Comments (16)
Hmm, is not that p
variable assigned unconditionally prior to reading the folder?
from snmpsim.
I tried to run this on Fedora with python3 and 2, and on Centos7 with python 2. In both distros it works with normal user but doesn't with root. The nobody
group is present on both systems.
Here is pip freeze
(snmpsim-env) [root@management ~]# pip freeze
ply==3.11
pyasn1==0.4.5
pycryptodomex==3.7.2
pysmi==0.3.3
pysnmp==4.4.8
snmpsim==0.4.5
from snmpsim.
I can't reproduce this issue so far. Is there any traceback revealing line number? Or may be you could run snmpsimd
with --debug all
in hope that this will give us more hints on where exactly it fails?
from snmpsim.
I can get a stack trace for you, I track it down to the pysnmp
, an import error happens at ZipMibBuider
or something like this. I send it to you tonight! (I'm not in home now)
from snmpsim.
ImportError here https://github.com/etingof/pysnmp/blob/master/pysnmp/smi/builder.py#L161
and them it follows to https://github.com/etingof/pysnmp/blob/master/pysnmp/smi/builder.py#L229 where listdir
fails before p
is assigned, and is referred here: https://github.com/etingof/pysnmp/blob/master/pysnmp/smi/builder.py#L239
I was trying to get something alike with normal user but it seems to take totally different path. I notice that ZipMibSource
was never invoked with user. The same break points aren't reached. What I could see is that with root it enters at https://github.com/etingof/snmpsim/blob/master/scripts/snmpsimd.py#L1200 where the user doesn't. It could be something on my environment? I have a VM where is triggering this behavior, I can share with you.
from snmpsim.
Here it is:
(snmpsim) [root@localhost ~]# snmpsimd.py --data-dir ./data --agent-udpv4-endpoint=192.168.123.1:1611 --process-user=nobody --process-group=nobody
Scanning "/root/.snmpsim/variation" directory for variation modules...
Directory "/root/.snmpsim/variation" does not exist
Scanning "/root/snmpsim/snmpsim/variation" directory for variation modules...
Directory "/root/snmpsim/snmpsim/variation" does not exist
Scanning "/root/snmpsim/share/snmpsim/variation" directory for variation modules...
Directory "/root/snmpsim/share/snmpsim/variation" does not exist
Scanning "/root/snmpsim/lib64/python3.6/site-packages/snmpsim/variation" directory for variation modules...
Directory "/root/snmpsim/lib64/python3.6/site-packages/snmpsim/variation" does not exist
> /root/snmpsim/lib64/python3.6/site-packages/pysnmp/smi/builder.py(240)_getData()
(Pdb) bt
/root/snmpsim/bin/snmpsimd.py(1363)<module>()
/root/snmpsim/lib64/python3.6/site-packages/pysnmp/entity/engine.py(63)__init__()
/root/snmpsim/lib64/python3.6/site-packages/pysnmp/proto/rfc3412.py(32)__init__()
/root/snmpsim/lib64/python3.6/site-packages/pysnmp/smi/builder.py(381)loadModules()
/root/snmpsim/lib64/python3.6/site-packages/pysnmp/smi/builder.py(321)loadModule()
/root/snmpsim/lib64/python3.6/site-packages/pysnmp/smi/builder.py(81)read()
> /root/snmpsim/lib64/python3.6/site-packages/pysnmp/smi/builder.py(240)_getData()
(Pdb) why
PermissionError(13, 'Permission denied')
(Pdb)
from snmpsim.
This may be useful too:
(Pdb) self._srcName
'pysnmp.smi.mibs'
(Pdb)
from snmpsim.
Thank you for the thorough report! This reminds me that we've had similar problem in OpenStack...
Commit etingof/pysnmp@fd7f6a7 in the release-4.4.9 branch should have fixed this problem.
I wonder if you could give it a try before I make a release?
from snmpsim.
For sure! I will ask you some patience since my Fedora died at the last update, I still have the VMs, as soon as I have my desk up to date I check it out for you. Regards!
from snmpsim.
No worries, take your time!
from snmpsim.
I have another problem right now, the release-4.4.9. dropPrivileges('nobody, 'nobody')
break SnmpEngine()
(snmpsim-env) [root@localhost ~]# python
Python 3.7.2 (default, Jan 3 2019, 09:14:01)
[GCC 8.2.1 20181215 (Red Hat 8.2.1-6)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from pysnmp.entity.engine import SnmpEngine
>>> from snmpsim.daemon import dropPrivileges
>>>
>>> SnmpEngine()
SnmpEngine(snmpEngineID=<SnmpEngineID value object at 0x7fd6ac757198 tagSet <TagSet object at 0x7fd6af2dcc88 tags 0:0:4> subtypeSpec <ConstraintsIntersection object at 0x7fd6ac757358 consts <ValueSizeConstraint object at 0x7fd6af2b8080 consts 0, 65535>, <ValueSizeConstraint object at 0x7fd6ac757320 consts 5, 32>> encoding iso-8859-1 payload [0x80004fb8056c6f...63616c6413be2f88]>)
>>>
>>>
>>> dropPrivileges('nobody', 'nobody')
>>> SnmpEngine()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/root/snmpsim-env/lib64/python3.7/site-packages/pysnmp/entity/engine.py", line 91, in __init__
File "/root/snmpsim-env/lib64/python3.7/site-packages/pysnmp/smi/builder.py", line 426, in importSymbols
pysnmp.smi.error.MibNotFoundError: No module __SNMP-FRAMEWORK-MIB loaded at <pysnmp.smi.builder.MibBuilder object at 0x7fd6ac770be0>
>>>
from snmpsim.
This is a better way of running the test:
from unittest import TestCase, main
from snmpsim.daemon import dropPrivileges
from pysnmp.entity.engine import SnmpEngine
class DropPrivileges(TestCase):
def test_dropPrivileges(self):
'SnmpEngine should work after dropping privileges'
dropPrivileges('nobody', 'nobody')
SnmpEngine()
if __name__ == '__main__':
main(verbosity=2)
from snmpsim.
I just created a pull request, for this. I move the privileges drop to the end of file, just before starting the server (and opening the ports), is this okay? Is there any tests for validating the rest?
Regards!!!
from snmpsim.
from snmpsim.
Just a little comment,
There is still a little bug at https://github.com/etingof/pysnmp/blob/master/pysnmp/smi/builder.py#L241. If user hasn't permission to read self._srcName
folder an PermissionError
is raised. Since permission error is an specialization of OSError
the flow controls jump to the pointed line, prior assigning p
, this leads to p referenced before assignment
error.
This would only happen if you pass a user at --process-user
that wasn't the user used to install pysnmp
. Is just a matter of passing the right user and everything works.
from snmpsim.
Yeah you're right, I was using an old revision, sorry!
Regards!
from snmpsim.
Related Issues (20)
- SNMP communication HOT 8
- snmplabs.com HOT 6
- SnmpV3 HOT 6
- Option to disable uid=0 check HOT 9
- snmp simulator HOT 2
- IP and Port number in snmp simulator HOT 6
- Can the daemon return random values? HOT 1
- Not dumping to .snmprec and not populating SQL table HOT 1
- Unable to record from MIB HOT 6
- Permissions problems running snmpsim as root
- snmpbulkwalk times out
- Cannot Import UTILS from SNMPSIM
- Unable to import utils
- snmpsim-command-responder: command not found on installing with pip HOT 1
- Cannot retrieve data from snmpsim with SNMP V3 HOT 1
- decodeMessageVersion takes 3 positional arguments but 4 were given. Cannot connect to the agent using SNMP Walk HOT 18
- snmpsimd.py is crashing on startup HOT 1
- No context in SNMP V3? HOT 4
- Any way to make mib2rec.py automatic?
- Cannot retrieve any data from simulator using any version HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from snmpsim.