Does Nagios XI 2024 use nss-mdns?
Posted: Wed Aug 07, 2024 11:22 am
Our systems team just enabled CIS benchmarks on our QA Nagios system. Their puppetized process now wants to remove avahi, which is a requirement for nss-mdns. We narrowed down the install date of nss-mdns to the same day we installed 2024 (vR1.1). I cannot find any reference to nss-mdns or mDNS is the change log or any KBs or documentation.
We checked our primary and failover servers as well to verify mDNS isn't installed on either system.
FYI, CIS benchmarks wants it removed (if not needed) because its a zeroconf implementation that is installed by default on a lot of distros but also has the potential to be exploited.
Logged info:
puppet-agent[427]: Execution of '/usr/bin/rpm -e avahi' returned 1: error: Failed dependencies:
puppet-agent[427]: avahi is needed by (installed) nss-mdns-0.14.1-9.el7.x86_64
Thanks in advance.
John
We checked our primary and failover servers as well to verify mDNS isn't installed on either system.
FYI, CIS benchmarks wants it removed (if not needed) because its a zeroconf implementation that is installed by default on a lot of distros but also has the potential to be exploited.
Logged info:
puppet-agent[427]: Execution of '/usr/bin/rpm -e avahi' returned 1: error: Failed dependencies:
puppet-agent[427]: avahi is needed by (installed) nss-mdns-0.14.1-9.el7.x86_64
Thanks in advance.
John