From dd6a8df9677aff9c7906e98c41cfcc52f89b50c29326c69a9a82f19a4934dca4 Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Tue, 12 Apr 2016 17:00:22 +0000 Subject: [PATCH] Accepting request 386493 from net-snmp:factory removing md5 and des disablement (changes entry exited already bsc#944302) (forwarded request 386328 from abergmann) OBS-URL: https://build.opensuse.org/request/show/386493 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/net-snmp?expand=0&rev=79 --- net-snmp.changes | 8 ++++++++ net-snmp.spec | 3 ++- net-snmp.sysconfig | 26 +++++++++++++++++++++++++- rc.snmpd | 26 ++++++++++++++++++-------- rc.snmptrapd | 19 ++++++++++++++++--- 5 files changed, 69 insertions(+), 13 deletions(-) diff --git a/net-snmp.changes b/net-snmp.changes index ae8a04c..30a7873 100644 --- a/net-snmp.changes +++ b/net-snmp.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Tue Mar 15 09:09:41 UTC 2016 - abergmann@suse.com + +- make snmpd and snmptrapd log message destination configurable + for syslog or a dedicated log file. (bsc#695677) +- make snmpd and snmptrapd listening address(es) configurable via + the sysconfig file. + ------------------------------------------------------------------- Mon Feb 15 20:38:20 UTC 2016 - astieger@suse.com diff --git a/net-snmp.spec b/net-snmp.spec index accfd3f..62dc5b2 100644 --- a/net-snmp.spec +++ b/net-snmp.spec @@ -238,8 +238,9 @@ autoreconf --enable-local-smux \ --enable-ipv6 \ --enable-ucd-snmp-compatibility \ - --with-security-modules=tsm \ + --with-security-modules=tsm \ --with-transports=TLSTCP,DTLSUDP + # Parallel building is disabled because dependencies between the Perl # module and libnetsnmp are not correctly defined. make #%{?_smp_mflags} diff --git a/net-snmp.sysconfig b/net-snmp.sysconfig index 9517257..6617366 100644 --- a/net-snmp.sysconfig +++ b/net-snmp.sysconfig @@ -3,7 +3,7 @@ ## Type: string(!,a,c,e,w,n,i,d,0,1,2,3,4,5,6,7) ## Default: n # -# Defines the log level for snmpd. +# Defines the log level for snmpd and snmptrapd. # # The default is "n" (5, LOG_NOTICE) # @@ -34,3 +34,27 @@ SNMPD_USE_SMUX="yes" # The default is "yes" to provide backward compatibility. # SNMPD_LOG_SUCCESSFUL_CONNECTIONS="yes" + +## Path: System/Net-SNMP +## Description: Log Destination +## Type: string(F,S) +## Default: S +# +# Defines the log destination for snmpd and snmptrapd. +# +# By setting it to "F", snmpd will write log messages into '/var/log/net-snmpd.log'. +# +# The default is "S" to log messages through the syslog service. +# +SNMPD_LOGDEST="S" + +## Path: System/Net-SNMP +## Description: Listening IP addresses +## Type: string +## Default: "" (empty - listen on all interfaces) +# +# Defines the IP address(es) that snmpd and snmptrapd binds to. +# If no address is defined the daemon will listen on all interfaces. +# +SNMPD_LISTEN="" + diff --git a/rc.snmpd b/rc.snmpd index 8f1656f..9c992e0 100644 --- a/rc.snmpd +++ b/rc.snmpd @@ -79,17 +79,27 @@ case "$1" in start) echo -n "Starting snmpd" # + # log destination "F" for file. # do not even try to start if the log file is (2GB-1MB) big. # the snmpd doesnt handle LFS properly # - SNMPD_LOGFILE="${SNMPD_LOGFILE:-/var/log/net-snmpd.log}" - if [ -e "$SNMPD_LOGFILE" ] ; then - SNMPD_SIZE_LOGFILE="$(stat -c "%s" $SNMPD_LOGFILE)" - SNMPD_SIZE_MAX="1073741824" - if [ $SNMPD_SIZE_LOGFILE -gt $SNMPD_SIZE_MAX ] ; then - echo -e "\n\"$SNMPD_LOGFILE\" is too large. Running 'logrotate' for net-snmp." >&2 - /usr/sbin/logrotate /etc/logrotate.d/net-snmp + if [ ${SNMPD_LOGDEST:-F} = "F" ]; then + SNMPD_LOGTARGET="${SNMPD_LOGTARGET:-/var/log/net-snmpd.log}" + if [ -e "$SNMPD_LOGTARGET" ] ; then + SNMPD_SIZE_LOGFILE="$(stat -c "%s" $SNMPD_LOGTARGET)" + SNMPD_SIZE_MAX="1073741824" + if [ $SNMPD_SIZE_LOGFILE -gt $SNMPD_SIZE_MAX ] ; then + echo -e "\n\"$SNMPD_LOGTARGET\" is too large. Running 'logrotate' for net-snmp." >&2 + /usr/sbin/logrotate /etc/logrotate.d/net-snmp + fi + fi fi + # + # log destination "S" for syslog. + # define syslog facility to 'd' for LOG_DAEMON. + # + if [ ${SNMPD_LOGDEST:-F} = "S" ]; then + SNMPD_LOGTARGET="d" fi get_agents # Don't add -c /etc/snmp/snmpd.conf, as it is loaded by default. @@ -112,7 +122,7 @@ case "$1" in if [ ! -d /var/run/agentx ]; then mkdir -m 0700 /var/run/agentx fi - startproc $SNMPD $SNMPDCONF -r -A -LF ${SNMPD_LOGLEVEL:-n} $SNMPD_LOGFILE -p $SNMPD_PID $agentargs $SNMPDNOSMUX $SNMPDNOTCPWRAPPERLOG + startproc $SNMPD $SNMPDCONF -r -A -L${SNMPD_LOGDEST:-F} ${SNMPD_LOGLEVEL:-n} $SNMPD_LOGTARGET -p $SNMPD_PID $agentargs $SNMPDNOSMUX $SNMPDNOTCPWRAPPERLOG $SNMPD_LISTEN rc_status -v rc_reset diff --git a/rc.snmptrapd b/rc.snmptrapd index 4412d3d..6a0d22a 100644 --- a/rc.snmptrapd +++ b/rc.snmptrapd @@ -17,7 +17,7 @@ SNMPTRAPD=/usr/sbin/snmptrapd SNMPTRAPD_CONF="/etc/snmp/snmptrapd.conf" -SNMPTRAPD_LOGFILE="/var/log/net-snmpd.log" +SNMPTRAPD_LOGTARGET="/var/log/net-snmpd.log" SNMPTRAPD_PID="/var/run/snmptrapd.pid" test -x $SNMPTRAPD || { echo "$SNMPTRAPD not installed"; @@ -66,11 +66,24 @@ if [ $SNMPTRAPD_CONF = "/etc/snmp/snmptrapd.conf" ]; then else SNMPTRAPD_CONF="-c $SNMPTRAPD_CONF" fi -SNMPTRAPD_LOGFILE="${SNMPTRAPD_LOGFILE:-/var/log/net-snmpd.log}" +# +# If log destination is set to "F" define a log file. +# +if [ ${SNMPD_LOGDEST:-S} = "F" ]; then + SNMPTRAPD_LOGTARGET="${SNMPTRAPD_LOGTARGET:-/var/log/net-snmpd.log}" +fi +# +# If log destionation is set to "S" use syslog LOG_DAEMON facility. +# +if [ ${SNMPD_LOGDEST:-S} = "S" ]; then + SNMPTRAPD_LOGTARGET="d" +fi + case "$1" in start) echo -n "Starting snmptrapd: " - startproc $SNMPTRAPD $SNMPTRAPD_CONF -A -LF ${SNMPD_LOGLEVEL:-n} $SNMPTRAPD_LOGFILE -p $SNMPTRAPD_PID + startproc $SNMPTRAPD $SNMPTRAPD_CONF -A -L${SNMPD_LOGDEST:-S} ${SNMPD_LOGLEVEL:-n} $SNMPTRAPD_LOGTARGET -p $SNMPTRAPD_PID $SNMPD_LISTEN + rc_status -v ;; stop)