From f48ce96e7fd0d2fe198845f0e2bd76f95d221fb3 Mon Sep 17 00:00:00 2001
From: Charles Rose <charles_rose@dell.com>
Date: Thu, 12 Dec 2013 16:10:11 -0500
Subject: [PATCH] Incorporate upstream comments to #289, add whitespace, other
cleanup
---
contrib/bmc-snmp-proxy | 130 +++++++++++++++++++++++++++++--------------------
1 file changed, 76 insertions(+), 54 deletions(-)
diff --git a/contrib/bmc-snmp-proxy b/contrib/bmc-snmp-proxy
index 1704ef3..98479b9 100644
--- a/contrib/bmc-snmp-proxy
+++ b/contrib/bmc-snmp-proxy
@@ -3,7 +3,7 @@
#
# bmc-snmp-proxy: Set SNMP proxy to BMC (Baseboard Management Controller)
#
-# version: 0.6
+# version: 0.62
#
# Authors: Charles Rose <charles_rose@dell.com>
# Jordan Hargrave <jordan_hargrave@dell.com>
@@ -20,9 +20,9 @@
SYSCONF_DIR="/etc/sysconfig"
CONFIG="${SYSCONF_DIR}/bmc-snmp-proxy"
-SNMPD_LOCAL_CONF_DIR="/etc/snmp/bmc"
-SNMPD_LOCAL_CONF="${SNMPD_LOCAL_CONF_DIR}/snmpd.local.conf"
-TRAPD_LOCAL_CONF="${SNMPD_LOCAL_CONF_DIR}/snmptrapd.local.conf"
+SNMPD_BMC_CONF_DIR="/etc/snmp/bmc"
+SNMPD_BMC_CONF="${SNMPD_BMC_CONF_DIR}/snmpd.local.conf"
+TRAPD_BMC_CONF="${SNMPD_BMC_CONF_DIR}/snmptrapd.local.conf"
TRAPD_CONF="/etc/snmp/snmptrapd.conf"
@@ -57,14 +57,16 @@ bmc_info_exists()
else
RETVAL=2
fi
+
return $RETVAL
}
check_snmp()
{
- if [ ! -d /etc/snmp ] && [ ! -x /usr/sbin/snmpd ]; then
+ if [ ! -d /etc/snmp ] || [ ! -x /usr/sbin/snmpd ]; then
RETVAL=12
fi
+
return $RETVAL
}
@@ -77,11 +79,12 @@ write_snmp_conf()
printf "###############################################\n"
printf "# Automatically created by %s #\n" "${SCRIPT_NAME}"
printf "###############################################\n"
- printf "view bmcview included %s 80\n" "${BMC_OID}"
- printf "com2sec -Cn bmc_ctx bmc_sec default bmc_cmty\n"
- printf "group bmc_grp v1 bmc_sec\n"
- printf "access bmc_grp bmc_ctx any noauth exact bmcview none none\n"
- printf "proxy -Cn bmc_ctx -v 1 %s\n" "${PROXY_TOKEN}"
+ printf "#view bmcview included %s 80\n" "${BMC_OID}"
+ printf "#com2sec -Cn bmc_ctx bmc_sec default bmc_cmty\n"
+ printf "#group bmc_grp v1 bmc_sec\n"
+ printf "#access bmc_grp bmc_ctx any noauth exact bmcview none none\n"
+ printf "#proxy -Cn bmc_ctx -v 1 %s\n" "${PROXY_TOKEN}"
+ printf "proxy -v 1 %s\n" "${PROXY_TOKEN}"
printf "###############################################\n"
}
@@ -92,6 +95,7 @@ valid_ip()
printf -- "%s" "${1}"| grep -Eq \
"^${octet}\\.${octet}\\.${octet}\\.${octet}$"
+
return $?
}
@@ -112,37 +116,38 @@ set_snmp_proxy()
if check_vars; then
PROXY_TOKEN="-c ${BMC_COMMUNITY} ${BMC_IPv4} ${BMC_OID}"
- if [ ! -d ${SNMPD_LOCAL_CONF_DIR} ] && \
- mkdir ${SNMPD_LOCAL_CONF_DIR}; then
- write_snmp_conf > ${SNMPD_LOCAL_CONF}
- [ $? -ne 0 ] && RETVAL=4
+ if [ -d ${SNMPD_BMC_CONF_DIR} ]; then
+ write_snmp_conf > ${SNMPD_BMC_CONF} || RETVAL=4
fi
else
RETVAL=3
fi
}
-
set_snmpd_conf_path()
{
- for SYSCONF in ${SYSCONF_DIR}/snmp*d;
+ if [ ! -d ${SNMPD_BMC_CONF_DIR} ]; then
+ mkdir ${SNMPD_BMC_CONF_DIR} || RETVAL=7
+ fi
+
+ # We need SNMPCONFPATH set for both snmpd and snmptrapd
+ for sysconf in ${SYSCONF_DIR}/snmp*d;
do
- if grep -q "${SNMPD_LOCAL_CONF_DIR}" "${SYSCONF}" > \
- /dev/null 2>&1; then
- continue
- else
- printf "SNMPCONFPATH=%s\n" "${SNMPD_LOCAL_CONF_DIR}" \
- >> ${SYSCONF} || RETVAL=7
+ if ! grep -q "^SNMPCONFPATH.*${SNMPD_BMC_CONF_DIR}" \
+ "${sysconf}" > /dev/null 2>&1; then
+ printf "SNMPCONFPATH=/etc/snmp:%s\n" \
+ "${SNMPD_BMC_CONF_DIR}" >> ${sysconf} || \
+ RETVAL=7
fi
done
+
return $RETVAL
}
disable_snmp_proxy()
{
- if [ -f ${SNMPD_LOCAL_CONF} ]; then
- rm -f ${SNMPD_LOCAL_CONF}
- [ $? -ne 0 ] && RETVAL=5
+ if [ -f ${SNMPD_BMC_CONF} ]; then
+ rm -f ${SNMPD_BMC_CONF} || RETVAL=5
fi
}
#############################################################################
@@ -152,6 +157,7 @@ disable_snmp_proxy()
pick_alert_dest()
{
test_ip="$1"
+ # We have 4 IPv4 and 4 IPv6 alert dest. We will set IPv4 for now.
for ALERT_DEST in `seq 1 4`
do
temp_ip=$(${IPMITOOL} lan alert print ${CHANNEL} ${ALERT_DEST}\
@@ -165,12 +171,12 @@ pick_alert_dest()
set_alert_dest_ip()
{
${IPMITOOL} lan alert set ${CHANNEL} ${ALERT_DEST} ipaddr ${1} \
- retry 4 type pet >/dev/null 2>&1
- [ $? -ne 0 ] && RETVAL=8
+ retry 4 type pet >/dev/null 2>&1 || RETVAL=8
}
-bmc_alert_dest()
+config_bmc_alert_dest()
{
+ # call with enable|disable
# Pick the first active LAN channel
for CHANNEL in `seq 1 14`
do
@@ -180,12 +186,12 @@ bmc_alert_dest()
# If TRAPD_IP is already set as an alert dest,
if pick_alert_dest "${TRAPD_IP}"; then
- # reset: reset it if we are called with reset
- [ "${1}" = "reset" ] && \
+ # disable: reset it if we are called with disable
+ [ "${1}" = "disable" ] && \
set_alert_dest_ip "0.0.0.0"
# else, find the next free alert dest,
elif pick_alert_dest "0.0.0.0"; then
- [ "${1}" = "reset" ] && \
+ [ "${1}" = "disable" ] && \
return $RETVAL
# set: the TRAPD_IP
set_alert_dest_ip "${TRAPD_IP}"
@@ -193,42 +199,54 @@ bmc_alert_dest()
# No free alert destinations
RETVAL=9
fi
+
return $RETVAL
}
-set_ipmi_alert()
+set_ipmi_pef()
{
- ${IPMITOOL} lan set ${CHANNEL} alert "${1}" >/dev/null 2>&1
- [ $? -ne 0 ] && RETVAL=10
+ # Needs ipmitool-1.8.13 + patches
+ ${IPMITOOL} pef setpolicy ${ALERT_DEST} "${1}" >/dev/null 2>&1 || \
+ RETVAL=10
}
get_host_ip()
{
- # Get host's IP that the BMC can reach.
+ # Get host's IP that the BMC can reach. This is at best a hack.
IFACE=$(/usr/sbin/ip -o -f inet address |awk '!/: lo/ {print $2}')
+
for dev in ${IFACE}
do
- ping -c 1 -I ${dev} ${BMC_IPv4} > /dev/null 2>&1
+ temp_ping=$(ping -c 1 -I ${dev} ${BMC_IPv4})
+ [ $? -ne 0 ] && continue
+
+ printf -- "%s" "$temp_ping"| awk 'NR==1{print $5}' && break
done
}
config_bmc_alert()
{
+ # Do two things
+ # Set/Reset TRAP IP in BMC
+ # Enable/Disable PEF alerting in BMC for TRAP
+
# Get Host's IP that the BMC can send traps to
TRAPD_IP=$(get_host_ip)
# Set Host's IP as the alert destination in the BMC
- valid_ip ${TRAPD_IP} && bmc_alert_dest "${ACTION}"
+ valid_ip ${TRAPD_IP} && config_bmc_alert_dest "${ACTION}"
+
+ # Enable/Disable alerting on the LAN channel
+ [ $RETVAL -eq 0 ] && set_ipmi_pef "${ACTION}"
- # Enable alerting on the LAN channel
- [ $RETVAL -eq 0 ] && set_ipmi_alert "${ACTION}"
+ return $RETVAL
}
write_trapd_conf()
{
printf "###############################################\n"
printf "# Automatically created by %s #\n" "${SCRIPT_NAME}"
- printf "forward %s %s\n" "${BMC_OID}*" "${FORWARD_HOST}"
+ printf "forward default %s\n" "${FORWARD_HOST}"
printf "###############################################\n"
}
@@ -236,10 +254,9 @@ config_trapd()
{
# Proceed only if snmptrapd is available on the system
if [ -f ${TRAPD_CONF} ]; then
- write_trapd_conf > ${TRAPD_LOCAL_CONF}
- [ $? -ne 0 ] && RETVAL=11
+ write_trapd_conf > ${TRAPD_BMC_CONF} || RETVAL=11
else
- return 1
+ RETVAL=11
fi
}
@@ -249,6 +266,7 @@ trap_sink_exists()
# multiple
FORWARD_HOST=$(awk '/^trap.*sink/{print $2}; /^informsink/{print $2}' \
/etc/snmp/snmpd*conf | head -1)
+
if [ -z "${FORWARD_HOST}" ]; then
# there is no trapsink setup.
return 1
@@ -261,19 +279,20 @@ trap_sink_exists()
trap_forward()
{
NO_TRAP=0
- ACTION=${1} # set or reset
+ ACTION=${1} # enable or disable
- if [ "${ACTION}" = "set" ]; then
+ if [ "${ACTION}" = "enable" ]; then
# Get trapd config,
if trap_sink_exists; then
- config_trapd && config_bmc_alert
+ config_bmc_alert && config_trapd
else
# exit silently if there is no sink
NO_TRAP=1
fi
else
- if [ -f ${TRAPD_LOCAL_CONF} ]; then
- rm -f ${TRAPD_LOCAL_CONF} >/dev/null 2>&1
+ if [ -f ${TRAPD_BMC_CONF} ]; then
+ rm -f ${TRAPD_BMC_CONF} >/dev/null 2>&1
+ config_bmc_alert
else
NO_TRAP=1
fi
@@ -288,7 +307,6 @@ service_reload()
service $1 reload
[ $? -ne 0 ] && RETVAL=6
fi
- return
}
#############################################################################
@@ -296,11 +314,12 @@ start()
{
if bmc_info_exists && check_snmp; then
touch ${LOCKFILE}
+
set_snmpd_conf_path && set_snmp_proxy
[ $RETVAL -eq 0 ] && service_reload snmpd
if [ "${TRAP_FORWARD}" = "yes" ]; then
- trap_forward "set"
+ trap_forward "enable"
[ $RETVAL -eq 0 ] && [ $NO_TRAP -eq 0 ] && \
service_reload snmptrapd
fi
@@ -316,10 +335,11 @@ stop()
[ $RETVAL -eq 0 ] && service_reload snmpd
if [ "${TRAP_FORWARD}" = "yes" ]; then
- trap_forward "reset"
+ trap_forward "disable"
[ $RETVAL -eq 0 ] && [ $NO_TRAP -eq 0 ] && \
service_reload snmptrapd
fi
+
rm -f ${LOCKFILE}
fi
}
@@ -329,12 +349,13 @@ status()
{
eval_gettext "${SCRIPT_NAME}: snmp proxy to BMC is "
# Checking for lockfile is better.
- #if grep -q "^proxy" "${SNMPD_LOCAL_CONF}" > /dev/null 2>&1 ; then
+ #if grep -q "^proxy" "${SNMPD_BMC_CONF}" > /dev/null 2>&1 ; then
if [ -f ${LOCKFILE} ]; then
eval_gettext "set"
else
eval_gettext "not set"
fi
+
echo
RETVAL=0
}
@@ -360,10 +381,10 @@ case "$RETVAL" in
0|1) ;;
2) eval_gettext "${SCRIPT_NAME}: failed to read ${BMC_INFO} " 1>&2 ;;
3) eval_gettext "${SCRIPT_NAME}: failed to get proxy config." 1>&2 ;;
- 4) eval_gettext "${SCRIPT_NAME}: failed to set ${SNMPD_LOCAL_CONF}." 1>&2 ;;
+ 4) eval_gettext "${SCRIPT_NAME}: failed to set ${SNMPD_BMC_CONF}." 1>&2 ;;
5) eval_gettext "${SCRIPT_NAME}: failed to disable snmp proxy." 1>&2 ;;
6) eval_gettext "${SCRIPT_NAME}: failed to reload snmpd." 1>&2 ;;
- 7) eval_gettext "${SCRIPT_NAME}: failed to update ${SYSCONF}." 1>&2 ;;
+ 7) eval_gettext "${SCRIPT_NAME}: failed to set snmpd config." 1>&2 ;;
8) eval_gettext "${SCRIPT_NAME}: failed to set IPMI alert dest." 1>&2 ;;
9) eval_gettext "${SCRIPT_NAME}: no free IPMI alert dest." 1>&2 ;;
10) eval_gettext "${SCRIPT_NAME}: failed to set IPMI PEF." 1>&2 ;;
@@ -375,6 +396,7 @@ esac
if [ ${RETVAL} -gt 1 ]; then
eval_gettext " Return code: ${RETVAL}"; echo
fi
+
exit ${RETVAL}
#############################################################################
# end of file
--
1.8.3.1