ldap/servers/slapd/libglobs.c | 40 +++++++++++++++++++++++++++++++++++++++-
ldap/servers/slapd/proto-slap.h | 1 +
ldap/servers/slapd/slap.h | 2 ++
ldap/servers/snmp/main.c | 22 +++++++++++++++++++---
4 files changed, 61 insertions(+), 4 deletions(-)
New commits:
commit 2f02b0d0fee902c4a7777273bbeb519bf1c182c8
Author: Thierry bordaz (tbordaz) <tbordaz(a)redhat.com>
Date: Wed Apr 17 16:06:32 2013 +0200
Ticket 205 - snmp counters index strings for multiple network interfaces with ip addr
and tcp port pairs
Bug Description:
When a host contains several interfaces, if several DS instances listen on the same
port (but
on different interfaces) the snmp report will only contain one of those instances.
Fix Description:
The fix is to define a new cn=config attribute (nsslapd-snmp-index) that is a
number.
The value of this attribute will replace the instance port number (nsslapd-port) in
the
snmp report.
https://fedorahosted.org/389/ticket/205
Reviewed by: Nathan Kinder (thanks Nathan)
Platforms tested: Fedora 17
Flag Day: no
Doc impact: yes. A new configuration attribute (in cn=config) needs to be described
("nsslapd-snmp-index").
nsslapd-snmp-index: It specifies an index (identifier) that would be appened to the
RHDS MIB OIDs of the instance.
If it is defined it will replace in the reported OID the 'port'
(nsslapd-port).
For example:
instance1 and instance2 have defined nsslapd-snmp-index (greater than 0).
instance3 did not define nsslapd-snmp-index or nsslapd-snmp-index=0, so its slot
number is appened.
snmpwalk -v 2c -c redhat localhost RHDS-MIB::dsSimpleAuthBinds
RHDS-MIB::dsSimpleAuthBinds.<snmp_index_instance1> = Counter64: 16
RHDS-MIB::dsSimpleAuthBinds.<snmp_index_instance2> = Counter64: 4
RHDS-MIB::dsSimpleAuthBinds.<port_instance3> = Counter64: 24
In case of several RHDS instances listening on the same port (on different
interfaces), it offers a means to link the reported snmp counters to a given instance.
This attribute is an optional numeric value greater or equal to 0.
0 means that the snmp index is not used and the SNMP report will contain the port
number.
Any change of value requires (to be taken into account) restart of both DS and DS
snmp sub-agent.
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 0831cc8..10e0e7c 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -152,6 +152,7 @@ static int config_set_schemareplace ( const char *attrname, char
*value,
#define DEFAULT_OUTBOUND_LDAP_IO_TIMEOUT "300000"
#define DEFAULT_MAX_FILTER_NEST_LEVEL "40"
#define DEFAULT_GROUPEVALNESTLEVEL "0"
+#define DEFAULT_SNMP_INDEX "0"
#define DEFAULT_MAX_SASLIO_SIZE "2097152"
#define DEFAULT_DISK_THRESHOLD "2097152"
#define DEFAULT_DISK_GRACE_PERIOD "60"
@@ -198,7 +199,7 @@ static int config_set_schemareplace ( const char *attrname, char
*value,
#define DEFAULT_LDAPI_SEARCH_BASE "dc=example,dc=com"
#define DEFAULT_LDAPI_AUTO_DN "cn=peercred,cn=external,cn=auth"
#define ENTRYUSN_IMPORT_INIT "0"
-#define DEFAULT_ALLOWED_TO_DELETE_ATTRS "nsslapd-listenhost nsslapd-securelistenhost
nsslapd-defaultnamingcontext"
+#define DEFAULT_ALLOWED_TO_DELETE_ATTRS "nsslapd-listenhost nsslapd-securelistenhost
nsslapd-defaultnamingcontext nsslapd-snmp-index"
#define SALTED_SHA1_SCHEME_NAME "SSHA"
/* CONFIG_ON_OFF */
@@ -734,6 +735,10 @@ static struct config_get_and_set {
NULL, 0,
(void**)&global_slapdFrontendConfig.listenhost,
CONFIG_STRING, NULL, NULL/* NULL value is allowed */},
+ {CONFIG_SNMP_INDEX_ATTRIBUTE, config_set_snmp_index,
+ NULL, 0,
+ (void**) &global_slapdFrontendConfig.snmp_index,
+ CONFIG_INT, NULL, DEFAULT_SNMP_INDEX},
{CONFIG_LDAPI_FILENAME_ATTRIBUTE, config_set_ldapi_filename,
NULL, 0,
(void**)&global_slapdFrontendConfig.ldapi_filename,
@@ -1982,6 +1987,39 @@ config_set_listenhost( const char *attrname, char *value, char
*errorbuf, int ap
}
int
+config_set_snmp_index(const char *attrname, char *value, char *errorbuf, int apply)
+{
+ int retVal = LDAP_SUCCESS;
+ long snmp_index;
+ long snmp_index_disable;
+ char *endp = NULL;
+
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+
+ snmp_index_disable = atol(DEFAULT_SNMP_INDEX); /* if snmp index is disabled, use
the nsslapd-port instead */;
+
+ if (config_value_is_null(attrname, value, errorbuf, 0)) {
+ snmp_index = snmp_index_disable;
+ } else {
+ errno = 0;
+ snmp_index = strtol(value, &endp, 10);
+
+ if (*endp != '\0' || errno == ERANGE || snmp_index <
snmp_index_disable) {
+ PR_snprintf(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s:
invalid value \"%s\", %s must be greater or equal to %d (%d means
disabled)",
+ attrname, value, CONFIG_SNMP_INDEX_ATTRIBUTE,
snmp_index_disable, snmp_index_disable);
+ retVal = LDAP_OPERATIONS_ERROR;
+ }
+ }
+
+ if (apply) {
+ CFG_LOCK_WRITE(slapdFrontendConfig);
+ slapdFrontendConfig->snmp_index = snmp_index;
+ CFG_UNLOCK_WRITE(slapdFrontendConfig);
+ }
+ return retVal;
+}
+
+int
config_set_ldapi_filename( const char *attrname, char *value, char *errorbuf, int apply )
{
int retVal = LDAP_SUCCESS;
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h
index 05d2212..ea6fb6c 100644
--- a/ldap/servers/slapd/proto-slap.h
+++ b/ldap/servers/slapd/proto-slap.h
@@ -273,6 +273,7 @@ int config_set_localhost( const char *attrname, char *value, char
*errorbuf, int
int config_set_listenhost( const char *attrname, char *value, char *errorbuf, int apply
);
int config_set_securelistenhost( const char *attrname, char *value, char *errorbuf, int
apply );
int config_set_ldapi_filename( const char *attrname, char *value, char *errorbuf, int
apply );
+int config_set_snmp_index( const char *attrname, char *value, char *errorbuf, int apply
);
int config_set_ldapi_switch( const char *attrname, char *value, char *errorbuf, int apply
);
int config_set_ldapi_bind_switch( const char *attrname, char *value, char *errorbuf, int
apply );
int config_set_ldapi_root_dn( const char *attrname, char *value, char *errorbuf, int
apply );
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index c72d193..224706c 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -1967,6 +1967,7 @@ typedef struct _slapdEntryPoints {
#define CONFIG_PORT_ATTRIBUTE "nsslapd-port"
#define CONFIG_WORKINGDIR_ATTRIBUTE "nsslapd-workingdir"
#define CONFIG_LISTENHOST_ATTRIBUTE "nsslapd-listenhost"
+#define CONFIG_SNMP_INDEX_ATTRIBUTE "nsslapd-snmp-index"
#define CONFIG_LDAPI_FILENAME_ATTRIBUTE "nsslapd-ldapifilepath"
#define CONFIG_LDAPI_SWITCH_ATTRIBUTE "nsslapd-ldapilisten"
#define CONFIG_LDAPI_BIND_SWITCH_ATTRIBUTE "nsslapd-ldapiautobind"
@@ -2164,6 +2165,7 @@ typedef struct _slapdFrontendConfig {
char *encryptionalias;
char *errorlog;
char *listenhost;
+ int snmp_index;
#ifndef _WIN32
char *localuser;
#endif /* _WIN32 */
diff --git a/ldap/servers/snmp/main.c b/ldap/servers/snmp/main.c
index 53af972..42dd76b 100644
--- a/ldap/servers/snmp/main.c
+++ b/ldap/servers/snmp/main.c
@@ -329,6 +329,8 @@ load_config(char *conf_path)
} else if ((p = strstr(line, "server")) != NULL) {
int got_port = 0;
int got_rundir = 0;
+ int got_snmp_index = 0;
+ long snmp_index = 0;
int lineno = 0;
char *entry = NULL;
char *instancename = NULL;
@@ -423,10 +425,15 @@ load_config(char *conf_path)
if ((strcmp(attr, "dn") == 0) &&
(strcmp(val, "cn=config") == 0)) {
char *dse_line = NULL;
+
+
/* Look for port and rundir attributes */
while ((dse_line = ldif_getline(&entryp)) != NULL) {
ldif_parse_line(dse_line, &attr, &val, &vlen);
- if (strcmp(attr, "nsslapd-port") == 0) {
+ if (strcmp(attr, "nsslapd-snmp-index") == 0) {
+ snmp_index = atol(val);
+ got_snmp_index = 1;
+ } else if (strcmp(attr, "nsslapd-port") == 0) {
serv_p->port = atol(val);
got_port = 1;
} else if (strcmp(attr, "nsslapd-rundir") == 0) {
@@ -448,8 +455,8 @@ load_config(char *conf_path)
}
/* Stop processing this entry if we found the
- * port and rundir settings */
- if (got_port && got_rundir) {
+ * port and rundir and snmp_index settings */
+ if (got_port && got_rundir && got_snmp_index) {
break;
}
}
@@ -479,6 +486,15 @@ load_config(char *conf_path)
error = 1;
goto close_and_exit;
}
+
+ /* in case a snmp index is specified, it replace the nsslapd-port
+ * This would allow to give an index to a snmp report, rather than using
+ * the TCP interface port number (because the same port may be listen on
multiple interfaces).
+ * For snmp_index values <= 0 (disabled), let's keep the port
+ */
+ if (got_snmp_index && (snmp_index > 0)) {
+ serv_p->port = snmp_index;
+ }
/* Insert server instance into linked list */
serv_p->next = server_head;