| Age | Commit message (Collapse) | Author |
|---|
|
Ability to listen TCP port for service SNMP
set service snmp protocol tcp
|
|
- Remove all old ifTable entries with the same ifName as newly appeared
interface (with different ifIndex) - this is the case on e.g. ppp interfaces
- Add new op-mode command "restart snmp" to restart the daemon
(cherry picked from commit 79a02470c4f9f2184913a959545b54a2dfd76d1e)
|
|
As of now when adding new credentials for any SNMPv3 user we submit the
credential either plaintext or encrypted. A plaintext credential will be hashed
by SNMPd in the background and then passed back into the CLI so it's not stored
in cleartext. This feels like the wrong way in changing the CLI content with
data produced by a 3rd party daemon which implements the service.
It feels like the tail wiggles the entire dog.
This should be changed in the following way:
- After retrieving the plaintext password from CLI, use Python to hash the key
in advance
- Re-populate the encrypted key into the CLI and drop the plaintext one
- Generate service configuration and continue startup of SNMPd
This also fixes a race condition when SNMPd started up but not properly
provided the hasehd keys in the configuration resulting in a ConfigurationError.
Now as we also support binding SNMPd to a VRF this fixes a deadlock situation
on bootup as we can only bind late to the VRF and require up to 5 restarts of
the service - but the service will never start.
|
|
|
