After every configuration commit, the snmp script permissions are changed and snmp user is not able to execute it.
ex.
# chmod +rx /config/user-data/snmp_conntrack.sh # ls -la /config/user-data/snmp_conntrack.sh -rwxr-xr-x+ 1 root vyattacfg 33 Dec 10 10:57 /config/user-data/snmp_conntrack.sh
snmpwalk -v2c -c public XXXX .1.3.6.1.4.1.8072.1.3.2.3.1.1.9.99.111.110.110.116.114.97.99.107
iso.3.6.1.4.1.8072.1.3.2.3.1.1.9.99.111.110.110.116.114.97.99.107 = STRING: "59"
# set service snmp script-extensions extension-name conntrack script '/config/user-data/snmp_conntrack.sh' [edit] # commit [edit] # ls -la /config/user-data/snmp_conntrack.sh -rwx--x--x+ 1 root vyattacfg 33 Dec 10 10:57 /config/user-data/snmp_conntrack.sh
snmpwalk -v2c -c public XXXX .1.3.6.1.4.1.8072.1.3.2.3.1.1.9.99.111.110.110.116.114.97.99.107
iso.3.6.1.4.1.8072.1.3.2.3.1.1.9.99.111.110.110.116.114.97.99.107 = STRING: "/bin/sh: /config/user-data/snmp_conntrack.sh: Permission denied"
$ show version Version: VyOS 1.2.4 Built by: xxxxxxxxxxx Built on: Thu 12 Dec 2019 10:18 UTC Build UUID: 4fd6982e-af07-493c-b769-613b6d74626e Build Commit ID: 7b47b452ce86a9 Architecture: x86_64 Boot via: installed image System type: bare metal Hardware vendor: FUJITSU Hardware model: PRIMERGY RX2530 M5 Hardware S/N: xxxxxxxxxxxx Hardware UUID: xxxxxxxxxxx
The server was installed using a rolling but last week updated to a release version (1.2.4).
Regards,
Vicente