Last Modified: Thu 21 Jun, 2018 09:25 AM
I use snmp quite a bit, including polling net-snmp on lots of Linux systems. For a very long time though, Debian (and apparently others) have shipped with a config that dumps a log message to syslog every time a connection was made. I'm not sure why, but it's been that way for many years and several releases.
I watch my logs too - and so one of the first things I generally want to do after setting up a new system is to turn that off - and in the past it was pretty easy:
Edit /etc/default/snmpd and change the line with SNMPDOPTS to start with "-LS0-5d" rather than "-Ls d" or similar. Then bounce the snmpd daemon and bob's your uncle.
Lots of sites on the Internet cover how to do this for varioius situations, such as this one.
That used to work, but now that we have systemd, this is more difficult. In particular I'm using Debian 9 Stretch now and it took more work.
Confusingly enough, the defaults file is still present and if you've done this before you might just make the changes you did before and assume they work - but they don't! You then might take a look at /etc/init.d/snmpd and see that it still includes the code that pulls in the defaults file and has SNMPDOPTS var set there as well - but it doesn't appear to do anything either. Debugging this a little (but not a lot) I was seeing the beginning of the script run, but not very far in it stops... I suspect because it was invoking systemd stuff and going a different path. Basically, that script is mostly dead code now from what I determined.
That's when I noticed that in the defaults file, it includes the following comment:
# This file controls the behaviour of /etc/init.d/snmpd # but not of the corresponding systemd service file. # If needed, create an override file in # /etc/systemd/system/snmpd.service.d/local.conf # see man 5 systemd.unit and man 5 systemd.service
That's sorta helpful as it let me avoid going all the way down the rabbit hole of seeing what the init script was actually doing - but that meant I needed to lear something about systemd then.
I was surprised to not find a dozen blog posts for solving this problem with systemd like there were previously, but I didn't. What I did find was a helpful thread on askubuntu that I was able to use to get a solution.
As root (or with sudo) run systemctl edit snmpd. In that new file, enter:
[Service] ExecStart= ExecStart=/usr/sbin/snmpd -LS0-5d -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux,mteTrigger,mteTriggerConf -f
Why does it need the extra ExecStart= with no value? No idea - but it does.
You can also edit /etc/systemd/system/snmpd.service.d/override.conf by hand to include that, but if you do, you'll need to run systemctl daemon-reload as well. In either case, then bounce the snmpd service: systemctl restart snmpd
That should do it.
Last Modified: Thu 21 Jun, 2018 09:25 AM