Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

7.154. net-snmp

Updated net-snmp packages that fix several bugs are now available for Red Hat Enterprise Linux 6.
The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat utility which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser.

Bug Fixes

Previously, there was a limit of 50 exec entries in the /etc/snmp/snmpd.conf congiguration file. With more than 50 such entries in the file, the snmpd daemon reported the following error message:
Error: No further UCD-compatible entries
With this update, the fixed limit has been removed, and there can now be any number of exec entries in /etc/snmp/snmpd.conf.
Prior to this update, the and libraries did not contain an RPATH entry to the package for embedding Perl. This could cause problems when linking custom SNMP applications or modules. An upstream patch, which adds RPATH for the Perl libraries, has been provided, and all references are now resolved.
Previously, the snmpd daemon ignored the trapsess -e <engineID> configuration option in the /etc/snmp/snmpd.conf file and sent a default engineID string even if trapsess was configured with an explicit engineID value. An upstream patch has been provided to fix this bug and snmpd now sends outgoing traps with an engineID string as specified in /etc/snmp/snmpd.conf.
Due to a possible race condition, the snmpd daemon could fail to count some processes when filling in the UCD-SNMP-MIB::prTable table. With this update, the underlying source code has been adapted to prevent such a race condition, so that all processes are now counted as expected.
Prior to this update, the snmpd daemon ignored the port number of the clientaddr option when specifying the source address of outgoing SNMP requests. As a consequence, the system assigned a random port number to the udp socket. This update introduces a new configuration option clientaddrUsesPort, which, if set to yes, allows to specify both the port number and the source IP address in the clientaddr option. Now, administrators can increase security with firewall rules and SELinux policies by configuring a specific source port of outgoing traps and other requests.
When the snmpd daemon was shutting down during processing of internal queries, a request was neither marked as failed nor finished, and snmpd waited indefinitely for the request to be processed. With this update, snmpd marks all internal queries as failed during shutdown.
Previously, implementation of the UCD-SNMP-MIB::extCommand variable in the snmpd daemon reported only names of the executable parameters, missing all other command line parameters. With this update, UCD-SNMP-MIB::extCommand has been fixed and snmpd returns the full command line output.
Previously, snmptrapd(8) manual page did not properly describe how to load multiple configuration files using the -c option. With this update, the manual page has been fixed and describes that multiple configuration files must be separated by the comma character.
BZ#846532, BZ#861152
In the previous net-snmp update, implementation of the HOST-RESOURCES-MIB::hrStorageTable table was rewritten and devices with CentraVision File System (CVFS) and OpenVZ container file systems (simfs) were not reported. With this update, the snmpd daemon properly recognizes CVFS and simfs devices and reports them in HOST-RESOURCES-MIB::hrStorageTable.
When the snmpd daemon was not able to expand 32-bit counter provided by the operating system to 64-bits, as required by SNMP standards, the snmpd daemon occasionally reported the following error messages:
c64 32 bit check failed
Error expanding XXX to 64bits
looks like a 64bit wrap, but prev!=new
These messages were in fact harmless but confusing. This update suppresses them and they are no longer returned in the described scenario.
The snmpd daemon reported an error message to system log files when it could not open the following files: /proc/net/if_inet6, /proc/net/snmp6, /proc/net/ipv6_route, /proc/net/tcp6, and /proc/net/udp6. These files are typically missing on machines with disabled IPv6 networking, and thus reporting such error messages for them is meaningless. With this update, the error messages are suppressed, and the system log files are not filled with redundant messages.
Prior to this update, the net-snmp utility failed to read the diskIOLA1, diskIOLA5, and diskIOLA15 object variables of the UCD-DISKIO-MIB object, as these variables were not implemented on the Linux operating system. Consequently, the snmptable utility failed to return values of the three variables correctly. With this update, these objects are implemented and their values are now displayed in the UCD-DISKIO-MIB::diskIOTable table as expected.
Previously, the snmpd daemon was updated to send an SNMP response to broadcast requests from the same interface, on which a SNMP response had been received. However, this update also introduced a bug which prevented snmpd from sending responses to unicast request on multihomed machines. This update fixes this bug, so the snmpd daemon is now able to both answer unicast requests on multihomed machines and send responses to broadcast requests from the same interface, on which the request has been received.
Previously, the snmptrapd daemon terminated the embedded Perl interpreter immediately after the TERM signal was received, regardless of whether embedded Perl code was still being used. Consequently, snmptrapd could rarely terminate unexpectedly during shutdown. With this update, the embedded Perl interpreter is destroyed later during the snmptrapd shutdown, when all Perl processing is finished.
Users of net-snmp are advised to upgrade to these updated packages, which fix these bugs.