> From: Philip Mason [mailto:[email protected]]
> Sent: Friday, January 30, 2009 3:34 AM
> Is it not possible (I know it's an unwise thing to do) to set
> rwcommunity to public? If not it isn't clear to me why it
> wasn't working
> with the snmpd.conf above.
You are asking the wrong question. The proper question is "is it
possible to have 'public' as a rwcommunity". The answer is "yes, but if you
do that on an actual deployment you are begging for trouble". The key here is
that there is not one rocommunity or rwcommunity that you give a name to,
rather, these are directives which configure the named communities for
whole-tree-read-only or whole-tree-write-only access, respectively. Try
putting all of these in your snmpd.conf:
rocommunity public
rwcommunity private
rocommunity peep-show
rwcommunity hack-me-please
rwcommunity p
You will see that requests to communities "public" or "peep-show" can
read the whole tree, but can't set anything, whereas "private",
"hack-me-please", and "p"[1] can read or write anything.
Operational note: for deployed systems, "private" and "secret" are just
as bad community names as "public".
HTH,
Mike
[1] Test bench special - why waste all that time typing "ublic" or "rivate"?
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
