Skip to content

Instantly share code, notes, and snippets.

@plembo

plembo/fixsnmpdubu.md

Last active December 8, 2020 15:32
Show Gist options
  • Save plembo/a483175e66dfe474b8d5442d295b23ff to your computer and use it in GitHub Desktop.
Save plembo/a483175e66dfe474b8d5442d295b23ff to your computer and use it in GitHub Desktop.
Download ZIP
Fixing SNMPD on Ubuntu
Raw
fixsnmpdubu.md

Fixing SNMPD on Ubuntu

SNMP is a foundational protocol for enterprise network and system management. Getting it right shows that a vendor actually cares about servicing IT in the enterprise. Debian, and its downstream progeny, Ubuntu, ship a configuration for the SNMP server, snmpd, that's so broken it positively screams "I don't care".

This brokenness is a known thing. The following bug reports go back to , but nothing has been done to address them:

The following has been tested on both Ubuntu 16.04 LTS and 18.04 LTS.

First steps

Make sure both the snmpd and snmp packages are installed.

Also install snmp-mibs-downloader to get the standard, basic, MIBS required to use SNMP. Why Debian and Ubuntu don't include these in their default installs, when they have no problem shipping the patent and copyright encumbered ffmpeg libraries by default.

Configuration changes

/etc/default/snmpd on Ubuntu 16.04 LTS

# This file controls the activity of snmpd

# Don't load any MIBs by default.
# You might comment this lines once you have the MIBs downloaded.
# export MIBS=

# snmpd control (yes means start daemon).
SNMPDRUN=yes

# snmpd options (use syslog, close stdin/out/err).
# SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux,mteTrigger,mteTriggerConf -p /run/snmpd.pid'
# SNMPDOPTS='-LS6d -Lf /dev/null -u snmp -g snmp -l -smux -p /var/run/snmpd.pid'
# TRAPDOPTS='-LS6d -p /var/run/snmpdtrapd.pid'
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /run/snmpd.pid'

/etc/default/snmpd on Ubuntu 18.04 LTS

# This file controls the behaviour of /etc/init.d/snmpd
# but not of the corresponding systemd service file.
# If needed, create an override file in
# /etc/systemd/system/snmpd.service.d/local.conf
# see man 5 systemd.unit and man 5 systemd.service

# Don't load any MIBs by default.
# You might comment this lines once you have the MIBs downloaded.
# export MIBS=

# snmpd control (yes means start daemon).
SNMPDRUN=yes

# snmpd options (use syslog, close stdin/out/err).
# SNMPDOPTS='-Lsd -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux,mteTrigger,mteTriggerConf -p /run/snmpd.pid'
SNMPDOPTS='-Lsd -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux -p /run/snmpd.pid'

As you can see, in Ubuntu 18.04 Canonical doesn't even try to customize the Debian package any more.

/etc/snmp/snmp.conf

# As the snmp packages come without MIB files due to license reasons, loading
# of MIBs is disabled by default. If you added the MIBs you can reenable
# loading them by commenting out the following line.
# mibs :

/etc/snmp/snmpd.conf

agentAddress udp:161,udp6:[::1]:161
view   systemonly  included   .1.3.6.1.2.1.1
view   systemonly  included   .1.3.6.1.2.1.25.1

rocommunity home  localhost
rocommunity home  192.168.0.0/24

sysLocation    Casa Lembo
sysContact     Administrator <[email protected]>
sysServices    72

proc  mountd
proc  ntalkd    4
proc  sendmail 10 1
disk       /     10000
disk       /var  5%
includeAllDisks  10%
load   12 10 5
trapsink     localhost home
iquerySecName   internalUser       
rouser          internalUser
defaultMonitors          yes
linkUpDownNotifications  yes

extend    test1   /bin/echo  Hello, world!
extend-sh test2   echo Hello, world! ; echo Hi there ; exit 35

master          agentx

I've removed all the comments and commented parameters so only the active configuration is shown.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment