Read PRETTY_NAME from /etc/os-release via /bin/sh for distro output.
Bump PKG_RELEASE to account for the package configuration change.
Signed-off-by: Kamil Bienkiewicz <perceivalpercy@gmail.com>
Bump PKG_RELEASE to reflect fixes to UCI init script config
generation for missing/unset options and RestrictOID handling.
Signed-off-by: Eric McDonald <librick-openwrt@proton.me>
snmpd_access_default_add, snmpd_access_HostName_add, and
snmpd_access_HostIP_add check if RestrictOID is `yes` or `no`
but fail to write a newline for other values of RestrictOID
(e.g., `true`, `false`) or if unset, corrupting the generated config.
Fix by using config_get_bool and restructuring to write either
a complete line or nothing. Also require RestrictedOID to be
non-empty when RestrictOID is enabled.
This is a breaking change for configs where RestrictOID is set
to a value that the old code did not match as `yes` (e.g., `true`,
`1`, `on`, `enabled`) but config_get_bool evaluates as true. In
practice, this is unlikely to affect existing installs unless a
user is unknowingly relying on unintended behavior or is deliberately
relying on the old code's non-standard boolean evaluation; this
latter case is considered unlikely by this commit's author. Configs
where RestrictOID is enabled but RestrictedOID is empty are also
affected; previously a directive with a trailing space was written,
now no directive is written.
Signed-off-by: Eric McDonald <librick-openwrt@proton.me>
snmpd_access_HostIP_add would write unintended output to the
config file if the IPMask option is not specified. Add an early
return to prevent writing in that case.
This is a breaking change for configs where IPMask is unset.
Previously, an empty IPMask option would result in a malformed
directive containing a trailing slash with no guaranteed newline,
the exact form of which depended on the values of other options.
Now, no directive is written.
Signed-off-by: Eric McDonald <librick-openwrt@proton.me>
snmpd_access_HostIP_add would write unintended output to the
config file if the HostIP option is not specified. Add an early
return to prevent writing in that case.
This is a breaking change for configs where HostIP is unset.
Previously, an empty HostIP option would result in a malformed
directive containing a bare /mask with no guaranteed newline, the
exact form of which depended on the values of other options.
Now, no directive is written.
Signed-off-by: Eric McDonald <librick-openwrt@proton.me>
snmpd_access_HostName_add would write unintended output to the
config file if the HostName option is not specified. Add an early
return to prevent writing in that case.
This is a breaking change for configs where HostName is unset.
Previously, an empty HostName option would result in a malformed
directive with a trailing space and no guaranteed newline, the
exact form of which depended on the values of other options.
Now, no directive is written.
Signed-off-by: Eric McDonald <librick-openwrt@proton.me>
snmpd_access_default_add, snmpd_access_HostName_add, and
snmpd_access_HostIP_add would write unintended output to the
config file if the CommunityName option is not specified. Add an
early return to each function to prevent writing in that case.
This is a breaking change for configs where CommunityName is
unset. Previously, an empty CommunityName option would result in
a malformed directive with a double space and no guaranteed
newline, the exact form of which depended on the values of other
options. Now, no directive is written.
Signed-off-by: Eric McDonald <librick-openwrt@proton.me>
snmpd_access_default_add, snmpd_access_HostName_add, and
snmpd_access_HostIP_add would write unintended output to the
config file if the Mode option is not specified. Add an early
return to each function to prevent writing in that case.
This is a breaking change for configs where Mode is unset.
Previously, an empty Mode option would result in a malformed
directive with a leading space and no guaranteed newline, the
exact form of which depended on the values of other options.
Now, no directive is written.
Signed-off-by: Eric McDonald <librick-openwrt@proton.me>
The function snmpd_sink_add() has a guard clause that tests the literal
string "section", not the variable value "$section".
The test `[ -n "section" ]` always evaluates to true because the string
literal "section" is non-empty, making the check useless.
This function is only called internally with hardcoded arguments, so the
bug has no actual impact currently. For the same reason, this change
should not break existing configurations. However, I think it should be
fixed so future callers do not have a false sense of security.
Signed-off-by: Eric McDonald <librick-openwrt@proton.me>
To support logging in net-snmp this commit introduces this feature. There is
a new uci config section 'logging'.
The following new parameters are used:
config logging
option log_file '/var/log/snmpd.log'
option log_file_priority 'i'
option log_syslog '0'
option log_syslog_facility 'd'
Signed-off-by: Christian Korber <ck@dev.tdt.de>
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This commit adds function 'snmpd_snmpv3_add' to the init script
to support SNMPv3 config parsing.
The new uci config section has the following configuration parameters:
config v3
option username 'John'
option allow_write '0'
option auth_type 'SHA|MD5'
option auth_pass 'passphrase'
option privacy_type 'AES|DES'
option privacy_pass 'passphrase'
option RestrictOID 'yes|no'
option RestrictedOID '1.3.6.1.2.1.1.1'
This new section is only relevant if the snmp_version 'v1/v2c/v3' or 'v3'
is set in the uci section 'general'.
Signed-off-by: Christian Korber <ck@dev.tdt.de>
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
To use 'SNMPv3', the net-snmp package must be compiled with openssl support.
For this purpose, the current net-snmp is renamed into build 'nossl'.
This is a preparation commit to add the 'ssl' variant.
Signed-off-by: Christian Korber <ck@dev.tdt.de>
In a previous commit (0b12bee) hostname was added to
snmpd.init. To track changes in system, the init file
needs to add 'system' to the trigger.
Therefore it is added in this commit.
Fixes: 0b12bee66a ("net-snmp: set hostname as sysname")
Signed-off-by: Christian Korber <ck@dev.tdt.de>
This commit includes inttypes.h to prevent the following error:
```
mibgroup/ieee802dot11.c: In function 'displayWiExt':
mibgroup/ieee802dot11.c:4563:26: error: expected ')' before 'PRIdPTR'
4563 | printf ( "%s sens: %" PRIdPTR "\n", "SIOCGIWSENS", *(intptr_t *)&info.sens );
| ~ ^~~~~~~~
| )
mibgroup/ieee802dot11.c:31:1: note: 'PRIdPTR' is defined in header '<inttypes.h>'; did you forget to '#include <inttypes.h>'?
30 | #include "util_funcs/header_generic.h"
+++ |+#include <inttypes.h>
31 |
```
Signed-off-by: Wei-Ting Yang <williamatcg@gmail.com>
Use #elif defined instead of #elifdef as seen elsewhere throughout the patch
file. This avoids the following errors when compiling with GCC 11:
```
mibgroup/ucd-snmp/proc.c:45:2: error: invalid preprocessing directive #elifdef; did you mean #ifdef?
45 | #elifdef HAVE_PCRE_H
| ^~~~~~~
| ifdef
mibgroup/ucd-snmp/proc.c:243:2: error: invalid preprocessing directive #elifdef; did you mean #ifdef?
243 | #elifdef HAVE_PCRE_H
| ^~~~~~~
| ifdef
```
Signed-off-by: Wei-Ting Yang <williamatcg@gmail.com>
This commit writes the option hostname obtained via uci_get
system.@system[0].hostname to the snmpd.conf file if sysName
is not defined in /etc/config/snmpd.
Signed-off-by: Christian Korber <ckorber@tdt.de>
description: Since IPv6 is present in everyday use, we need to include
information about IPv6 addresses & routes in SNMP
example:
IP-MIB::ipAddressOrigin.ipv6
IP-MIB::ipAddressOrigin[ipv6]["00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:01"] = manual
IP-MIB::ipAddressOrigin[ipv6]["fd:00:00:09:02:55:00:00:00:00:00:00:00:00:01:01"] = manual
IP-MIB::ipAddressOrigin[ipv6]["fe:80:00:00:00:00:00:00:0c:00:09:ff:fe:06:01:01"] = linklayer
IP-MIB::ipAddressOrigin[ipv6]["fe:80:00:00:00:00:00:00:0c:02:09:ff:fe:00:01:01"] = linklayer
IP-MIB::ipAddressOrigin[ipv6]["fe:80:00:00:00:00:00:00:ae:84:c6:ff:fe:25:8c:ce"] = linklayer
tested:
23.05-snapshot
master snapshot
with LibreNMS, OpenWRT device IPv6 Addresses & Routes are properly recognized
Signed-off-by: Peca Nesovanovic <peca.nesovanovic@sattrakt.com>
This fixes it with musl support. Also fixed several -Wformat warnings.
Main problem was __fd_mask not existing on musl but fd_mask existing.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Refresh 900-musl-compat.patch, add missing headers & fixes incompatible pointer type is now an error.
Signed-off-by: Aditya Nugraha <vortexilation@gmail.com>
Refresh 900-musl-compat.patch, add missing headers & fixes incompatible pointer type is now an error.
Signed-off-by: Aditya Nugraha <vortexilation@gmail.com>
Adjust patches for current version changes
Module "disk" renamed to "disk_hw"
Internal type "unknown" changed to "u_int32_t"
Add patch with removing macro syntax checking for successful build
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Add upstream patch adding support for pcre2 and update dependency to
require libpcre2 instead of libpcre.
--with-pcre2-8 is now needed to exclude support for pcre and only
require pcre2 as net-snmp still use and try to use pcre by default.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Automatically compute and substitute current values for all
$(AUTORELEASE) instances as this feature is deprecated and shouldn't be
used.
The following temporary change was made to the core:
diff --git a/rules.mk b/rules.mk
index 57d7995d4fa8..f16367de87a8 100644
--- a/rules.mk
+++ b/rules.mk
@@ -429,7 +429,7 @@ endef
abi_version_str = $(subst -,,$(subst _,,$(subst .,,$(1))))
COMMITCOUNT = $(if $(DUMP),0,$(call commitcount))
-AUTORELEASE = $(if $(DUMP),0,$(call commitcount,1))
+AUTORELEASE = $(if $(DUMP),0,$(shell sed -i "s/\$$(AUTORELEASE)/$(call commitcount,1)/" $(CURDIR)/Makefile))
all:
FORCE: ;
And this command used to fix affected packages:
for i in $(cd feeds/packages; git grep -l PKG_RELEASE:=.*AUTORELEASE | \
sed 's^.*/\([^/]*\)/Makefile^\1^';);
do
make package/$i/download
done
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
The commands in the function 'stop_service' do not stop the service.
Rather, they are commands that are to be executed when the service has
already been stopped. By renaming the function, the commands are now
executed after the service has been stopped.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Switch to AUTORELEASE for simplicity.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[remove irrelevant part from commit message after splitting changes]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Neither the configure option nor configure variable to disable linking
against PCRE seem to work anymore, so simply drop both and add a
dependency on libpcre. As net-snmp is unlikely to fit on devices with
small flash anyway, the extra size requirement shouldn't be a problem.
If it is, feel free to submit a patch to fix the broken upstream
behaviour.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The crude loop I wrote to come up with this changeset:
find -L package/feeds/packages/ -name patches | \
sed 's/patches$/refresh/' | sort | xargs make
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
If snmpd fails to open files, like /dev/kmem or /dev/mem, it exits.
Avoid this by adding the -r argument.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Firewall needs to be reloaded in the following cases:
- on service start when snmpd.general.enabled=1
- when snmpd daemon is stopped
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
There's a build race condition with other packages which sometimes results in:
Package libnetsnmp is missing dependencies for the following libraries:
libpci.so.3
Using an external toolchain, it was discovered that net-snmp would
link with the Perl library (-lperl) from the host rather than from the
target.
Since we do not provide Perl as a dependency to net-snmp, the solution
is to disable support for it.
Fixes issue #8217.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@savoirfairelinux.com>
Disable PCRE process searching to avoid linking against libprce, which
would cause the build to fail due to a missing dependency. With the
--without-pcre switch, build fails due to an undefined reference, so do
it via CONFIGURE_VARS instead.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[disable PCRE process searching]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Yanase Yuki
Kamil Bienkiewicz
Eric McDonald
Christian Korber
Florian Eckert
Wei-Ting Yang
Christian Korber
Peca Nesovanovic
Christian Marangi
Rosen Penev
Aditya Nugraha
Ivan Pavlov
Paul Fertser
Seth Kingry
Stijn Tintel
Ilya Lipnitskiy
Jan Pavlinec
Alin Nastac
Koen Vandeputte
Maxim Cournoyer