snmp
Version information
This version is compatible with:
- Puppet Enterprise 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x
- Puppet >= 6.1.0 < 8.0.0
- , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'puppet-snmp', '6.0.0'
Learn more about managing modules with a PuppetfileDocumentation
Net-SNMP
Table of Contents
- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with this module
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Overview
This Puppet module manages the installation and configuration of Net-SNMP client, server, and trap server. It also can create a SNMPv3 user with authentication and privacy passwords.
Module Description
Simple Network Management Protocol (SNMP) is a widely used protocol for monitoring the health and welfare of network and computer equipment. Net-SNMP implements SNMP v1, SNMP v2c, and SNMP v3 using both IPv4 and IPv6. This Puppet module manages the installation and configuration of the Net-SNMP client, server, and trap server. It also can create a SNMPv3 user with authentication and privacy passwords.
Only platforms that have Net-SNMP available are supported. This module will not work with AIX or Solaris SNMP.
Setup
What this module affects
- Installs the Net-SNMP client package and configuration.
- Installs the Net-SNMP daemon package, service, and configuration.
- Installs the Net-SNMP trap daemon service and configuration.
- Creates a SNMPv3 user with authentication and encryption paswords.
Beginning with this module
This declaration will get you the SNMP daemon listening on the loopback IPv4 and IPv6 addresses with a v1 and v2c read-only community of 'public'.
include snmp
Upgrading
Deprecation Warning
Past module 3.x series
- The classes
snmp::server
andsnmp::trapd
have been merged into classsnmp
. All of their class parameters available in thesnmp
class.
Current module 4.x series
-
The parameter
install_client
is renamed tomanage_client
. -
Support for Puppet < 4 is removed.
Future module 5.x series
-
The parameters
ro_community
,rw_community
,ro_network
, andrw_network
will be removed. -
The snmptrapd parameter name will become
authcommunity
.
Usage
Most interaction with the snmp module can be done through the main snmp class. This means you can simply toggle the parameters in ::snmp
to have most functionality of the module. Additional fuctionality can be achieved by only utilizing the ::snmp::client
class or the ::snmp::snmpv3_user
define.
To install the SNMP service listening on all IPv4 and IPv6 interfaces:
class { 'snmp':
agentaddress => [ 'udp:161', 'udp6:161' ],
}
To change the SNMP community from the default value and limit the netblocks that can use it:
class { 'snmp':
agentaddress => [ 'udp:161', ],
ro_community => 'myPassword',
ro_network => '192.168.0.0/16',
}
Or more than one community:
class { 'snmp':
agentaddress => [ 'udp:161', ],
ro_community => [ 'myPassword', 'myOtherPassword', ],
}
To set the responsible person and location of the SNMP system:
class { 'snmp':
contact => 'root@yourdomain.org',
location => 'Phoenix, Arizona, U.S.A., Earth, Milky Way',
}
Client
If you just want to install the SNMP client:
include snmp::client
To install the SNMP service and the client:
class { 'snmp':
manage_client => true,
}
To install the SNMP service but not install the snmptrapd service
class { 'snmp':
manage_snmptrapd => false,
}
If you want to pass client configuration stanzas to the snmp.conf file:
class { 'snmp':
snmp_config => [
'defVersion 2c',
'defCommunity public',
'mibdirs +/usr/local/share/snmp/mibs',
],
}
Trap Daemon
To only configure and run the snmptrap daemon:
class { 'snmp':
service_ensure => 'stopped',
trap_service_ensure => 'running',
trap_service_enable => true,
snmptrapdaddr => [ 'udp:162', ],
trap_handlers => [
'default /usr/bin/perl /usr/bin/traptoemail me@somewhere.local', # optional
'TRAP-TEST-MIB::demo-trap /home/user/traptest.sh demo-trap', # optional
],
trap_forwards => [ 'default udp:55.55.55.55:162' ], # optional
}
SNMPv3 Users
To install a SNMP version 3 user for snmpd:
snmp::snmpv3_user { 'myuser':
authpass => '1234auth',
privpass => '5678priv',
}
class { 'snmp':
snmpd_config => [ 'rouser myuser authPriv' ],
}
To install a SNMP version 3 user for snmptrapd:
snmp::snmpv3_user { 'myuser':
authpass => 'SeCrEt',
privpass => 'PhRaSe',
daemon => 'snmptrapd',
}
Access Control
With traditional access control, you can give a simple password and (optional) network restriction:
class { 'snmp':
ro_community => 'myPassword',
ro_network => '10.0.0.0/8',
}
and it becomes this in snmpd.conf:
rocommunity myPassword 10.0.0.0/8
This says that any host on network 10.0.0.0/8 can read any SNMP value via SNMP versions 1 and 2c as long as they provide the password 'myPassword'.
With View-based Access Control Model (VACM), you can do this (more complex) configuration instead:
class { 'snmp':
com2sec => ['mySecName 10.0.0.0/8 myPassword'],
groups => ['myGroupName v1 mySecName',
'myGroupName v2c mySecName'],
views => ['everyThing included .'],
accesses => ['myGroupName "" any noauth exact everyThing none none'],
}
where the variables have the following meanings:
- "mySecName": A security name you have selected.
- "myPassword": The community (password) for the security name.
- "myGroupName": A group name to which you assign security names.
- "everyThing": A view name (i.e. a list of MIBs that will be ACLed as a unit).
and it becomes this in snmpd.conf:
com2sec mySecName 10.0.0.0/8 myPassword
group myGroupName v1 mySecName
group myGroupName v2c mySecName
view everyThing included .
access myGroupName "" any noauth exact everyThing none none
This also says that any host on network 10.0.0.0/8 can read any SNMP value via SNMP versions 1 and 2c as long as they provide the password 'myPassword'. But it also gives you the ability to change any of those variables.
Reference: Manpage of snmpd.conf - Access Control
Multiple Network Restrictions
In traditional access control, you can also pass multiple networks for the community string.
class { 'snmp':
ro_community => 'shibboleth',
ro_network => [ '192.168.0.0/16', '1.2.3.4/32', ],
}
and it becomes this in snmpd.conf:
rocommunity shibboleth 192.168.0.0/16
rocommunity shibboleth 1.2.3.4/32
Reference
See in file REFERENCE.md.
Limitations
OS Support:
Net-SNMP module support is available with these operating systems:
- RedHat family - tested on CentOS 7
- SuSE family - tested on SLES 11 SP1
- Debian family - tested on Debian 9, Debian 10, Ubuntu 18.04, Ubuntu 20.04
Notes:
- By default the SNMP service now listens on BOTH the IPv4 and IPv6 loopback addresses.
- There is a bug on Debian squeeze of net-snmp's status script. If snmptrapd is
not running the status script returns 'not running' so puppet restarts the
snmpd service. The following is a workaround:
class { 'snmp': service_hasstatus => false, trap_service_hasstatus => false, }
- For security reasons, the SNMP daemons are configured to listen on the loopback
interfaces (127.0.0.1 and [::1]). Use
agentaddress
andsnmptrapdaddr
to change this configuration. - Not all parts of Traditional Access Control or VACM Configuration are fully supported in this module.
Issues:
- Debian will not support the use of non-numeric OIDs. Something about rabid freedom.
- Figure out how to install the RFC-standard MIBS on Debian so that
snmpwalk -v 2c -c public localhost system
will function. - Possibly support USM and VACM?
Development
This module is maintained by Vox Pupuli. Voxpupuli welcomes new contributions to this module. We are happy to provide guidance if necessary.
Please see CONTRIBUTING.md for information on how to contribute.
Authors
- Mike Arnold mike@razorsedge.org
- Vox Pupuli Team
- List of contributors https://github.com/voxpupuli/puppet-snmp/graphs/contributors
Licensed under the Apache License, Version 2.0.
Reference
Table of Contents
Classes
snmp
: Manage the Net-SNMP and Net-SNMP trap daemon package, service, and configuration.snmp::client
: Manage the Net-SNMP client package and configuration.
Defined types
snmp::snmpv3_user
: Creates a SNMPv3 user with authentication and encryption paswords.
Functions
Public Functions
Private Functions
snmp::snmpv3_usm_hash
: snmpv3_usm_hash.rb --- Calculate SNMPv3 USM hash for a passphrase
Classes
snmp
Manage the Net-SNMP and Net-SNMP trap daemon package, service, and configuration.
Examples
class { 'snmp':
com2sec => [ 'notConfigUser default PassW0rd' ],
manage_client => true,
}
# Only configure and run the snmptrap daemon:
class { 'snmp':
ro_community => 'SeCrEt',
service_ensure => 'stopped',
trap_service_ensure => 'running',
trap_handlers => [
'default /usr/bin/perl /usr/bin/traptoemail me@somewhere.local',
'IF-MIB::linkDown /home/nba/bin/traps down',
],
}
Parameters
The following parameters are available in the snmp
class:
agentaddress
snmptrapdaddr
ro_community
ro_community6
rw_community
rw_community6
ro_network
ro_network6
rw_network
rw_network6
contact
location
sysname
services
com2sec
com2sec6
groups
views
accesses
dlmod
extends
pass
pass_persist
snmpd_config
disable_authorization
do_not_log_traps
do_not_log_tcpwrappers
trap_handlers
trap_forwards
snmptrapd_config
manage_client
manage_snmptrapd
snmp_config
ensure
autoupgrade
package_name
snmptrapd_package_name
snmpd_options
sysconfig
trap_sysconfig
trap_service_config
service_config
service_config_perms
service_config_dir_path
service_config_dir_owner
service_config_dir_group
service_config_dir_perms
service_ensure
service_name
service_enable
service_hasstatus
service_hasrestart
snmptrapd_options
trap_service_ensure
trap_service_name
trap_service_enable
trap_service_hasstatus
trap_service_hasrestart
openmanage_enable
master
agentx_perms
agentx_ping_interval
agentx_socket
agentx_timeout
agentx_retries
snmpv2_enable
var_net_snmp
varnetsnmp_perms
varnetsnmp_owner
varnetsnmp_group
agentaddress
Data type: Array[String[1]]
An array of addresses, on which snmpd will listen for queries.
Default value: ['udp:127.0.0.1:161', 'udp6:[::1]:161']
snmptrapdaddr
Data type: Array[String[1]]
An array of addresses, on which snmptrapd will listen to receive incoming SNMP notifications.
Default value: ['udp:127.0.0.1:162', 'udp6:[::1]:162']
ro_community
Data type: Variant[Undef, String[1], Array[String[1]]]
Read-only (RO) community string or array for agent and snmptrap daemon.
Default value: 'public'
ro_community6
Data type: Variant[Undef, String[1], Array[String[1]]]
Read-only (RO) community string or array for IPv6 agent.
Default value: 'public'
rw_community
Data type: Variant[Undef, String[1], Array[String[1]]]
Read-write (RW) community string or array agent.
Default value: undef
rw_community6
Data type: Variant[Undef, String[1], Array[String[1]]]
Read-write (RW) community string or array for IPv6 agent.
Default value: undef
ro_network
Data type: Variant[Array, Stdlib::IP::Address::V4, Stdlib::IP::Address::V4::CIDR]
Network that is allowed to RO query the daemon. Can be string or array.
Default value: '127.0.0.1'
ro_network6
Data type: Variant[Array, Stdlib::IP::Address::V6, Stdlib::IP::Address::V6::CIDR]
Network that is allowed to RO query the daemon via IPv6. Can be string or array.
Default value: '::1'
rw_network
Data type: Variant[Array, Stdlib::IP::Address::V4, Stdlib::IP::Address::V4::CIDR]
Network that is allowed to RW query the daemon. Can be string or array.
Default value: '127.0.0.1'
rw_network6
Data type: Variant[Array, Stdlib::IP::Address::V6, Stdlib::IP::Address::V6::CIDR]
Network that is allowed to RW query the daemon via IPv6. Can be string or array.
Default value: '::1'
contact
Data type: String[1]
Responsible person for the SNMP system.
Default value: 'Unknown'
location
Data type: String[1]
Location of the SNMP system.
Default value: 'Unknown'
sysname
Data type: String[1]
Name of the system (hostname).
Default value: $facts['networking']['fqdn']
services
Data type: Integer
For a host system, a good value is 72 (application + end-to-end layers).
Default value: 72
com2sec
Data type: Array[String[1]]
An array of VACM com2sec mappings. Must provide SECNAME, SOURCE and COMMUNITY. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbAL for details.
Default value: ['notConfigUser default public']
com2sec6
Data type: Array[String[1]]
An array of VACM com2sec6 mappings. Must provide SECNAME, SOURCE and COMMUNITY. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbAL for details.
Default value: ['notConfigUser default public']
groups
Data type: Array[String[1]]
An array of VACM group mappings. Must provide GROUP, <v1|v2c|usm|tsm|ksm>, SECNAME. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbAL for details.
Default value: [ 'notConfigGroup v1 notConfigUser', 'notConfigGroup v2c notConfigUser', ]
views
Data type: Array[String[1]]
An array of views that are available to query. Must provide VNAME, TYPE, OID, and [MASK]. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbAL for details.
Default value: [ 'systemview included .1.3.6.1.2.1.1', 'systemview included .1.3.6.1.2.1.25.1.1', ]
accesses
Data type: Array[String[1]]
An array of access controls that are available to query. Must provide GROUP, CONTEXT, <any|v1|v2c|usm|tsm|ksm>, LEVEL, PREFX, READ, WRITE, and NOTIFY. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbAL for details.
Default value: [ 'notConfigGroup "" any noauth exact systemview none none', ]
dlmod
Data type: Optional[Array[String[1]]]
Array of dlmod lines to add to the snmpd.conf file. Must provide NAME and PATH (ex. "cmaX /usr/lib64/libcmaX64.so"). See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbBD for details.
Default value: undef
extends
Data type: Optional[Array[String[1]]]
Array of extend lines to add to the snmpd.conf file. Must provide NAME, PROG and ARG. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbBA for details.
Default value: undef
pass
Data type: Optional[Array[String[1]]]
Array of pass lines to add to the snmpd.conf file. Must provide MIBOID and PROG. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbBB for details.
Default value: undef
pass_persist
Data type: Optional[Array[String[1]]]
Array of pass_persist lines to add to the snmpd.conf file. Must provide MIBOID and PROG. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbBB for details.
Default value: undef
snmpd_config
Data type: Optional[Array[String[1]]]
Safety valve. Array of lines to add to the snmpd.conf file. See http://www.net-snmp.org/docs/man/snmpd.conf.html for all options.
Default value: undef
disable_authorization
Data type: Enum['yes','no']
Disable all access control checks.
Default value: 'no'
do_not_log_traps
Data type: Enum['yes','no']
Disable the logging of notifications altogether.
Default value: 'no'
do_not_log_tcpwrappers
Data type: Enum['yes','no']
Disable the logging of tcpwrappers messages, e.g. "Connection from UDP: " messages in syslog.
Default value: 'no'
trap_handlers
Data type: Optional[Array[String[1]]]
An array of programs to invoke on receipt of traps. Must provide OID and PROGRAM (ex. "IF-MIB::linkDown /bin/traps down"). See http://www.net-snmp.org/docs/man/snmptrapd.conf.html#lbAI for details.
Default value: undef
trap_forwards
Data type: Optional[Array[String[1]]]
An array of destinations to send to on receipt of traps. Must provide OID and DESTINATION (ex. "IF-MIB::linkUp udp:1.2.3.5:162"). See http://www.net-snmp.org/docs/man/snmptrapd.conf.html#lbAI for details.
Default value: undef
snmptrapd_config
Data type: Optional[Array[String[1]]]
Safety valve. Array of lines to add to the snmptrapd.conf file. See http://www.net-snmp.org/docs/man/snmptrapd.conf.html for all options.
Default value: undef
manage_client
Data type: Boolean
Whether to install the Net-SNMP client package.
Default value: false
manage_snmptrapd
Data type: Boolean
Weheter to install the Net-SNMP snmptrapd package
Default value: true
snmp_config
Data type: Optional[Array[String[1]]]
Safety valve. Array of lines to add to the client's global snmp.conf file. See http://www.net-snmp.org/docs/man/snmp.conf.html for all options.
Default value: undef
ensure
Data type: Enum['present','absent']
Ensure if present or absent.
Default value: 'present'
autoupgrade
Data type: Boolean
Upgrade package automatically, if there is a newer version.
Default value: false
package_name
Data type: String[1]
Name of the package. Only set this if your platform is not supported or you know what you are doing.
Default value: 'net-snmp'
snmptrapd_package_name
Data type: Optional[String[1]]
Name of the package provinding snmptrapd. Only set this if your platform is not supported or you know what you are doing.
Default value: undef
snmpd_options
Data type: Optional[String[1]]
Commandline options passed to snmpd via init script.
Default value: undef
sysconfig
Data type: Stdlib::Absolutepath
Path to sysconfig file for snmpd.
Default value: '/etc/sysconfig/snmpd'
trap_sysconfig
Data type: Stdlib::Absolutepath
Path to sysconfig file for snmptrapd.
Default value: '/etc/sysconfig/snmptrapd'
trap_service_config
Data type: Stdlib::Absolutepath
Path to snmptrapd.conf.
Default value: '/etc/snmp/snmptrapd.conf'
service_config
Data type: Stdlib::Absolutepath
Path to snmpd.conf.
Default value: '/etc/snmp/snmpd.conf'
service_config_perms
Data type: Stdlib::Filemode
Set permissions for the service configuration file.
Default value: '0600'
service_config_dir_path
Data type: Stdlib::Absolutepath
Path to services configuration directory.
Default value: '/usr/local/etc/snmp'
service_config_dir_owner
Data type: String[1]
Owner for the service configuration directory.
Default value: 'root'
service_config_dir_group
Data type: String[1]
Set group ownership for the service configuration directory.
Default value: 'root'
service_config_dir_perms
Data type: String[1]
Mode of the service configuration directory.
Default value: '0755'
service_ensure
Data type: Stdlib::Ensure::Service
Ensure if service is running or stopped.
Default value: 'running'
service_name
Data type: String[1]
Name of SNMP service. Only set this if your platform is not supported or you know what you are doing.
Default value: 'snmpd'
service_enable
Data type: Boolean
Start service at boot.
Default value: true
service_hasstatus
Data type: Boolean
Service has status command.
Default value: true
service_hasrestart
Data type: Boolean
Service has restart command.
Default value: true
snmptrapd_options
Data type: Optional[String[1]]
Commandline options passed to snmptrapd via init script.
Default value: undef
trap_service_ensure
Data type: Stdlib::Ensure::Service
Ensure if service is running or stopped.
Default value: 'stopped'
trap_service_name
Data type: String[1]
Name of SNMP service Only set this if your platform is not supported or you know what you are doing.
Default value: 'snmptrapd'
trap_service_enable
Data type: Boolean
Start service at boot.
Default value: false
trap_service_hasstatus
Data type: Boolean
Service has status command.
Default value: true
trap_service_hasrestart
Data type: Boolean
Service has restart command.
Default value: true
openmanage_enable
Data type: Boolean
Adds the smuxpeer directive to the snmpd.conf file to allow net-snmp to talk with Dell's OpenManage
Default value: false
master
Data type: Boolean
Include the master option to enable AgentX registrations.
Default value: false
agentx_perms
Data type: Optional[Stdlib::Filemode]
Defines the permissions and ownership of the AgentX Unix Domain socket.
Default value: undef
agentx_ping_interval
Data type: Optional[Integer]
This will make the subagent try and reconnect every NUM seconds to the master if it ever becomes (or starts) disconnected.
Default value: undef
agentx_socket
Data type: Optional[String[1]]
Defines the address the master agent listens at, or the subagent should connect to.
Default value: undef
agentx_timeout
Data type: Integer[0]
Defines the timeout period (NUM seconds) for an AgentX request.
Default value: 1
agentx_retries
Data type: Integer[0]
Defines the number of retries for an AgentX request.
Default value: 5
snmpv2_enable
Data type: Boolean
Disable com2sec, group, and access in snmpd.conf
Default value: true
var_net_snmp
Data type: Stdlib::Absolutepath
Path to snmp's var directory.
Default value: '/var/lib/net-snmp'
varnetsnmp_perms
Data type: Stdlib::Filemode
Mode of var_net_snmp
directory.
Default value: '0755'
varnetsnmp_owner
Data type: String[1]
Owner of var_net_snmp
directory.
Default value: 'root'
varnetsnmp_group
Data type: String[1]
Group of var_net_snmp
directory.
Default value: 'root'
snmp::client
Manage the Net-SNMP client package and configuration.
Examples
class { 'snmp::client':
snmp_config => [
'defVersion 2c',
'defCommunity public',
],
}
Parameters
The following parameters are available in the snmp::client
class:
ensure
Data type: Enum['present', 'absent']
Ensure if present or absent.
Default value: 'present'
snmp_config
Data type: Optional[Array[String[1]]]
Array of lines to add to the client's global snmp.conf file. See http://www.net-snmp.org/docs/man/snmp.conf.html for all options.
Default value: undef
autoupgrade
Data type: Boolean
Upgrade package automatically, if there is a newer version.
Default value: false
package_name
Data type: Optional[String[1]]
Name of the package. Only set this if your platform is not supported or you know what you are doing.
Default value: undef
client_config
Data type: Stdlib::Absolutepath
Path to snmp.conf
.
Default value: '/etc/snmp/snmp.conf'
Defined types
snmp::snmpv3_user
Creates a SNMPv3 user with authentication and encryption paswords.
Examples
snmp::snmpv3_user { 'myuser':
authtype => 'MD5',
authpass => '1234auth',
privpass => '5678priv',
}
Parameters
The following parameters are available in the snmp::snmpv3_user
defined type:
authpass
Data type: String[8]
Authentication password for the user.
authtype
Data type: Enum['SHA','MD5']
Authentication type for the user. SHA or MD5
Default value: 'SHA'
privpass
Data type: Optional[String[8]]
Encryption password for the user.
Default value: undef
privtype
Data type: Enum['AES','DES']
Encryption type for the user. AES or DES
Default value: 'AES'
daemon
Data type: Enum['snmpd','snmptrapd']
Which daemon file in which to write the user. snmpd or snmptrapd
Default value: 'snmpd'
Functions
Changelog
All notable changes to this project will be documented in this file. Each new release typically also includes the latest modulesync defaults. These should not affect the functionality of the module.
v6.0.0 (2021-08-26)
Breaking changes:
- Support Ubuntu 20.04; Drop EoL Debian 8, Ubuntu 16.04 #247 (kenyon)
- Drop Puppet 5 support; enable Puppet 7 support #242 (bastelfreak)
- Drop EoL CentOS 6 #237 (bastelfreak)
Implemented enhancements:
- puppetlabs/stdlib: Allow 7.x #241 (bastelfreak)
- camptocamp/systemd: allow 3.x #240 (bastelfreak)
- Support management of snmptrapd #234 (elmobp)
- Add parameters pass and pass_persist. #233 (olifre)
Closed issues:
Merged pull requests:
- Allow stdlib 8.0.0 #248 (smortex)
- switch from camptocamp/systemd to voxpupuli/systemd #245 (bastelfreak)
- modulesync 3.0.0 & puppet-lint updates #230 (bastelfreak)
v5.1.1 (2020-06-30)
Fixed bugs:
- Dependency on stdlib versions incorrect for version 5.1.0 ; types/ip/address/v6/cidr.pp and type Stdlib::IP::Address::V6::CIDR does not exist in 4.25.0 #224
v5.1.0 (2020-04-18)
Implemented enhancements:
- use systemd for debian 9 snmpd options #216 (hdep)
- Support Debian 10 #214 (antondollmaier)
Fixed bugs:
- snmpd_options parameter does not work with Debian 9 #110
Merged pull requests:
v5.0.0 (2020-01-22)
After consulting with the community, it was decided not to remove traditional access control. The feature had been marked as deprecated for a long time, (before Vox Pupuli took over maintenance). We have committed to keeping this feature (but still recommend using VACM instead).
Breaking changes:
- drop Ubuntu 14.04 support #208 (bastelfreak)
- drop EOL FreeBSD and OpenBSD #200 (Dan33l)
- modulesync 2.5.1 and drop Puppet 4 #177 (bastelfreak)
Implemented enhancements:
- Provide a higher-level interface to snmpd #54
- "Debian will not support the use of non-numeric OIDs" #16
- Convert from params to data in module #181 (ghoneycutt)
Fixed bugs:
- Dependancy listings are out of date #178
- Failure to set authpass/privpass containing a dollar sign #173
- rouser in snmpd.conf missing for v3 auth #9
- Set snmpd stop command based on the node's default service provider #204 (blackknight36)
- Updated stdlib to 4.22.0 #179 (thaylin)
- Rewrite user creation to prevent quoting bug (fixes #173) #176 (smoeding)
Closed issues:
- unit tests are failing #199
- Clean up function puppet-strings docs #185
- Deprecate razorsedge/snmp #163
Merged pull requests:
- Remove duplicate CONTRIBUTING.md file #209 (dhoppe)
- Install client only when required to avoid potential duplicate resource. #203 (pillarsdotnet)
- Allow puppetlabs/stdlib 6.x #202 (pillarsdotnet)
- remove BSD from hiera data #201 (Dan33l)
- Mark
snmp::snmpv3_usm_hash
as private #186 (alexjfisher)
v4.1.0 (2018-11-23)
Implemented enhancements:
Fixed bugs:
Merged pull requests:
- use puppet strings format for reference #167 (Dan33l)
- add acceptance tests with beaker #166 (Dan33l)
v4.0.0 (2018-11-08)
Breaking changes:
- Remove the use of global variables #145 (ekohl)
- Remove
validate_numeric
andvalidate_string
#144 (alexjfisher) - Remove deprecated
install_client
parameter #143 (alexjfisher) - Migrate stuff to Vox Pupuli; Drop Puppet 2/3 support; require stdlib 4.13.1 or newer #135 (bastelfreak)
Implemented enhancements:
- Debian Stretch (new stable) use a different user for snmpd #108
- Add $snmpv2_enable parameter #136 (hdep)
- Add ubuntu 18.04 support #130 (cliff-wakefield)
Fixed bugs:
- validate_numeric() and friends are deprecated in stdlib #111
- Unknown variable: '::snmp_agentaddress' error #65
- Fix typo in snmp::params: s/extemds/extends/ #133 (chundaoc)
Closed issues:
- Prepare for release 4.0.0 #153
- Needs to be updated to support Ubuntu 18 #151
- Release the current version on the forge #138
- Test cases are broken #132
- cannot disable VACM #129
extemds
variable typo #123
Merged pull requests:
- update deprecation notice #161 (Dan33l)
- update CONTRIBUTING.md copied from .github/CONTRIBUTING.md #160 (Dan33l)
- cleanup about OSes in README #159 (Dan33l)
- move copyright notice from manifests to updated Development section in README #158 (Dan33l)
- Use rspec-puppet-facts #155 (Dan33l)
- use structured facts #154 (Dan33l)
- modulesync 2.2.0 and allow puppet 6.x #150 (bastelfreak)
- Various refactoring to improve code readability #149 (alexjfisher)
- Replace validation logic for *service_ensure. #148 (vStone)
- Replace validate_array with proper data types #147 (vStone)
- Replace instances of validate_re with Enum type #146 (alexjfisher)
- Replace
validate_bool
withBoolean
data type #142 (alexjfisher) - Unpin stdlib in fixtures.yml #141 (alexjfisher)
- Include full Apache 2.0 license text and add badge #140 (alexjfisher)
3.9.0 (2018-01-07)
Implemented enhancements:
- adding possibility to configure extend-slines in snmpd.conf #118 (tjungbauer)
- Added extra logic to handle Debian 9 (Stretch) #113 (Pavulon007)
Fixed bugs:
- Using an array for ro_community breaks snmptrapd #106
3.8.1 (2017-06-15)
Fixed bugs:
3.8.0 (2017-05-28)
Implemented enhancements:
Fixed bugs:
- Change - Update requirements for the snmp::client class #98 (blackknight36)
Merged pull requests:
- Update requirements for the snmp client class #105 (blackknight36)
3.7.0 (2017-04-23)
Implemented enhancements:
- Support service_config_dir_group class parameter #93 (adepretis)
- Add Dell OpenManage StorageServices smux OID #90 (vide)
- Add OpenBSD to the supported operating systems, similar to FreeBSD #74 (buzzdeee)
- Create Parameters for template files. #73 (aschaber1)
Fixed bugs:
- CI failing, Module sync out of date. #75
Closed issues:
- File permissions do not match the ones of the net-snmp #81
3.6.0 (2015-12-20)
Implemented enhancements:
Fixed bugs:
- creating snmpv3 users fails with passphrases containing spaces #33
3.5.0 (2015-10-15)
Implemented enhancements:
Fixed bugs:
3.4.0 (2015-07-07)
Implemented enhancements:
- Creating snmpv3 users on loaded system fails #46
- snmpd_options and other /etc/defaults/snmpd options is not in docs #30
- rocommunity commented out #10
Fixed bugs:
- ro_community cannot be set to 'undef' to remove from ERB template #36
- skip zero length strings in ERB template output #41 (bdellegrazie)
Closed issues:
- Not possible to not start snmptrapd service #52
- No support for syslocation/syscontact #45
- CentOS 7.1 breaks params.rb #44
3.3.1 (2015-01-03)
3.3.0 (2014-12-29)
Implemented enhancements:
ensure => absent
fails on el5/el6 if net-snmp-utils is installed #20- Add support for Dell's OpenManage #28 (erinn)
- Disable logging from tcpwrappers in snmpd.conf #27 (erinn)
- IPv6 support round 2 #26 (erinn)
3.2.0 (2014-10-07)
Implemented enhancements:
- dynamic sysname? #14
Fixed bugs:
- Future parser and puppet-snmp #23
Merged pull requests:
3.1.0 (2014-05-25)
Closed issues:
- The documentation for init.pp incorrectly suggests that the snmp class takes a 'services' parameter #11
3.0.0 (2013-07-13)
Implemented enhancements:
2.0.0 (2013-06-23)
Merged pull requests:
- modified templates to dereference class parameters #2 (hakamadare)
1.0.1 (2012-05-26)
1.0.0 (2012-05-07)
* This Changelog was automatically generated by github_changelog_generator
Dependencies
- puppetlabs/stdlib (>= 5.2.0 < 9.0.0)
- puppet/systemd (>= 2.5.1 < 4.0.0)
Copyright (C) 2012 Mike Arnold <mike@razorsedge.org> Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.