Package: mon Version: 1.2.0-6 Severity: normal Following a recent update (it had been a while), mon started reporting an IMAP server to be down. Investigating, I discovered that the new version of imap.monitor now attempts to log into the IMAP server using the LOGIN protocol and a hardcoded username and password. It does not support SSL/TLS.
There are a number of obvious problems with this setup: 1. Hardcoded account information is undesirable even if they are locally customized, since it means the script can only be used with one authentication domain. 2. Modifying the script in an environment with many managed servers is undesirable. 3. Transferring usernames and passwords in the clear is problematic at best. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=es_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages mon depends on: ii adduser 3.113+nmu1 ii libc6 2.13-27 ii libtime-period-perl 1.20-8 ii mon-client 1.2.0-1 Versions of packages mon recommends: ii fping 2.4b2-to-ipv6-16.1 ii libauthen-pam-perl <none> ii libcrypt-ssleay-perl <none> ii libfilesys-diskspace-perl <none> ii libnet-dns-perl 0.66-2+b2 ii libnet-ldap-perl 1:0.4400-1 ii libnet-telnet-perl <none> ii libsnmp-perl 5.4.3~dfsg-2.4 ii libstatistics-descriptive-perl <none> ii libtime-modules-perl <none> ii perl-modules [libnet-perl] 5.14.2-9 Versions of packages mon suggests: pn mon-contrib <none> -- Configuration Files: /etc/mon/mon.cf changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
