From 4f1f372a0e705e932596b07fbb608ce1dd081c32 Mon Sep 17 00:00:00 2001 From: Jeffrey Townsend Date: Fri, 15 Apr 2016 16:51:36 +0000 Subject: [PATCH] - Add snmp tools - Enable snmp systemview with the ONL MIBS - ONL MIB package --- .../rootfs/jessie/common/common-packages.yml | 4 +- .../jessie/common/overlay/etc/snmp/snmpd.conf | 195 ++++++++++++++++++ .../any/rootfs/jessie/standard/standard.yml | 4 +- .../rootfs/wheezy/common/common-packages.yml | 5 +- .../wheezy/common/overlay/etc/snmp/snmpd.conf | 194 +++++++++++++++++ .../any/rootfs/wheezy/standard/standard.yml | 4 +- packages/base/any/onlp-snmpd/APKG.yml | 10 + 7 files changed, 407 insertions(+), 9 deletions(-) create mode 100644 builds/any/rootfs/jessie/common/overlay/etc/snmp/snmpd.conf create mode 100644 builds/any/rootfs/wheezy/common/overlay/etc/snmp/snmpd.conf diff --git a/builds/any/rootfs/jessie/common/common-packages.yml b/builds/any/rootfs/jessie/common/common-packages.yml index 74ef19c4..1b399128 100644 --- a/builds/any/rootfs/jessie/common/common-packages.yml +++ b/builds/any/rootfs/jessie/common/common-packages.yml @@ -36,8 +36,7 @@ - scapy - python-pypcap - snmpd -- lm-sensors -- fancontrol +- snmp - pciutils - usbutils - mtd-utils @@ -70,3 +69,4 @@ - onl-loader-initscripts - onlp-snmpd - oom-shim +- onl-mibs diff --git a/builds/any/rootfs/jessie/common/overlay/etc/snmp/snmpd.conf b/builds/any/rootfs/jessie/common/overlay/etc/snmp/snmpd.conf new file mode 100644 index 00000000..b885cb39 --- /dev/null +++ b/builds/any/rootfs/jessie/common/overlay/etc/snmp/snmpd.conf @@ -0,0 +1,195 @@ +############################################################################### +# +# EXAMPLE.conf: +# An example configuration file for configuring the Net-SNMP agent ('snmpd') +# See the 'snmpd.conf(5)' man page for details +# +# Some entries are deliberately commented out, and will need to be explicitly activated +# +############################################################################### +# +# AGENT BEHAVIOUR +# + +# Listen for connections from the local system only +agentAddress udp:127.0.0.1:161 +# Listen for connections on all interfaces (both IPv4 *and* IPv6) +agentAddress udp:161,udp6:[::1]:161 + + + +############################################################################### +# +# SNMPv3 AUTHENTICATION +# +# Note that these particular settings don't actually belong here. +# They should be copied to the file /var/lib/snmp/snmpd.conf +# and the passwords changed, before being uncommented in that file *only*. +# Then restart the agent + +# createUser authOnlyUser MD5 "remember to change this password" +# createUser authPrivUser SHA "remember to change this one too" DES +# createUser internalUser MD5 "this is only ever used internally, but still change the password" + +# If you also change the usernames (which might be sensible), +# then remember to update the other occurances in this example config file to match. + + + +############################################################################### +# +# ACCESS CONTROL +# + + # system + hrSystem groups only +view systemonly included .1.3.6.1.2.1.1 +view systemonly included .1.3.6.1.2.1.25.1 +view systemonly included .1.3.6.1.4.1.42623 + # Full access from the local host +rocommunity public localhost + # Default access to basic system info +rocommunity public default -V systemonly + # rocommunity6 is for IPv6 +rocommunity6 public default -V systemonly + + # Full access from an example network + # Adjust this network address to match your local + # settings, change the community string, + # and check the 'agentAddress' setting above +#rocommunity secret 10.0.0.0/16 + + # Full read-only access for SNMPv3 + rouser authOnlyUser + # Full write access for encrypted requests + # Remember to activate the 'createUser' lines above +#rwuser authPrivUser priv + +# It's no longer typically necessary to use the full 'com2sec/group/access' configuration +# r[ow]user and r[ow]community, together with suitable views, should cover most requirements + + + +############################################################################### +# +# SYSTEM INFORMATION +# + +# Note that setting these values here, results in the corresponding MIB objects being 'read-only' +# See snmpd.conf(5) for more details +sysLocation Sitting on the Dock of the Bay +sysContact Me + # Application + End-to-End layers +sysServices 72 + + +# +# Process Monitoring +# + # At least one 'mountd' process +proc mountd + # No more than 4 'ntalkd' processes - 0 is OK +proc ntalkd 4 + # At least one 'sendmail' process, but no more than 10 +proc sendmail 10 1 + +# Walk the UCD-SNMP-MIB::prTable to see the resulting output +# Note that this table will be empty if there are no "proc" entries in the snmpd.conf file + + +# +# Disk Monitoring +# + # 10MBs required on root disk, 5% free on /var, 10% free on all other disks +disk / 10000 +disk /var 5% +includeAllDisks 10% + +# Walk the UCD-SNMP-MIB::dskTable to see the resulting output +# Note that this table will be empty if there are no "disk" entries in the snmpd.conf file + + +# +# System Load +# + # Unacceptable 1-, 5-, and 15-minute load averages +load 12 10 5 + +# Walk the UCD-SNMP-MIB::laTable to see the resulting output +# Note that this table *will* be populated, even without a "load" entry in the snmpd.conf file + + + +############################################################################### +# +# ACTIVE MONITORING +# + + # send SNMPv1 traps + trapsink localhost public + # send SNMPv2c traps +#trap2sink localhost public + # send SNMPv2c INFORMs +#informsink localhost public + +# Note that you typically only want *one* of these three lines +# Uncommenting two (or all three) will result in multiple copies of each notification. + + +# +# Event MIB - automatically generate alerts +# + # Remember to activate the 'createUser' lines above +iquerySecName internalUser +rouser internalUser + # generate traps on UCD error conditions +defaultMonitors yes + # generate traps on linkUp/Down +linkUpDownNotifications yes + + + +############################################################################### +# +# EXTENDING THE AGENT +# + +# +# Arbitrary extension commands +# + extend test1 /bin/echo Hello, world! + extend-sh test2 echo Hello, world! ; echo Hi there ; exit 35 +#extend-sh test3 /bin/sh /tmp/shtest + +# Note that this last entry requires the script '/tmp/shtest' to be created first, +# containing the same three shell commands, before the line is uncommented + +# Walk the NET-SNMP-EXTEND-MIB tables (nsExtendConfigTable, nsExtendOutput1Table +# and nsExtendOutput2Table) to see the resulting output + +# Note that the "extend" directive supercedes the previous "exec" and "sh" directives +# However, walking the UCD-SNMP-MIB::extTable should still returns the same output, +# as well as the fuller results in the above tables. + + +# +# "Pass-through" MIB extension command +# +#pass .1.3.6.1.4.1.8072.2.255 /bin/sh PREFIX/local/passtest +#pass .1.3.6.1.4.1.8072.2.255 /usr/bin/perl PREFIX/local/passtest.pl + +# Note that this requires one of the two 'passtest' scripts to be installed first, +# before the appropriate line is uncommented. +# These scripts can be found in the 'local' directory of the source distribution, +# and are not installed automatically. + +# Walk the NET-SNMP-PASS-MIB::netSnmpPassExamples subtree to see the resulting output + + +# +# AgentX Sub-agents +# + # Run as an AgentX master agent + master agentx + # Listen for network connections (from localhost) + # rather than the default named socket /var/agentx/master +#agentXSocket tcp:localhost:705 diff --git a/builds/any/rootfs/jessie/standard/standard.yml b/builds/any/rootfs/jessie/standard/standard.yml index 49775888..071dc193 100644 --- a/builds/any/rootfs/jessie/standard/standard.yml +++ b/builds/any/rootfs/jessie/standard/standard.yml @@ -57,8 +57,8 @@ Configure: update-rc.d: - 'faultd defaults' - 'onlpd defaults' - - 'snmpd remove' - - 'onlp-snmpd remove' + - 'snmpd defaults' + - 'onlp-snmpd defaults' - 'ssh defaults' - 'openbsd-inetd remove' - 'ntp remove' diff --git a/builds/any/rootfs/wheezy/common/common-packages.yml b/builds/any/rootfs/wheezy/common/common-packages.yml index 5857b0f2..c60d3f33 100644 --- a/builds/any/rootfs/wheezy/common/common-packages.yml +++ b/builds/any/rootfs/wheezy/common/common-packages.yml @@ -34,8 +34,7 @@ - scapy - python-pypcap - snmpd -- lm-sensors -- fancontrol +- snmp - pciutils - usbutils - mtd-utils @@ -69,5 +68,5 @@ - onl-loader-initscripts - onlp-snmpd - oom-shim - +- onl-mibs diff --git a/builds/any/rootfs/wheezy/common/overlay/etc/snmp/snmpd.conf b/builds/any/rootfs/wheezy/common/overlay/etc/snmp/snmpd.conf new file mode 100644 index 00000000..e37e8f26 --- /dev/null +++ b/builds/any/rootfs/wheezy/common/overlay/etc/snmp/snmpd.conf @@ -0,0 +1,194 @@ +############################################################################### +# +# EXAMPLE.conf: +# An example configuration file for configuring the Net-SNMP agent ('snmpd') +# See the 'snmpd.conf(5)' man page for details +# +# Some entries are deliberately commented out, and will need to be explicitly activated +# +############################################################################### +# +# AGENT BEHAVIOUR +# + +# Listen for connections from the local system only +#agentAddress udp:127.0.0.1:161 +# Listen for connections on all interfaces (both IPv4 *and* IPv6) +agentAddress udp:161,udp6:[::1]:161 + + + +############################################################################### +# +# SNMPv3 AUTHENTICATION +# +# Note that these particular settings don't actually belong here. +# They should be copied to the file /var/lib/snmp/snmpd.conf +# and the passwords changed, before being uncommented in that file *only*. +# Then restart the agent + +# createUser authOnlyUser MD5 "remember to change this password" +# createUser authPrivUser SHA "remember to change this one too" DES +# createUser internalUser MD5 "this is only ever used internally, but still change the password" + +# If you also change the usernames (which might be sensible), +# then remember to update the other occurances in this example config file to match. + + + +############################################################################### +# +# ACCESS CONTROL +# + + # system + hrSystem groups only +view systemonly included .1.3.6.1.2.1.1 +view systemonly included .1.3.6.1.2.1.25.1 +view systemonly included .1.3.6.1.4.1.42623 + + # Full access from the local host +rocommunity public localhost + # Default access to basic system info +rocommunity public default -V systemonly + + # Full access from an example network + # Adjust this network address to match your local + # settings, change the community string, + # and check the 'agentAddress' setting above +#rocommunity secret 10.0.0.0/16 + + # Full read-only access for SNMPv3 + rouser authOnlyUser + # Full write access for encrypted requests + # Remember to activate the 'createUser' lines above +#rwuser authPrivUser priv + +# It's no longer typically necessary to use the full 'com2sec/group/access' configuration +# r[ou]user and r[ow]community, together with suitable views, should cover most requirements + + + +############################################################################### +# +# SYSTEM INFORMATION +# + +# Note that setting these values here, results in the corresponding MIB objects being 'read-only' +# See snmpd.conf(5) for more details +sysLocation Sitting on the Dock of the Bay +sysContact Me + # Application + End-to-End layers +sysServices 72 + + +# +# Process Monitoring +# + # At least one 'mountd' process +proc mountd + # No more than 4 'ntalkd' processes - 0 is OK +proc ntalkd 4 + # At least one 'sendmail' process, but no more than 10 +proc sendmail 10 1 + +# Walk the UCD-SNMP-MIB::prTable to see the resulting output +# Note that this table will be empty if there are no "proc" entries in the snmpd.conf file + + +# +# Disk Monitoring +# + # 10MBs required on root disk, 5% free on /var, 10% free on all other disks +disk / 10000 +disk /var 5% +includeAllDisks 10% + +# Walk the UCD-SNMP-MIB::dskTable to see the resulting output +# Note that this table will be empty if there are no "disk" entries in the snmpd.conf file + + +# +# System Load +# + # Unacceptable 1-, 5-, and 15-minute load averages +load 12 10 5 + +# Walk the UCD-SNMP-MIB::laTable to see the resulting output +# Note that this table *will* be populated, even without a "load" entry in the snmpd.conf file + + + +############################################################################### +# +# ACTIVE MONITORING +# + + # send SNMPv1 traps + trapsink localhost public + # send SNMPv2c traps +#trap2sink localhost public + # send SNMPv2c INFORMs +#informsink localhost public + +# Note that you typically only want *one* of these three lines +# Uncommenting two (or all three) will result in multiple copies of each notification. + + +# +# Event MIB - automatically generate alerts +# + # Remember to activate the 'createUser' lines above +iquerySecName internalUser +rouser internalUser + # generate traps on UCD error conditions +defaultMonitors yes + # generate traps on linkUp/Down +linkUpDownNotifications yes + + + +############################################################################### +# +# EXTENDING THE AGENT +# + +# +# Arbitrary extension commands +# + extend test1 /bin/echo Hello, world! + extend-sh test2 echo Hello, world! ; echo Hi there ; exit 35 +#extend-sh test3 /bin/sh /tmp/shtest + +# Note that this last entry requires the script '/tmp/shtest' to be created first, +# containing the same three shell commands, before the line is uncommented + +# Walk the NET-SNMP-EXTEND-MIB tables (nsExtendConfigTable, nsExtendOutput1Table +# and nsExtendOutput2Table) to see the resulting output + +# Note that the "extend" directive supercedes the previous "exec" and "sh" directives +# However, walking the UCD-SNMP-MIB::extTable should still returns the same output, +# as well as the fuller results in the above tables. + + +# +# "Pass-through" MIB extension command +# +#pass .1.3.6.1.4.1.8072.2.255 /bin/sh PREFIX/local/passtest +#pass .1.3.6.1.4.1.8072.2.255 /usr/bin/perl PREFIX/local/passtest.pl + +# Note that this requires one of the two 'passtest' scripts to be installed first, +# before the appropriate line is uncommented. +# These scripts can be found in the 'local' directory of the source distribution, +# and are not installed automatically. + +# Walk the NET-SNMP-PASS-MIB::netSnmpPassExamples subtree to see the resulting output + + +# +# AgentX Sub-agents +# + # Run as an AgentX master agent + master agentx + # Listen for network connections (from localhost) + # rather than the default named socket /var/agentx/master +#agentXSocket tcp:localhost:705 diff --git a/builds/any/rootfs/wheezy/standard/standard.yml b/builds/any/rootfs/wheezy/standard/standard.yml index 3010b68d..fe72a3b8 100644 --- a/builds/any/rootfs/wheezy/standard/standard.yml +++ b/builds/any/rootfs/wheezy/standard/standard.yml @@ -57,8 +57,8 @@ Configure: update-rc.d: - 'faultd defaults' - 'onlpd defaults' - - 'snmpd remove' - - 'onlp-snmpd remove' + - 'snmpd defaults' + - 'onlp-snmpd defaults' - 'ssh defaults' - 'openbsd-inetd remove' - 'ntp remove' diff --git a/packages/base/any/onlp-snmpd/APKG.yml b/packages/base/any/onlp-snmpd/APKG.yml index 6d23b694..25c598b6 100644 --- a/packages/base/any/onlp-snmpd/APKG.yml +++ b/packages/base/any/onlp-snmpd/APKG.yml @@ -20,6 +20,16 @@ packages: changelog: Change changes changes., + - name: onl-mibs + version: 1.0.0 + summary: ONL MIB Package + arch: all + + files: + ${ONL}/docs/mibs/ : /usr/share/snmp/mibs + + changelog: Change changes changes., +