Observium

Details

Type: Bug
Resolution: Fixed
Priority: Minor
Fix Version/s: None
Affects Version/s: Professional Edition
Component/s: Default
Labels:
None

Description

HardenedBSD (security hardened variant of FreeBSD) reports distro_ver as 17 character string:

14.0-CURRENT-HBSD

This causes Observium event log to fill up with following repeating entries:

Distro_ver changed: '14.0-CURRENT-HBS' -> '14.0-CURRENT-HBSD'

This continous distro_ver change detection is caused by distro_ver being declared and stored as 16-character VARCHAR:

`distro_ver` varchar(16) COLLATE utf8_unicode_ci DEFAULT NULL

Would it be possible to alter distro_ver in schema to be bit longer than 16-characters to accomodate HardenedBSD and other OSs that report longer version identifiers?

Attachments

Issue Links

relates to

OBS-4257 OS: HardenedBSD

Resolved

Activity

[OBS-4246] distro_ver too short for HardenedBSD

Ilkka Myller added a comment - 2022/09/06 08:46 AM

Pro version stable r12278 still unchanged:

<redacted>@observium:/opt/observium# svn up

Updating '.':

At revision 12278.

<redacted>@observium:/opt/observium# grep -ri distro_ver update

update/089.sql:ALTER TABLE  `devices` ADD `distro_ver` VARCHAR( 16 ) CHARACTER SET utf8 COLLATE utf8_unicode_ci NULL DEFAULT NULL;

update/db_schema_mysql.sql:  `distro_ver` varchar(16) COLLATE utf8_unicode_ci DEFAULT NULL,

Ilkka Myller added a comment - 2022/09/06 08:46 AM Pro version stable r12278 still unchanged: <redacted> @observium :/opt/observium# svn up Updating '.' : At revision 12278 . <redacted> @observium :/opt/observium# grep -ri distro_ver update update/ 089 .sql:ALTER TABLE `devices` ADD `distro_ver` VARCHAR( 16 ) CHARACTER SET utf8 COLLATE utf8_unicode_ci NULL DEFAULT NULL; update/db_schema_mysql.sql: `distro_ver` varchar( 16 ) COLLATE utf8_unicode_ci DEFAULT NULL,

Mike Stupalov added a comment - 2022/09/05 02:52 PM

Ok, in r12276 this field increased (need run ./discovery.php -u after update).
Also improved distro script for detect HardenedBSD (as distribution).

Mike Stupalov added a comment - 2022/09/05 02:52 PM Ok, in r12276 this field increased (need run ./discovery.php -u after update). Also improved distro script for detect HardenedBSD (as distribution).

Ilkka Myller added a comment - 2022/09/05 09:23 AM

~# sysctl hardening.version

hardening.version: 1400003

:~# cat /var/db/hbsd-update/version

hbsd-v1400003-9a91c5120c1d2e120213d7b8d6a56c15bffc9ad4

Ilkka Myller added a comment - 2022/09/05 09:23 AM ~# sysctl hardening.version hardening.version: 1400003 :~# cat /var/db/hbsd-update/version hbsd-v1400003-9a91c5120c1d2e120213d7b8d6a56c15bffc9ad4

Mike Stupalov added a comment - 2022/09/05 09:10 AM

Thank you for extra information!

Can you show me some other content which should be exist on HardenedBSD:

cat /var/db/hbsd-update/version

sysctl hardening.version

Mike Stupalov added a comment - 2022/09/05 09:10 AM Thank you for extra information! Can you show me some other content which should be exist on HardenedBSD: cat /var/db/hbsd-update/version sysctl hardening.version

Ilkka Myller added a comment - 2022/09/04 04:01 PM

Also:

uname -a:

# uname -a

FreeBSD <hostname redacted for security> 14.0-CURRENT-HBSD FreeBSD 14.0-CURRENT-HBSD #0 : Wed Aug 31 18:45:32 UTC 2022     root@ci-06.md.hardenedbsd.lan:/usr/obj/usr/src/amd64.amd64/sys/HARDENEDBSD amd64

/etc/os-release:

~# cat /etc/os-release

NAME=HardenedBSD

VERSION="14.0-CURRENT-HBSD"

VERSION_ID="14.0"

ID=hardenedbsd

ANSI_COLOR="0;31"

PRETTY_NAME="HardenedBSD 14.0-CURRENT-HBSD"

CPE_NAME="cpe:/o:freebsd:freebsd:14.0"

HOME_URL="https://hardenedbsd.org/"

BUG_REPORT_URL="https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/issues"

and finally (totally impractical and insane):

# uname -abiKmnoprsUv

FreeBSD <hostname redacted for security> 14.0-CURRENT-HBSD FreeBSD 14.0-CURRENT-HBSD #0 : Wed Aug 31 18:45:32 UTC 2022     root@ci-06.md.hardenedbsd.lan:/usr/obj/usr/src/amd64.amd64/sys/HARDENEDBSD amd64 amd64 HARDENEDBSD 1400066 1400066 13ea76b6ce312d29414f938dde30ea6eee70ec02

Ilkka Myller added a comment - 2022/09/04 04:01 PM Also: uname -a: # uname -a FreeBSD <hostname redacted for security> 14.0-CURRENT-HBSD FreeBSD 14.0-CURRENT-HBSD #0 : Wed Aug 31 18:45:32 UTC 2022 root@ci-06.md.hardenedbsd.lan:/usr/obj/usr/src/amd64.amd64/sys/HARDENEDBSD amd64 /etc/os-release: ~# cat /etc/os-release NAME=HardenedBSD VERSION="14.0-CURRENT-HBSD" VERSION_ID="14.0" ID=hardenedbsd ANSI_COLOR="0;31" PRETTY_NAME="HardenedBSD 14.0-CURRENT-HBSD" CPE_NAME="cpe:/o:freebsd:freebsd:14.0" HOME_URL="https://hardenedbsd.org/" BUG_REPORT_URL="https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/issues" and finally (totally impractical and insane): # uname -abiKmnoprsUv FreeBSD <hostname redacted for security> 14.0-CURRENT-HBSD FreeBSD 14.0-CURRENT-HBSD #0 : Wed Aug 31 18:45:32 UTC 2022 root@ci-06.md.hardenedbsd.lan:/usr/obj/usr/src/amd64.amd64/sys/HARDENEDBSD amd64 amd64 HARDENEDBSD 1400066 1400066 13ea76b6ce312d29414f938dde30ea6eee70ec02

Ilkka Myller added a comment - 2022/09/04 03:54 PM

Here:

~# ./distro

FreeBSD|HARDENEDBSD|amd64||14.0-CURRENT-HBSD|kvm|

Ilkka Myller added a comment - 2022/09/04 03:54 PM Here: ~# ./distro FreeBSD|HARDENEDBSD|amd64||14.0-CURRENT-HBSD|kvm|

Mike Stupalov added a comment - 2022/09/04 10:27 AM

Can you show full output for distro script on HardenedBSD:

distro

Mike Stupalov added a comment - 2022/09/04 10:27 AM Can you show full output for distro script on HardenedBSD: distro

Observium Bot added a comment - 2022/09/04 09:44 AM

General questions and device support can be discussed in our Discord channel, click here to join.

Please make and attach additional information about the device:

full snmp dump from device:

snmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -ObentxU <hostname> .1 > myagent.snmpwalk

snmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -ObentxU <hostname> .1.3.6.1.4.1 >> myagent.snmpwalk

If device not support SNMP version 2c, replace -v2c with -v1.

If you have problems with discovery or poller processes, please do and attach these debugs:
./discovery.php -d -h <device>
./poller.php -d -h <device>

additionally attach device and/or vendor specific MIB files

This comment is added automatically.

Observium Bot added a comment - 2022/09/04 09:44 AM General questions and device support can be discussed in our Discord channel, click here to join . Please make and attach additional information about the device: full snmp dump from device: snmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -ObentxU <hostname> .1 > myagent.snmpwalk snmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -ObentxU <hostname> .1.3.6.1.4.1 >> myagent.snmpwalk If device not support SNMP version 2c, replace -v2c with -v1. If you have problems with discovery or poller processes, please do and attach these debugs: ./discovery.php -d -h <device> ./poller.php -d -h <device> additionally attach device and/or vendor specific MIB files This comment is added automatically.

People

Assignee:: Mike Stupalov

Reporter:: Ilkka Myller

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2022/09/04 09:44 AM

Updated:: 2022/09/14 11:13 AM

Resolved:: 2022/09/05 02:52 PM