Page MenuHomePhabricator

Missing default value for 'set service snmp v3 user testUser1 auth type'
Closed, ResolvedPublicBUG

Description

When configuring snmpv3 in auth or priv mode it is allowed to not enter value for auth type command

set service snmp v3 user testUser1 auth type

In this case config is valid, but parser fails to add user credentials to snmp.conf file

set service snmp v3 engineid '0x0aa0d6c6f450'
set service snmp v3 group defaultgroup mode 'ro'
set service snmp v3 group defaultgroup seclevel 'priv'
set service snmp v3 group defaultgroup view 'defaultview'
set service snmp v3 view defaultview oid '1'

set service snmp v3 user testUser1 auth plaintext-key testUserKey1
set service snmp v3 user testUser1 auth type 'md5'
set service snmp v3 user testUser1 engineid '0x0aa0d6c6f450'
set service snmp v3 user testUser1 group 'defaultgroup'
set service snmp v3 user testUser1 mode 'ro'
set service snmp v3 user testUser1 privacy type aes
set service snmp v3 user testUser1 privacy plaintext-key testUserKey1

set service snmp v3 user testUser2 auth plaintext-key testUserKey2
set service snmp v3 user testUser2 engineid '0x0aa0d6c6f450'
set service snmp v3 user testUser2 group 'defaultgroup'
set service snmp v3 user testUser2 mode 'ro'
set service snmp v3 user testUser2 privacy type aes
set service snmp v3 user testUser2 privacy plaintext-key testUserKey2
commit

sudo cat /var/lib/snmp/snmpd.conf | grep User

Only "createUser" tokens should be placed here by snmpd administrators.

usmUser 1 3 0x80001f88802c6f3b0d5256325b00000000 "testUser1" "testUser1" NULL .1.3.6.1.6.3.10.1.1.2 0xa4496c4d6ed45c79531da14ec5db33fe .1.3.6.1.6.3.10.1.2.4 0xa4496c4d6ed45c79531da14ec5db33fe ""
usmUser 1 3 0x80001f88802c6f3b0d5256325b00000000 "vyattabbe728e9489a168e" "vyattabbe728e9489a168e" NULL .1.3.6.1.6.3.10.1.1.2 0xa235ad4eaf14e32bbe383b7ae7a12c14 .1.3.6.1.6.3.10.1.2.2 0xa235ad4eaf14e32bbe383b7ae7a12c14 ""

Only user which had auth type setting has been added to daemon configuration.

Solution is to assign a default value for auth type parameter, or make it mandatory as for privacy type

Details

Difficulty level
Unknown (require assessment)
Version
1.2.0-rolling+201806250436
Why the issue appeared?
Will be filled on close