As I said, I'm trying to manipulate the source code in order to accept changes to the initial user's password in the first boot.
The if condition that you pointed out in past mails, is the place where I'm working. I was thinking in placing another condition in the if clause that tests if it is the only existent user (complementing the cloneFrom test). Is there any function that returns the number of registered users or something like that? Thank you very much for all your help, Sérgio Cabaço -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Dave Shield Sent: quarta-feira, 25 de Fevereiro de 2009 13:32 To: Wes Hardaker; Sergio Cabaço Cc: [email protected] Subject: Re: Changing password first boot 5.3.2 2009/2/25 Sergio Cabaço <[email protected]>: > There is no specification in the RFC that says that initial > master user can't change its own password in the first boot? Correct. The RFC specification doesn't say *anything* about "first boot". Once a user has been created (which is where the cloneFrom stuff comes into play), from then on it should then be possible to change the security Keys. Whether the agent is stopped and restarted should have no effect whatsoever. That's according to the specs. The fact that our agent works differently is a bug. (IMO). > The passw can be change on all boots, except in the one when createUser is > converted to > usmUser in the persistent snmpd.conf. I think this happens because it needs > to insert the > new created user in the "user's table" and only then the passwords can be > changed. > This only occurs when the agent goes down and gets up. Not true. Try the following: - shut the agent down - remove all 'usmUser' settings from /var/net-snmp/snmpd.conf - insert a 'createUser' setting into /var/net-snmp/snmpd.conf $ snmpwalk ..... usmUserTable > /tmp/usm1 - shut down and restart the agent $ snmpwalk ..... usmUserTable > /tmp/usm2 $ diff /tmp/usm1 /tmp/usm2 You should find that the contents of the two usmUserTables are identical (which is what we would expect). The 'createUser' entry *is* present in the user table right from the start. The differences lie in the fine detail of the internal data structures, used by the Net-SNMP agent to represent this table, and the code used to validate these data structures. > I cannot comment out the if(uptr->cloneFrom) because it creates an exception > to the RFC. The test shouldn't be removed completely, because this validation *is* required for proper creation of new users. The problem (IMO) is that the code is being applied too broadly. The check is needed if a new row is being created, ===> and not otherwise <===. That's my understanding, anyway. Wes may see things differently. (It wouldn't be the first time!) Dave ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
