RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 907571 - net-snmp does not honor configuration file look-ups as specified in man
Summary: net-snmp does not honor configuration file look-ups as specified in man
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: net-snmp
Version: 6.3
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: rc
: ---
Assignee: Jan Safranek
QA Contact: Dalibor Pospíšil
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-02-04 18:11 UTC by Erinn Looney-Triggs
Modified: 2018-12-03 18:14 UTC (History)
4 users (show)

Fixed In Version: net-snmp-5.5-45.el6
Doc Type: Bug Fix
Doc Text:
The snmp_config man page was not clear about which files are looked for and reader could get wrong impression that any file with suffix 'conf' or 'local.conf' can be used as snmp configuration file. In this update, we precisely specify in the man page which files are used.
Clone Of:
: 978398 (view as bug list)
Environment:
Last Closed: 2013-11-21 22:48:02 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
man page patch (1.12 KB, patch)
2013-02-11 10:58 UTC, Jan Safranek
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2013:1693 0 normal SHIPPED_LIVE net-snmp bug fix and enhancement update 2013-11-20 21:52:17 UTC

Description Erinn Looney-Triggs 2013-02-04 18:11:38 UTC
Description of problem:
Looking in 'man snmp_config' it specifies, loosely, that configuration files in /usr/share/snmp/*.local.conf and *.conf should be picked up by snmpd. However, snmpd seems to have been hard coded with paths to configuration files and does not allow *.local.conf or *.conf. 

From strace (filtered for brevity):
open("/etc/snmp/snmpd.conf", O_RDONLY)  = 7
open("/etc/snmp/snmpd.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/snmpd.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/snmpd.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/var/lib/net-snmp/snmpd.0.conf", 0x7fff65f3c1b0) = -1 ENOENT (No such file or directory)
open("/var/lib/net-snmp/snmpd.conf", O_RDONLY) = 7
open("/var/lib/net-snmp/snmpd.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/snmp/snmp.conf", O_RDONLY)   = -1 ENOENT (No such file or directory)
open("/etc/snmp/snmp.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/snmp.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/snmp.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/var/lib/net-snmp/snmp.0.conf", 0x7fff65f3c1b0) = -1 ENOENT (No such file or directory)
open("/var/lib/net-snmp/snmp.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/var/lib/net-snmp/snmp.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/snmp/agentx.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/snmp/agentx.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/agentx.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/agentx.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/var/lib/net-snmp/agentx.0.conf", 0x7fff65f3c1b0) = -1 ENOENT (No such file or directory)
open("/var/lib/net-snmp/agentx.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/var/lib/net-snmp/agentx.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
read(7, " that is configured to turn the "..., 4096) = 4096
open("/etc/snmp/snmpd.conf", O_RDONLY)  = 7
open("/etc/snmp/snmpd.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/snmpd.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/snmpd.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/var/lib/net-snmp/snmpd.0.conf", 0x7fff65f3c1c0) = -1 ENOENT (No such file or directory)
open("/var/lib/net-snmp/snmpd.conf", O_RDONLY) = 7
open("/var/lib/net-snmp/snmpd.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/snmp/snmp.conf", O_RDONLY)   = -1 ENOENT (No such file or directory)
open("/etc/snmp/snmp.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/snmp.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/snmp.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/var/lib/net-snmp/snmp.0.conf", 0x7fff65f3c1c0) = -1 ENOENT (No such file or directory)
open("/var/lib/net-snmp/snmp.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/var/lib/net-snmp/snmp.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/snmp/agentx.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/snmp/agentx.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/agentx.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/snmp/agentx.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/var/lib/net-snmp/agentx.0.conf", 0x7fff65f3c1c0) = -1 ENOENT (No such file or directory)
open("/var/lib/net-snmp/agentx.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/var/lib/net-snmp/agentx.local.conf", O_RDONLY) = -1 ENOENT (No such file or directory)


Version-Release number of selected component (if applicable):
net-snmp-5.5-41.el6_3.1.x86_64

How reproducible:
Place a config file in /usr/share/snmp/tes-snmp.local.conf, according to the man pages it should be picked up, it is not.


Either the man pages should be updated to reflect reality (the man pages are pretty generic to begin with), or that behavior should be allowed. As is only a location like /usr/share/snmpd.local.conf is picked up.

Thanks,
-Erinn

Comment 2 Jan Safranek 2013-02-07 10:52:38 UTC
I admit the man page is quite confusing.

What about such text in DIRECTORIES SEARCHED section:

By default, the applications look for configuration files in the following 4
directories, in order: /etc/snmp, /usr/share/snmp, /usr/lib(64)/snmp, and
$HOME/.snmp. In each of these directories, it looks for files named
<type>.conf or <type>.local.conf (reading the second ones last), where <type> is type of the configuration file, e.g. 'snmpd' for configuration of the SNMP daemon or 'snmp' for configuration of client-side parameters.

Comment 3 Erinn Looney-Triggs 2013-02-07 14:26:41 UTC
That would seem to be a bit clearer to me at least. However, as I mentioned that isn't actually the behavior that I am experiencing at this point. I placed a config file in /usr/share/snmp/beanstalk-snmp.local.conf and it wasn't picked up. Looking at the strace shown above it is pretty clear that it is searching only for /usr/share/snmp/snmpd.local.conf and such. 

So unless I am missing the meaning of the man page, the code isn't acting like the man page says.

-Erinn

Comment 4 Jan Safranek 2013-02-08 10:10:49 UTC
(In reply to comment #3)
> I placed a config file in /usr/share/snmp/beanstalk-snmp.local.conf and it
> wasn't picked up. Looking at the strace shown above it is pretty clear that
> it is searching only for /usr/share/snmp/snmpd.local.conf and such. 

That means the description is not clear at all. It is not supposed to search for *snmp.local.conf. snmp tools (like snmpwalk) look for snmp.conf or snmp.local.conf. No '*' anywhere. snmpd looks for snmpd.conf, snmpd.local.conf, snmp.conf and snmp.local.conf. Again, no '*'. The same with snmptrapd and snmptrapd.conf.

How to rephrase "<type> is type of the configuration file, e.g. 'snmpd'" better?

Comment 5 Erinn Looney-Triggs 2013-02-08 16:54:34 UTC
Well re-reading that and understanding what I do know it is clear. I would also say that your rewrite is still a lot clearer than what is in the man page currently, so that is a step forward. 

This may be a bit clearer, or not:

By default, the applications look for configuration files in the following
directories, in order: /etc/snmp, /usr/share/snmp, /usr/lib(64)/snmp, and
$HOME/.snmp. In each of these directories, it looks for files named
snmp.conf and snmpd.conf, as well as snmp.local.conf and snmpd.local.conf, local.conf files are always read last.

Comment 6 Jan Safranek 2013-02-11 09:01:49 UTC
There is also snmptrapd.conf, but I get the idea. I'll make sure the man page gets updated.

Comment 7 Jan Safranek 2013-02-11 10:58:54 UTC
Created attachment 696033 [details]
man page patch

Checked in upstream as commit 9bd0413bfbdcd845413c135bbff8771fa7130809.

Comment 16 errata-xmlrpc 2013-11-21 22:48:02 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1693.html


Note You need to log in before you can comment on or make changes to this bug.