-
Notifications
You must be signed in to change notification settings - Fork 39
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Overhaul snmpdv3 config for RW access
Enable write access to snmpdv3 instance as well, so that snmp SET commands also can be tested properly.
- Loading branch information
1 parent
ca5a45c
commit 00fcb66
Showing
3 changed files
with
27 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| FROM polinux/snmpd | ||
| COPY snmpd.conf /etc/snmpd/snmpd.conf | ||
| COPY snmpd.conf /etc/snmp/snmpd.conf | ||
| EXPOSE 161:161/udp | ||
| CMD ["-c", "/etc/snmpd/snmpd.conf"] | ||
| CMD ["-c", "/etc/snmp/snmpd.conf"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,13 +1,27 @@ | ||
| com2sec notConfigUser default notpublic | ||
| group notConfigGroup v1 notConfigUser | ||
| group notConfigGroup v2c notConfigUser | ||
| view systemview included .1.3.6.1.2.1.1 | ||
| view systemview included .1.3.6.1.2.1.25.1.1 | ||
| access notConfigGroup "" any noauth exact systemview none none | ||
| # sec.name source community | ||
| com2sec read default public | ||
| com2sec readwrite default private | ||
|
|
||
| # groupName securityModel securityName | ||
| group readGroup v1 read | ||
| group readGroup v2c read | ||
| group readwriteGroup v1 readwrite | ||
| group readwriteGroup v2c readwrite | ||
| group readwriteGroup usm readwrite | ||
|
|
||
| # group context sec.model sec.level prefix read write notif | ||
| view allview included .1 | ||
| view publicview included .1.3.6.1.2.1.1 | ||
|
|
||
| # group context sec.model sec.level prefix read write notif | ||
| access readGroup "" any noauth exact publicview none none | ||
| access readwriteGroup "" any noauth exact allview allview none | ||
|
|
||
| createUser myv3user SHA "my_authpass" AES "my_privpass" | ||
| rouser myv3user | ||
| rwuser myv3user | ||
|
|
||
| syslocation Milliways | ||
| syscontact NAV Developer <[email protected]> | ||
| # Setting these here will make them read-only, unfortunately. | ||
| # NAV/SeedDB needs them to be writeable to test for write-access | ||
| #syslocation Milliways | ||
| #syscontact NAV Developer <[email protected]> | ||
| dontLogTCPWrappersConnects yes |