Blob Blame History Raw
From f48ce96e7fd0d2fe198845f0e2bd76f95d221fb3 Mon Sep 17 00:00:00 2001
From: Charles Rose <charles_rose@dell.com>
Date: Thu, 12 Dec 2013 16:10:11 -0500
Subject: [PATCH] Incorporate upstream comments to #289, add whitespace, other
 cleanup

---
 contrib/bmc-snmp-proxy | 130 +++++++++++++++++++++++++++++--------------------
 1 file changed, 76 insertions(+), 54 deletions(-)

diff --git a/contrib/bmc-snmp-proxy b/contrib/bmc-snmp-proxy
index 1704ef3..98479b9 100644
--- a/contrib/bmc-snmp-proxy
+++ b/contrib/bmc-snmp-proxy
@@ -3,7 +3,7 @@
 #
 # bmc-snmp-proxy:	Set SNMP proxy to BMC (Baseboard Management Controller)
 #
-# version:	0.6
+# version:	0.62
 #
 # Authors:	Charles Rose <charles_rose@dell.com>
 #		Jordan Hargrave <jordan_hargrave@dell.com>
@@ -20,9 +20,9 @@
 SYSCONF_DIR="/etc/sysconfig"
 CONFIG="${SYSCONF_DIR}/bmc-snmp-proxy"
 
-SNMPD_LOCAL_CONF_DIR="/etc/snmp/bmc"
-SNMPD_LOCAL_CONF="${SNMPD_LOCAL_CONF_DIR}/snmpd.local.conf"
-TRAPD_LOCAL_CONF="${SNMPD_LOCAL_CONF_DIR}/snmptrapd.local.conf"
+SNMPD_BMC_CONF_DIR="/etc/snmp/bmc"
+SNMPD_BMC_CONF="${SNMPD_BMC_CONF_DIR}/snmpd.local.conf"
+TRAPD_BMC_CONF="${SNMPD_BMC_CONF_DIR}/snmptrapd.local.conf"
 
 TRAPD_CONF="/etc/snmp/snmptrapd.conf"
 
@@ -57,14 +57,16 @@ bmc_info_exists()
 	else
 		RETVAL=2
 	fi
+
 	return $RETVAL
 }
 
 check_snmp()
 {
-	if [ ! -d /etc/snmp ] && [ ! -x /usr/sbin/snmpd ]; then
+	if [ ! -d /etc/snmp ] || [ ! -x /usr/sbin/snmpd ]; then
 		RETVAL=12
 	fi
+
 	return $RETVAL
 }
 
@@ -77,11 +79,12 @@ write_snmp_conf()
 	printf "###############################################\n"
 	printf "# Automatically created by %s #\n" "${SCRIPT_NAME}"
 	printf "###############################################\n"
-	printf "view bmcview included %s 80\n" "${BMC_OID}"
-	printf "com2sec -Cn bmc_ctx bmc_sec default bmc_cmty\n"
-	printf "group bmc_grp v1 bmc_sec\n"
-	printf "access bmc_grp bmc_ctx any noauth exact bmcview none none\n"
-	printf "proxy -Cn bmc_ctx -v 1 %s\n" "${PROXY_TOKEN}"
+	printf "#view bmcview included %s 80\n" "${BMC_OID}"
+	printf "#com2sec -Cn bmc_ctx bmc_sec default bmc_cmty\n"
+	printf "#group bmc_grp v1 bmc_sec\n"
+	printf "#access bmc_grp bmc_ctx any noauth exact bmcview none none\n"
+	printf "#proxy -Cn bmc_ctx -v 1 %s\n" "${PROXY_TOKEN}"
+	printf "proxy -v 1 %s\n" "${PROXY_TOKEN}"
 	printf "###############################################\n"
 }
 
@@ -92,6 +95,7 @@ valid_ip()
 
         printf -- "%s" "${1}"| grep -Eq \
 		"^${octet}\\.${octet}\\.${octet}\\.${octet}$"
+
         return $?
 }
 
@@ -112,37 +116,38 @@ set_snmp_proxy()
 	if check_vars; then
 		PROXY_TOKEN="-c ${BMC_COMMUNITY} ${BMC_IPv4} ${BMC_OID}"
 
-		if [ ! -d ${SNMPD_LOCAL_CONF_DIR} ] && \
-			 	mkdir ${SNMPD_LOCAL_CONF_DIR}; then
-			write_snmp_conf > ${SNMPD_LOCAL_CONF}
-			[ $? -ne 0 ] && RETVAL=4
+		if [ -d ${SNMPD_BMC_CONF_DIR} ]; then
+			write_snmp_conf > ${SNMPD_BMC_CONF} || RETVAL=4
 		fi
 	else
 		RETVAL=3
 	fi
 }
 
-
 set_snmpd_conf_path()
 {
-	for SYSCONF in ${SYSCONF_DIR}/snmp*d;
+	if [ ! -d ${SNMPD_BMC_CONF_DIR} ]; then
+		mkdir ${SNMPD_BMC_CONF_DIR} || RETVAL=7
+	fi
+
+	# We need SNMPCONFPATH set for both snmpd and snmptrapd
+	for sysconf in ${SYSCONF_DIR}/snmp*d;
 	do
-		if grep -q "${SNMPD_LOCAL_CONF_DIR}" "${SYSCONF}" > \
-				 /dev/null 2>&1; then
-			continue
-		else
-			printf "SNMPCONFPATH=%s\n" "${SNMPD_LOCAL_CONF_DIR}" \
-				>> ${SYSCONF} || RETVAL=7
+		if ! grep -q "^SNMPCONFPATH.*${SNMPD_BMC_CONF_DIR}" \
+			"${sysconf}" > /dev/null 2>&1; then
+			printf "SNMPCONFPATH=/etc/snmp:%s\n" \
+				"${SNMPD_BMC_CONF_DIR}" >> ${sysconf} || \
+				RETVAL=7
 		fi
 	done
+
 	return $RETVAL
 }
 
 disable_snmp_proxy()
 {
-	if [ -f ${SNMPD_LOCAL_CONF} ]; then
-		rm -f ${SNMPD_LOCAL_CONF}
-		[ $? -ne 0 ] && RETVAL=5
+	if [ -f ${SNMPD_BMC_CONF} ]; then
+		rm -f ${SNMPD_BMC_CONF} || RETVAL=5
 	fi
 }
 #############################################################################
@@ -152,6 +157,7 @@ disable_snmp_proxy()
 pick_alert_dest()
 {
 	test_ip="$1"
+	# We have 4 IPv4 and 4 IPv6 alert dest. We will set IPv4 for now.
 	for ALERT_DEST in `seq 1 4`
 	do
 		temp_ip=$(${IPMITOOL} lan alert print ${CHANNEL} ${ALERT_DEST}\
@@ -165,12 +171,12 @@ pick_alert_dest()
 set_alert_dest_ip()
 {
 	${IPMITOOL} lan alert set ${CHANNEL} ${ALERT_DEST} ipaddr ${1} \
-		retry 4 type pet >/dev/null 2>&1
-	[ $? -ne 0 ] && RETVAL=8
+		retry 4 type pet >/dev/null 2>&1 || RETVAL=8
 }
 
-bmc_alert_dest()
+config_bmc_alert_dest()
 {
+	# call with enable|disable
 	# Pick the first active LAN channel
         for CHANNEL in `seq 1 14`
         do
@@ -180,12 +186,12 @@ bmc_alert_dest()
 
 	# If TRAPD_IP is already set as an alert dest,
 	if pick_alert_dest "${TRAPD_IP}"; then
-		# reset: reset it if we are called with reset
-		[ "${1}" = "reset" ] && \
+		# disable: reset it if we are called with disable
+		[ "${1}" = "disable" ] && \
 			set_alert_dest_ip "0.0.0.0"
 	# else, find the next free alert dest,
 	elif pick_alert_dest "0.0.0.0"; then
-		[ "${1}" = "reset" ] && \
+		[ "${1}" = "disable" ] && \
 			return $RETVAL
 		# set: the TRAPD_IP
 		set_alert_dest_ip "${TRAPD_IP}"
@@ -193,42 +199,54 @@ bmc_alert_dest()
 		# No free alert destinations
 		RETVAL=9
 	fi
+
 	return $RETVAL
 }
 
-set_ipmi_alert()
+set_ipmi_pef()
 {
-	${IPMITOOL} lan set ${CHANNEL} alert "${1}" >/dev/null 2>&1
-	[ $? -ne 0 ] && RETVAL=10
+	# Needs ipmitool-1.8.13 + patches
+	${IPMITOOL} pef setpolicy ${ALERT_DEST} "${1}" >/dev/null 2>&1 || \
+		RETVAL=10
 }
 
 get_host_ip()
 {
-	# Get host's IP that the BMC can reach.
+	# Get host's IP that the BMC can reach. This is at best a hack.
 	IFACE=$(/usr/sbin/ip -o -f inet address |awk '!/: lo/ {print $2}')
+
 	for dev in ${IFACE}
 	do
-		ping -c 1 -I ${dev} ${BMC_IPv4} > /dev/null 2>&1
+		temp_ping=$(ping -c 1 -I ${dev} ${BMC_IPv4})
+		[ $? -ne 0 ] && continue
+
+		printf -- "%s" "$temp_ping"| awk 'NR==1{print $5}' && break
 	done
 }
 
 config_bmc_alert()
 {
+	# Do two things
+	# Set/Reset TRAP IP in BMC
+	# Enable/Disable PEF alerting in BMC for TRAP
+
 	# Get Host's IP that the BMC can send traps to
 	TRAPD_IP=$(get_host_ip)
 
 	# Set Host's IP as the alert destination in the BMC
-	valid_ip ${TRAPD_IP} && bmc_alert_dest "${ACTION}"
+	valid_ip ${TRAPD_IP} && config_bmc_alert_dest "${ACTION}"
+
+	# Enable/Disable alerting on the LAN channel
+	[ $RETVAL -eq 0 ] && set_ipmi_pef "${ACTION}"
 
-	# Enable alerting on the LAN channel
-	[ $RETVAL -eq 0 ] && set_ipmi_alert "${ACTION}"
+	return $RETVAL
 }
 
 write_trapd_conf()
 {
 	printf "###############################################\n"
 	printf "# Automatically created by %s #\n" "${SCRIPT_NAME}"
-	printf "forward %s %s\n" "${BMC_OID}*" "${FORWARD_HOST}"
+	printf "forward default %s\n" "${FORWARD_HOST}"
 	printf "###############################################\n"
 }
 
@@ -236,10 +254,9 @@ config_trapd()
 {
 	# Proceed only if snmptrapd is available on the system
 	if [ -f ${TRAPD_CONF} ]; then
-		write_trapd_conf > ${TRAPD_LOCAL_CONF}
-		[ $? -ne 0 ] && RETVAL=11
+		write_trapd_conf > ${TRAPD_BMC_CONF} || RETVAL=11
 	else
-		return 1
+		RETVAL=11
 	fi
 }
 
@@ -249,6 +266,7 @@ trap_sink_exists()
 	# multiple
 	FORWARD_HOST=$(awk '/^trap.*sink/{print $2}; /^informsink/{print $2}' \
 			/etc/snmp/snmpd*conf | head -1)
+
 	if [ -z "${FORWARD_HOST}" ]; then
 		# there is no trapsink setup.
 		return 1
@@ -261,19 +279,20 @@ trap_sink_exists()
 trap_forward()
 {
 	NO_TRAP=0
-	ACTION=${1} # set or reset
+	ACTION=${1} # enable or disable
 
-	if [ "${ACTION}" = "set" ]; then
+	if [ "${ACTION}" = "enable" ]; then
 		# Get trapd config,
 		if trap_sink_exists; then
-			config_trapd && config_bmc_alert
+			config_bmc_alert && config_trapd
 		else
 			# exit silently if there is no sink
 			NO_TRAP=1
 		fi
 	else
-		if [ -f ${TRAPD_LOCAL_CONF} ]; then
-			rm -f ${TRAPD_LOCAL_CONF} >/dev/null 2>&1
+		if [ -f ${TRAPD_BMC_CONF} ]; then
+			rm -f ${TRAPD_BMC_CONF} >/dev/null 2>&1
+			config_bmc_alert
 		else
 			NO_TRAP=1
 		fi
@@ -288,7 +307,6 @@ service_reload()
 		service $1 reload
 		[ $? -ne 0 ] && RETVAL=6
 	fi
-	return
 }
 
 #############################################################################
@@ -296,11 +314,12 @@ start()
 {
 	if bmc_info_exists && check_snmp; then
 		touch ${LOCKFILE}
+
 		set_snmpd_conf_path && set_snmp_proxy
 		[ $RETVAL -eq 0 ] && service_reload snmpd
 
 		if [ "${TRAP_FORWARD}" = "yes" ]; then
-			trap_forward "set"
+			trap_forward "enable"
 			[ $RETVAL -eq 0 ] && [ $NO_TRAP -eq 0 ] && \
 				service_reload snmptrapd
 		fi
@@ -316,10 +335,11 @@ stop()
 		[ $RETVAL -eq 0 ] && service_reload snmpd
 
 		if [ "${TRAP_FORWARD}" = "yes" ]; then
-			trap_forward "reset"
+			trap_forward "disable"
 			[ $RETVAL -eq 0 ] && [ $NO_TRAP -eq 0 ] && \
 				service_reload snmptrapd
 		fi
+
 		rm -f ${LOCKFILE}
 	fi
 }
@@ -329,12 +349,13 @@ status()
 {
 	eval_gettext "${SCRIPT_NAME}: snmp proxy to BMC is "
 	# Checking for lockfile is better.
-	#if grep -q "^proxy" "${SNMPD_LOCAL_CONF}" > /dev/null 2>&1 ; then
+	#if grep -q "^proxy" "${SNMPD_BMC_CONF}" > /dev/null 2>&1 ; then
 	if [ -f ${LOCKFILE} ]; then
 		eval_gettext "set"
 	else
 		eval_gettext "not set"
 	fi
+
 	echo
 	RETVAL=0
 }
@@ -360,10 +381,10 @@ case "$RETVAL" in
 	0|1) ;;
 	2) eval_gettext "${SCRIPT_NAME}: failed to read ${BMC_INFO} " 1>&2 ;;
 	3) eval_gettext "${SCRIPT_NAME}: failed to get proxy config." 1>&2 ;;
-	4) eval_gettext "${SCRIPT_NAME}: failed to set ${SNMPD_LOCAL_CONF}." 1>&2 ;;
+	4) eval_gettext "${SCRIPT_NAME}: failed to set ${SNMPD_BMC_CONF}." 1>&2 ;;
 	5) eval_gettext "${SCRIPT_NAME}: failed to disable snmp proxy." 1>&2 ;;
 	6) eval_gettext "${SCRIPT_NAME}: failed to reload snmpd." 1>&2 ;;
-	7) eval_gettext "${SCRIPT_NAME}: failed to update ${SYSCONF}." 1>&2 ;;
+	7) eval_gettext "${SCRIPT_NAME}: failed to set snmpd config." 1>&2 ;;
 	8) eval_gettext "${SCRIPT_NAME}: failed to set IPMI alert dest." 1>&2 ;;
 	9) eval_gettext "${SCRIPT_NAME}: no free IPMI alert dest." 1>&2 ;;
 	10) eval_gettext "${SCRIPT_NAME}: failed to set IPMI PEF." 1>&2 ;;
@@ -375,6 +396,7 @@ esac
 if [ ${RETVAL} -gt 1 ]; then
         eval_gettext " Return code: ${RETVAL}"; echo
 fi
+
 exit ${RETVAL}
 #############################################################################
 # end of file
-- 
1.8.3.1