Description of problem: After deploying overcloud nodes, there were a bunch of non-stop-authentication failures of __snmp_user__. Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804-> [10.0.9.104]:161 Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804-> [10.0.9.104]:161 Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804-> [10.0.9.104]:161 Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804-> [10.0.9.104]:161 Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804-> [10.0.9.104]:161 Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Connection from UDP: [10.0.9.200]:48804-> [10.0.9.104]:161 Sep 14 21:11:37 overcloud-compute-0.localdomain snmpd[14680]: Authentication failed for ro_snmp_user What this guy was exactly trying to do is to access / read configuration file like: snmpd.conf See below: 276150 unlink("/var/lib/net-snmp/snmpd.0.conf") = 0 276151 stat("/var/lib/net-snmp/snmpd.1.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory) 276152 stat("/var/lib/net-snmp/snmpd.2.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory) 276153 stat("/var/lib/net-snmp/snmpd.3.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory) 276154 stat("/var/lib/net-snmp/snmpd.4.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory) 276155 stat("/var/lib/net-snmp/snmpd.5.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory) 276156 stat("/var/lib/net-snmp/snmpd.6.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory) 276157 stat("/var/lib/net-snmp/snmpd.7.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory) 276158 stat("/var/lib/net-snmp/snmpd.8.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory) 276159 stat("/var/lib/net-snmp/snmpd.9.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory) 276160 stat("/var/lib/net-snmp/snmpd.10.conf", 0x7ffdc136fef0) = -1 ENOENT (No such file or directory) But as you see: ls -lhart var/lib/ total 4.0K drwxr-xr-x. 5 shinobu shinobu 38 Sep 15 07:38 .. -rw-r--r--. 1 shinobu shinobu 3.3K Sep 15 08:48 logrotate.status drwxr-xr-x. 2 shinobu shinobu 29 Sep 15 08:48 . We do not see such a directory for snmpd. If it's because "var/lib" is a part of sosreport, we should add whole files in "/var/lib". So where that snmpd.conf is located at is: $ find -name "snmpd.conf" ./etc/snmp/snmpd.conf ### ### File managed by Puppet ### ################################################################################ # AGENT BEHAVIOUR agentaddress udp:161,udp6:[::1]:161 ################################################################################ # ACCESS CONTROL # ------------------------------------------------------------------------------ # Traditional Access Control rocommunity public 127.0.0.1 rocommunity6 public ::1 # ------------------------------------------------------------------------------ # VACM Configuration # sec.name source community com2sec notConfigUser default public com2sec6 notConfigUser default public # groupName securityModel securityName group notConfigGroup v1 notConfigUser group notConfigGroup v2c notConfigUser # name incl/excl subtree mask(optional) view systemview included .1.3.6.1.2.1.1 view systemview included .1.3.6.1.2.1.25.1.1 # group context sec.model sec.level prefix read write notif access notConfigGroup "" any noauth exact systemview none none # ------------------------------------------------------------------------------ # Typed-View Configuration ################################################################################ # SYSTEM INFORMATION # ------------------------------------------------------------------------------ # System Group sysLocation Unknown sysContact Unknown sysServices 72 sysName overcloud-controller-0.localdomain ################################################################################ # EXTENDING AGENT FUNCTIONALITY ############################################################################### ## Logging ## ## We do not want annoying "Connection from UDP: " messages in syslog. ## If the following option is set to 'no', snmpd will print each incoming ## connection, which can be useful for debugging. dontLogTCPWrappersConnects no ################################################################################ # OTHER CONFIGURATION rouser ro_snmp_user proc cron includeAllDisks 10% master agentx trapsink localhost public iquerySecName internalUser rouser internalUser defaultMonitors yes linkUpDownNotifications yes Version-Release number of selected component (if applicable): So what my questions here are: 1.What do you think this strange and noisy situation? 2.How did you deploy snmpd to directory using puppet? 3.Where is puppet recipe for this deployment? 4.If it's simply bug, how are you going to fix it out? Shinobu How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: