Comments (7)
@Tontonitch I'm not a developer of puppet-snmp, but a fellow user. Good catch here given this file has credentials stored that should be kept secret and protected. It seems that the Red Hat family of OSes have the wrong default mode for these files, as you can see here.
Until this gets resolved correctly, I've got the following in my Hiera data:
snmp::service_config_perms: '0600'
Alternatively, you could use something like
class { 'snmp':
<snip>
service_config_perms => '0600',
<snip>
}
Thanks for pointing this out!
from puppet-snmp.
Ok, thanks for your solution John!Best regards,Yannick
De : John Florian <[email protected]>
À : razorsedge/puppet-snmp [email protected]
Cc : Yannick Charton [email protected]; Mention [email protected]
Envoyé le : Samedi 12 novembre 2016 17h52
Objet : Re: [razorsedge/puppet-snmp] File permissions do not match the ones of the net-snmp (#81)
@Tontonitch I'm not a developer of puppet-snmp, but a fellow user. Good catch here given this file has credentials stored that should be kept secret and protected. It seems that the Red Hat family of OSes have the wrong default mode for these files, as you can see here.Until this gets resolved correctly, I've got the following in my Hiera data:
snmp::service_config_perms: '0600'
Alternatively, you could use something likeclass { 'snmp':
service_config_perms => '0600',
}
Thanks for pointing this out!—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
from puppet-snmp.
Please make this a parameter. We have certain machines that set the file perms to 0640 and the group to something non-standard. (Rationale: Certain processes need to read that file but we don't want those processes to run as root)
from puppet-snmp.
It already is a parameter. See my comment above. Or I don't understand what you were asking for.
John Florian
from puppet-snmp.
Its all good. Thanks!
from puppet-snmp.
@Tontonitch What OS/OS version/SNMP version are you using?
from puppet-snmp.
RedHat 7.3, Net-Snmp 5.7.2
from puppet-snmp.
Related Issues (20)
- Release 4.1.1
- # Other Configuration HOT 2
- To support CentOS 8 HOT 1
- rw and ro community strings wrong and default breaks rhel7 if ipv6 off
- $facts['networking']['fqdn'] is too recent HOT 3
- Dependency on stdlib versions incorrect for version 5.1.0 ; types/ip/address/v6/cidr.pp and type Stdlib::IP::Address::V6::CIDR does not exist in 4.25.0
- Docs: Incorrect dependency (stdlib) listed on forge.puppet.com page HOT 2
- Doesn't work on ubuntu focal 20.04 HOT 1
- Cannot disable traditional access control for ro_community{,6}
- FreeBSD Support
- Support Debian Bullseye 11 (to be released in may or june) HOT 4
- systemd daemon-reload restarts snmpd HOT 15
- snmpd starts on each puppet run HOT 1
- Incorrect type of agentx_perms parameter
- Release new version HOT 4
- How to disable snmpv1 and v2 HOT 1
- Support for Ubuntu 22.04 HOT 6
- Reload snmpd config instead of restarting service by default
- $snmpv2_enable parameter does not disable snmpv2.
- snmpd_options and/or snmptrapd_options are ignored on Ubuntu and Debian due to lack of systemd support
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppet-snmp.