Hi,
I am trying out check_mk (2.0.0p24.cfe) on Ubuntu 20.04.
I found the password store interesting and though of using that for some old shell scripts from Nagios where we need to provide user and password to the script.
I checked the REST API guide and took this example:
#!/bin/bash
HOST_NAME="localhost"
SITE_NAME="mysite"
API_URL="http://$HOST_NAME/$SITE_NAME/check_mk/api/1.0"
USERNAME="automation"
PASSWORD="test123"
http --json GET "$API_URL/objects/password/pass" \
"Authorization: Bearer $USERNAME $PASSWORD" \
"Accept: application/json"
Then I get a 200 response and can see things like “comments” and “documentation”.
But I do not see any actual password in the return.
Am I missing something?
Thanks!
(I can use the equivalent PUT example from the REST API guide and add entries in the password store but the GET script don’t return those passwords either)
Reply from the script above:
HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 1108
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' ssh: rdp:; img-src 'self' data: https://*.tile.openstreetmap.org/ ; connect-src 'self' https://crash.checkmk.com/ https://license.checkmk.com/api/upload ; frame-ancestors 'self' ; base-uri 'self'; form-action 'self' javascript: 'unsafe-inline'; object-src 'self'; worker-src 'self' blob:
Content-Type: application/json
Date: Mon, 23 May 2022 22:34:27 GMT
ETag: "81e0efb7281261cd98b0851c2b63d738cb212a1f5935a88dbe9ea337a96beb85"
Feature-Policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';
Keep-Alive: timeout=5, max=100
Referrer-Policy: origin-when-cross-origin
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
{
"domainType": "password",
"extensions": {
"comment": "Kommentar",
"documentation_url": "localhost",
"owned_by": null,
"shared_with": [
"all"
]
},
"id": "pass",
"links": [
{
"domainType": "link",
"href": "http://localhost/mysite/check_mk/api/1.0/objects/password/pass",
"method": "GET",
"rel": "self",
"type": "application/json"
},
{
"domainType": "link",
"href": "http://localhost/mysite/check_mk/api/1.0/objects/password/pass",
"method": "PUT",
"rel": "urn:org.restfulobjects:rels/update",
"type": "application/json"
},
{
"domainType": "link",
"href": "http://localhost/mysite/check_mk/api/1.0/objects/password/pass",
"method": "DELETE",
"rel": "urn:org.restfulobjects:rels/delete",
"type": "application/json"
}
],
"members": {
"title": {
"format": "string",
"id": "title",
"links": [
{
"domainType": "link",
"href": "http://localhost/mysite/check_mk/api/1.0/objects/password/pass/properties/title",
"method": "GET",
"rel": "self",
"type": "application/json"
}
],
"memberType": "property",
"title": null,
"value": "Kubernetes login"
}
},
"title": "Kubernetes login"
}