1271498 – A bunch of authentication failures on overcloud nodes

Bug 1271498 - A bunch of authentication failures on overcloud nodes

Summary: A bunch of authentication failures on overcloud nodes

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	rhosp-director
Sub Component:
Version:	7.0 (Kilo)
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	unspecified
Target Milestone:	---
Target Release:	8.0 (Liberty)
Assignee:	Jay Dobies
QA Contact:	yeylon@redhat.com
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-10-14 07:28 UTC by Shinobu KINJO
Modified:	2019-09-12 09:05 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-03-04 04:29:09 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Shinobu KINJO 2015-10-14 07:28:09 UTC

Description of problem:

After deploying overcloud nodes, there were a bunch of non-stop-authentication failures of __snmp_user__.


    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804->
    [10.0.9.104]:161
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804->
    [10.0.9.104]:161
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804->
    [10.0.9.104]:161
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804->
    [10.0.9.104]:161
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804->
    [10.0.9.104]:161
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804->
    [10.0.9.104]:161
    Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user


What this guy was exactly trying to do is to access / read configuration file like:


    snmpd.conf


See below:


    276150 unlink("/var/lib/net-snmp/snmpd.0.conf") = 0
    276151 stat("/var/lib/net-snmp/snmpd.1.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory)
    276152 stat("/var/lib/net-snmp/snmpd.2.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory)
    276153 stat("/var/lib/net-snmp/snmpd.3.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory)
    276154 stat("/var/lib/net-snmp/snmpd.4.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory)
    276155 stat("/var/lib/net-snmp/snmpd.5.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory)
    276156 stat("/var/lib/net-snmp/snmpd.6.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory)
    276157 stat("/var/lib/net-snmp/snmpd.7.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory)
    276158 stat("/var/lib/net-snmp/snmpd.8.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory)
    276159 stat("/var/lib/net-snmp/snmpd.9.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory)
    276160 stat("/var/lib/net-snmp/snmpd.10.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory)


But as you see:


    ls -lhart var/lib/
    total 4.0K
    drwxr-xr-x. 5 shinobu shinobu   38 Sep 15 07:38 ..
    -rw-r--r--. 1 shinobu shinobu 3.3K Sep 15 08:48 logrotate.status
    drwxr-xr-x. 2 shinobu shinobu   29 Sep 15 08:48 .


We do not see such a directory for snmpd.

If it's because "var/lib" is a part of sosreport, we should add whole files in "/var/lib".

So where that snmpd.conf is located at is:


    $ find -name "snmpd.conf"
    ./etc/snmp/snmpd.conf

    ###
    ### File managed by Puppet
    ###

    ################################################################################
    # AGENT BEHAVIOUR

    agentaddress udp:161,udp6:[::1]:161

    ################################################################################
    # ACCESS CONTROL

    # ------------------------------------------------------------------------------
    # Traditional Access Control
    rocommunity public 127.0.0.1
    rocommunity6 public ::1

    # ------------------------------------------------------------------------------
    # VACM Configuration
    #       sec.name       source        community
    com2sec notConfigUser  default       public

    com2sec6 notConfigUser  default       public

    #       groupName      securityModel securityName
    group   notConfigGroup v1            notConfigUser
    group   notConfigGroup v2c           notConfigUser

    #       name          incl/excl  subtree             mask(optional)
    view    systemview    included   .1.3.6.1.2.1.1
    view    systemview    included   .1.3.6.1.2.1.25.1.1

    #       group          context sec.model sec.level prefix read       write notif
    access  notConfigGroup ""      any       noauth    exact  systemview none  none

    # ------------------------------------------------------------------------------
    # Typed-View Configuration

    ################################################################################
    # SYSTEM INFORMATION

    # ------------------------------------------------------------------------------
    # System Group
    sysLocation Unknown
    sysContact Unknown
    sysServices 72
    sysName overcloud-controller-0.localdomain

    ################################################################################
    # EXTENDING AGENT FUNCTIONALITY


    ###############################################################################
    ## Logging
    ##

    ## We do not want annoying "Connection from UDP: " messages in syslog.
    ## If the following option is set to 'no', snmpd will print each incoming
    ## connection, which can be useful for debugging.

    dontLogTCPWrappersConnects no

    ################################################################################
    # OTHER CONFIGURATION

    rouser ro_snmp_user
    proc  cron
    includeAllDisks  10%
    master agentx
    trapsink localhost public
    iquerySecName internalUser
    rouser internalUser
    defaultMonitors yes
    linkUpDownNotifications yes

    Version-Release number of selected component (if applicable):


So what my questions here are:


  1.What do you think this strange and noisy situation?
  2.How did you deploy snmpd to directory using puppet?
  3.Where is puppet recipe for this deployment?
  4.If it's simply bug, how are you going to fix it out?


Shinobu


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Note You need to log in before you can comment on or make changes to this bug.