The question is that my communities names can be change remotly,
so you can to get this final configuration
# sec.name source community
com2sec public_sec default private
com2sec private_sec default private
# groupName securityModel securityName
group public_grp v1 public_sec
group public_grp v2c public_sec
group private_grp v1 private_sec
group private_grp v2c private_sec
# name incl/excl subtree mask(optional)
view rview included system.sysName
view rwview included system.sysName
# group context sec.model sec.level prefix
read write notif
access public_grp "" any noauth exact rview none
none
access private_grp "" any noauth exact rwview
rwview rview
(in the other case I had
access private_grp "" any noauth exact rview
rwview rview
but that does not matter)
I don't know if It is normal that with this configuration you can not to
set variables, because the agent mix the permissions if you try to do a
set with 'private'
(snmpset -v2c -c private host name)
I solvented this preventing that this never happen, if the manager try
to change for example, 'public' for 'private' (both would be 'private')
I give a SNMP_ERR_BADVALUE
bye,
Antonio
Mike Ayers escribió:
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Meilán García Antonio
I have a problem with de access control when read community
is equal to
write community, with this simple snmpd.conf
There is no such thing as a "read community" or a "write community",
rather communities are granted read and/or write access. Any number of communites may be able to
read, write, or both, but each community name must translate into a single security name.
Your community "private" uses the private_grp security group:
access private_grp "" any noauth exact
rview rwview rview
...which had both read and write access to begin with.
HTH,
Mike
-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
--
__________________________________________________
Antonio Meilán García
Departamento de I+D
*TRedess*
Volta do Castro, s/n
15.706 - Santiago de Compostela
Tel: +34.981.534.203
Fax: +34.981.522.052
e-mail: [EMAIL PROTECTED]
www.tredess.com <http://www.tredess.com/>
No imprima este e-mail si no es realmente necesario. Don't print this
e-mail unless it's really necessary.
La información contenida en el presente correo electrónico es *PRIVADA y
CONFIDENCIAL*, siendo para el uso exclusivo del destinatario arriba
indicado. Si usted recibe este mensaje y no es el destinatario, o ha
recibido esta comunicación por error, le informamos que está totalmente
prohibida cualquier divulgación, distribución o reproducción de este
correo electrónico, así como de los documentos adjuntos que forman parte
del mismo, rogándole que nos lo notifique y devuelva el mensaje original
a la dirección indicada en la firma del correo, procediendo luego a
borrar el mensaje. Gracias.
This information is *PRIVATE and CONFIDENTIAL* and intended for the
recipient only. If you are not the intended recipient of this message
you are hereby notified that any review, distribution or copying of this
message and its attachments is strictly prohibited. If you receive this
message by error, please contact the sender and then delete the message.
Thank you.
-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
