Description of problem: cfgmaker is buggy, does not proper support SNMPv3 Version-Release number of selected component (if applicable): mrtg-2.14.5-2 How reproducible: Always Steps to Reproduce: 1. Setup SNMPv3 configuration in/etc/snmpd.conf rouser test auth .1 createUser test MD5 test1234 # service snmpd restart 2. Check using snmpwalk: snmpwalk -v 3 -u test -A test1234 -l authNoPriv localhost => works 3. Try to generate config Prereq: install perl-Net-SNMP from EPEL $ cfgmaker --enable-snmpv3 --username test --authpassword test1234 localhost:::::3 (note, "--enable-snmpv3" was changed to "--enablesnmpv3" from 2.14 to 2.16) Actual results: # cfgmaker --enable-snmpv3 --username test --authpassword test1234 localhost:::::3 >/dev/null SNMP V3 requires a --username parameter as part of the User Security Model for router public@localhost:::::3 at /usr/bin/cfgmaker line 121. Hmm, value is specifed... Expected results: Working well Additional info: This can be temporary fixed with: --- /usr/bin/cfgmaker 2007-01-09 21:37:49.000000000 +0100 +++ /usr/bin/cfgmaker-v3-2.14 2009-03-07 10:49:35.000000000 +0100 @@ -85,6 +85,7 @@ } # Check for SNMP V3 # + if (defined $opt{enablesnmpv3}) { $opt{enablesnmpv3} = "yes"; }; if (lc($opt{enablesnmpv3}) eq "yes") { if (eval {local $SIG{__DIE__};require Net_SNMP_util;}) { import Net_SNMP_util; @@ -1201,7 +1202,7 @@ 'output=s', 'global=s@', 'enable-ipv6', - 'enable-snmpv3', + 'enablesnmpv3', 'use-16bit', 'zero-speed=s', '<>', $addrouter_ornf) or pod2usage(2); @@ -1451,7 +1452,7 @@ $v3opt{authkey} = $$opt{authkey}; } if (exists ($$opt{authpassword})) { - die "Use of --authpassword requires --contextengineid" if !exists($$opt{contextengineid}); + #die "Use of --authpassword requires --contextengineid" if !exists($$opt{contextengineid}); $v3opt{authpassword} = $$opt{authpassword}; } if (exists ($$opt{authprotocol})) { Until upgrade to 2.16 is done (this also renames the option to "enablesnmpv3" as in 2.16).
This bug is partially related to https://bugzilla.redhat.com/show_bug.cgi?id=489082
RHEL-5 is entering Production 2 Phase (see [1]), only critical and important security issues are going to be adressed => closing this bug WONTFIX. [1] https://access.redhat.com/support/policy/updates/errata/