On Wed, 2005-10-12 at 06:52 -0400, Robert Story wrote: RS> agentSecName wallace RS> monitor .... RS> ... RS> iquerySecName grommit RS> monitor **** RS> RS> Would both monitor statements work? DS> They'd certainly both work. DS> The question is what access permissions should the first monitor DS> statement use? I can code things either way.
> I don't know what you mean by access permissions..... Should the objects referred to by the '....' monitor statement be retrieved using the security name "wallace" or the security name "grommit"[sic] ? [BTW - I don't know if you heard about the fire in Bristol, that completely gutted the Aardman Animation warehouse. Almost all the stuff relating to earlier Wallace and Gromit films has been destroyed :-( ] > I'm guessing that these secname > tokens set up access control stuff? Nope. They just specify what name should be used. They don't actually create the user, or set up suitable access control configuration. Both of these have to be done separately. See snmpd.conf(5) under "agentSecName" (I'm tempted to suggest that this should all be rolled into the one directive, but that's a different discussion. For the moment, I've been concentrating on trying to improve the behaviour of the main DisMan implementations, rather than get sucked into a discussion of Wes' original interfaces). > Remember that I haven't > looked at how this stuff actually works. Or even read the documentation, apparently :-) > Are these externally visible (in a table somewhere)? The username and access control settings will be, as part of the normal SNMP configuration. The settings used for particular DisMan entries aren't - they're implicit in how the entry was set up. Note that the DisMan specification doesn't properly cover the behaviour of statically configured entries. There is *some* text that could be seen as describing how such entries should be treated, but unfortunately this is inconsistent with the behaviour explicitly described elsewhere for dynamically configured entries. This whole mechanism is Wes' private invention :-) Dave ------------------------------------------------------- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
