Bug 67554
Summary: | Upgrade breaks ACL's for UCD-SNMP in a Random Fashion | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Brian E. Seppanen <seppanen> |
Component: | ucd-snmp | Assignee: | Phil Knirsch <pknirsch> |
Status: | CLOSED NOTABUG | QA Contact: | Brock Organ <borgan> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.2 | CC: | rvokal |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
URL: | No available URL | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2002-08-02 02:36:49 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Brian E. Seppanen
2002-06-27 13:08:06 UTC
This is also a problem with redhat-7.3 Could you give more information, e.g. attache the ACLs' so that i might be able to reproduce it? Otherwise it's nearly impossible for me to even try to fix the problem. Read ya, Phil com2sec local localhost community com2sec net 192.168.1.0/24 community #### # Second, map the security name into a group name: # groupName securityModel securityName #group notConfigGroup v1 notConfigUser #group notConfigGroup v2c notConfigUser group MyROGroup v1 local group MyROGroup usm local group MyROGroup v2c local group MyROGroup v1 net group MyROGroup usm net group MyROGroup v2c net group MyROGroup v2c local group MyROGroup v2c net #### # Third, create a view for us to let the group have rights to: # name incl/excl subtree mask(optional) view all included .1 80 view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc # group context sec.model sec.level prefix read write notif access MyROGroup "" v1 noauth exact all none all access MyROGroup "" usm noauth exact all none all access MyROGroup "" v2c noauth exact all none all ul 17 19:19:42 karelia ucd-snmp[1967]: Connection from 192.168.1.4 REFUSED This version of the agent has tcpwrapper support. From your error message that almost certainly appears to be the problem. Check your hosts.allow and hosts.deny files and make sure you're allowing snmpd/snmptrapd connections there as well. Post a message with your results. Previously I had the following /etc/hosts.allow entry for snmpd snmpd: LOCAL 192.168.1.5 LOCAL unfortunately did not satisfy the criteria I thought it would (assume 127.0.0.1 would satisfy LOCAL). It does work once I explicitly add 127.0.0.1, etc... Thanks. Feel free to Close. Previously I had the following /etc/hosts.allow entry for snmpd snmpd: LOCAL 192.168.1.5 LOCAL unfortunately did not satisfy the criteria I thought it would (assume 127.0.0.1 would satisfy LOCAL). It does work once I explicitly add 127.0.0.1, etc... Thanks. Feel free to Close. OK, closing bug. Thanks for pointing out the tcpwrapper connection, Darren! Read ya, Phil |