Bug 78391

Summary: Default installed snmpd.conf file contains invalid view definition
Product: [Retired] Red Hat Linux Reporter: ccain
Component: net-snmpAssignee: Phil Knirsch <pknirsch>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: ral77, rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-02-03 14:50:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description ccain 2002-11-22 05:11:45 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.1) Gecko/20020827

Description of problem:
The default snmpd.conf file installed by the net-snmp RPM contains the following
(and only) view definition:

view  systemview  included  system

As is, this will cause the following error on attempted startup of the snmpd daemon:

/etc/snmp/snmpd.conf: line 54: Error: bad SUBTREE object id

The daemon will still load, but any snmp requests will fail. The requesting
agent will simply see a timeout on the request.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Install the net-snmp RPM
2. /etc/rc.d/init.d/snmpd start
3. snmpwalk -c public -v 1 localhost system

Actual Results:  After step 2, the following error will appear in /var/log/messages:

/etc/snmp/snmpd.conf: line 54: Error: bad SUBTREE object id

Step 3 will simply result in a timeout.

Expected Results:  Step 3 should have walked the system MIB and reported the
results.

Additional info:

The fourth field in the view definition is expecting the OID itself (ASN
format), not a variable name. The word "system" should be replaced with the
corresponding OID. (I think the system OID is .1.3.6.1.2.1.1, but don't quote me
on that :) 

There may be another way to get there, but specifying the OID itself definitely
works. I tested with the following definition (instead of the default one) and
got proper results:

view  all  included  .1

Changing the view name to "all" requires changing the "access" definition line
to match, of course ... although anyone looking for a temporary workaround
should DEFINITELY NOT give unprivileged user groups access to the example rule
above unless you are REALLY, REALLY sure you understand the security implications.
Comment 1 Robert Lomitola 2003-06-08 04:43:50 UTC 
snmpd %CPU goes to 100% (MAX) until /etc/init.d/snmpd stop command.
Comment 2 Phil Knirsch 2003-07-09 15:00:15 UTC 
Fixed in current release.

Read ya, Phil
Comment 3 Michael Brock 2003-11-16 04:56:55 UTC 
Not fixed in net-snmp-5.0.6-8.80.2 (latest Net-SNMP eratta for 8.0)

Same error.
Comment 4 Phil Knirsch 2003-11-18 14:14:27 UTC 
There is a new errata pending for RH 8.0 which fixes that problem
(among some others).

Setting to modified until errata is released.

Read ya, Phil
Comment 5 Phil Knirsch 2004-02-03 14:50:36 UTC 
Unfortunately there is hardly anthing i can do about the 100% CPU
utilization. It's a basic problem of ucd-snmp and net-snmp if the view
tree is restricted that it then goes through the whole tree to find
all proper views which then hits the rpmdb stuff at some point which
really takes ages. And there is no easy fix that can be done to speed
it up.

If you wait for a couple of minutes snmpd will go down back to 0% and
new requests can be made.

The only real "solution" is to set the view to .1, i've experimented
with lots of view restrictions but none would render snmpd to be
responsive for a snmpwalk localhost public .1

Read ya, Phil

PS: The original bug of the wrong view param in the config file is
fixed in the latest errata, so i'm closing this bug as errata.