Support User defined community string for enable snmp on Cumulus Switches (#3818)

* Support User defined community string for enable snmp on Cumulus Switches * modify comment from yangsong * Modify code from review comments
2025-05-29 09:13:08 +00:00 · 2017-09-03 22:04:06 -04:00 · 2017-09-03 22:04:06 -04:00 · 51ad6fd511
commit 51ad6fd511
parent 46fca11b0a
2 changed files with 93 additions and 17 deletions
--- a/xCAT-server/share/xcat/mypostscript/mypostscript.tmpl
+++ b/xCAT-server/share/xcat/mypostscript/mypostscript.tmpl
@ -148,6 +148,25 @@ export CFGMGR
 CFGSERVER=#TABLE:cfgmgt:$NODE:cfgserver#
 export CFGSERVER

+## Switch relate attributes for this node
+SWITCHNAME=#TABLE:switches:$NODE:switch#
+export SWITCHNAME
+
+SNMPVERSION=#TABLE:switches:$NODE:snmpversion#
+export SNMPVERSION 
+
+SNMPUSER=#TABLE:switches:$NODE:username#
+export SNMPUSER 
+
+SNMPPASSWD=#TABLE:switches:$NODE:password#
+export SNMPPASSWD 
+
+SNMPPRIV=#TABLE:switches:$NODE:privacy#
+export SNMPPRIV 
+
+SNMPAUTH=#TABLE:switches:$NODE:auth#
+export SNMPAUTH 
+
 #CFGMGTINFO_EXPORT#

 #INCLUDE:/opt/xcat/share/xcat/mypostscript/mypostscript_cloud.tmpl#
--- a/xCAT/postscripts/enablesnmp
+++ b/xCAT/postscripts/enablesnmp
@ -7,27 +7,84 @@ if ! cat /etc/os-release |grep -i  '^NAME=[ "]*Cumulus Linux[ "]*$' >/dev/null 2
    exit 2
 fi

+#define conf file
 snmp_conf="/etc/snmp/snmpd.conf"
-if [ -f "$snmp_conf" ] && grep -w '#xCAT customized snmpd configuration' $snmp_conf;then
-    echo "The snmp has already been configured. Do nothing..."
-    exit 0
+if [ ! -f  "$snmp_conf" ]; then
+    echo "/etc/snmp/snmpd.conf doesn't not exist"
+    exit -1
 fi

-[ -f  "$snmp_conf" ] || exit -1
-
-[ -z "$snmp_user" ] && snmp_user="xcatadmin"
-[ -z "$snmp_passwd" ] && snmp_passwd="xcatpassw0rd"
-
 [ -f ${snmp_conf}.orig ] || cp $snmp_conf ${snmp_conf}.orig
-sed -i "1i\#xCAT customized snmpd configuration" $snmp_conf
-sed -i "/^\s*agentAddress/s/^/#/" $snmp_conf
-sed -i '/agentAddress udp\:161\,udp6\:\[\:\:1\]\:161/s/^#//' $snmp_conf
-sed -i "/rocommunity\s*public\s*default/s/^#//" $snmp_conf
-sed -i "/rocommunity\s*public\s*default\s*-V\s*systemonly/s/^#//" $snmp_conf
-sed -i "/#\s*createUser\s*authPrivUser\s*SHA/{n;s/^.*$/createUser $snmp_user SHA $snmp_passwd/}" $snmp_conf
-sed -i "/#rwuser\s*authPrivUser\s*priv/{n;s/^.*$/rwuser $snmp_user/}" $snmp_conf
-sed -i "/view\s*systemonly\s*included\s*.1.3.6.1.2.1.17/s/^#//" $snmp_conf
-sed -i "/pass_persist\s*.1.3.6.1.2.1.17\s*\/usr\/share\/snmp\/bridge_pp.py/s/^#//" $snmp_conf
+
+#get snmp attribute
+#NOTE: the length of SNMP Password has to be min=8 
+xCATSettingsSTART="xCAT settings START"
+xCATSettingsEND="xCAT settings END"
+xCATSettingsOID="xCAT customized"
+xCATSettingsInfo="Entries between the START and END lines will be replaced each time by running enablesnmp"
+snmpversion=$SNMPVERSION
+snmpuser=$SNMPUSER
+snmppwd=$SNMPPASSWD
+snmppriv=$SNMPPRIV
+snmpauth=$SNMPAUTH
+snmpc=$SNMPC
+community="public"
+
+#Get cumulus orig conf file 
+grep "$xCATSettingsOID" $snmp_conf 2>&1 1> /dev/null
+if [ $? -eq 0 ]; then
+    cp ${snmp_conf}.cumulus $snmp_conf
+fi
+
+grep "$xCATSettingsSTART" $snmp_conf 2>&1 1> /dev/null
+if [ $? -eq 0 ]; then
+    #remove the previous snmp rule generated by xCAT
+    sed -i "/$xCATSettingsSTART/,/$xCATSettingsEND/ d" $snmp_conf
+else
+    sed -i "/^\s*agentAddress/s/^/#/" $snmp_conf
+    sed -i '/agentAddress udp\:161\,udp6\:\[\:\:1\]\:161/s/^#//' $snmp_conf
+    sed -i "/view\s*systemonly\s*included\s*.1.3.6.1.2.1.17/s/^#//" $snmp_conf
+    sed -i "/pass_persist\s*.1.3.6.1.2.1.17\s*\/usr\/share\/snmp\/bridge_pp.py/s/^#//" $snmp_conf
+fi
+
+
+# Mark the start of xCAT section
+echo "# $xCATSettingsSTART" >> $snmp_conf
+echo "# $xCATSettingsInfo" >> $snmp_conf
+
+if [ "$snmpversion" = "3" ]; then
+    #set up snmp version 3
+    if [ -n "$snmpuser" ] && [ -n "$snmpauth" ] && [ -n "$snmppwd" ]; then
+        len=${#snmppwd}
+        if [ $len -lt 8 ]; then
+            echo "SNMP v3 specification requires password to have a minimum of 8 characters"
+            echo "# $xCATSettingsEND" >> $snmp_conf
+            exit -1
+        fi
+        snmpauth=`echo $snmpauth | tr '[a-z]' '[A-Z]'`
+        if [ -n "$snmppriv" ]; then
+            snmppriv=`echo $snmppriv | tr '[a-z]' '[A-Z]'`
+            echo "createUser $snmpuser $snmpauth $snmppwd $snmppriv $snmppwd" >> $snmp_conf
+            echo "rwuser $snmpuser" >> $snmp_conf
+        else
+            echo "createUser $snmpuser $snmpauth $snmppwd" >> $snmp_conf
+            echo "rouser $snmpuser" >> $snmp_conf
+        fi
+    else
+        echo "Please define user/password/auth for SNMP v3 specification"
+        echo "# $xCATSettingsEND" >> $snmp_conf
+        exit -1
+    fi
+elif [ -n "$snmppwd" ]; then
+    community=$snmppwd
+elif [ -n "$snmpc" ]; then
+    community=$snmpc
+fi 
+
+echo "rocommunity $community default" >> $snmp_conf
+echo "rocommunity $community default -V systemonly" >> $snmp_conf
+
+echo "# $xCATSettingsEND" >> $snmp_conf

 #create snmpd restart conf file
 mkdir -p /etc/systemd/system/snmpd.service.d