Send Netdot-devel mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://osl.uoregon.edu/mailman/listinfo/netdot-devel
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Netdot-devel digest..."
Today's Topics:
1. [Netdot - Bug #1816] LLDP issues with Netgear switches
([email protected])
2. [Netdot - Bug #1815] (In Progress) cron entries running as
root ([email protected])
3. [Netdot - Bug #1815] cron entries running as root
([email protected])
4. [SCM] Netdot branch master updated. netdot-1.0.6-15-g851b1a6
([email protected])
5. [SCM] Netdot branch netdot-1.0 updated.
netdot-1.0.6-15-g851b1a6 ([email protected])
6. [Netdot - Bug #1814] (Resolved) Use of uninitialized value
$address in sprintf ([email protected])
7. [Netdot - Bug #1817] (New) Missing dependencies - ubuntu
14.04 ([email protected])
8. [SCM] Netdot branch master updated. netdot-1.0.6-16-g3408e2a
([email protected])
----------------------------------------------------------------------
Message: 1
Date: Thu, 26 Jun 2014 06:34:16 -0700
From: [email protected]
Subject: [Netdot-devel] [Netdot - Bug #1816] LLDP issues with Netgear
switches
To: [email protected], [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
Issue #1816 has been updated by Brian Candler.
So this leaves one other apparent problem:
<pre>
DEBUG - Topology::get_dp_links: Cannot find neighbor interface using
20:4e:7f:7b:d5:e0
</pre>
This MAC address *is* known to Netdot and it's in the GUI. However it's the MAC
address of the CPU, not of one of the physical ports. Based on this, Netdot
knows which *device* is on the other side, but not which *interface* of that
device it's connected to, and it's doing the right thing in not establishing a
link.
This could perhaps be highlighted in debug output, although once you know what
the issue is, it seems superfluous :-)
<pre>
--- lib/Netdot/Topology.pm.orig 2014-06-25 18:17:02.298053718 +0100
+++ lib/Netdot/Topology.pm 2014-06-26 14:30:27.194054170 +0100
@@ -389,10 +389,12 @@
if ( ($h = $macs2ints->{$mac}) && (ref($h) eq 'HASH') && (@ints = keys
%$h) ){
if ( scalar(@ints) > 1 ){
#There are multiple interfaces using $mac. Ignore
+ $logger->debug("Topology::_find_by_mac: $str used by
".scalar(@ints)." interfaces, ignoring");
}elsif ( my $dev = $base_macs->{$mac} ){
# this means that this mac is also a base_mac
# don't set rem_int because it would most likely be wrong
$rem_dev = Device->retrieve($dev);
+ $logger->debug("Topology::_find_by_mac: $str is the base MAC
address and does not identify the port");
}else{
my $iface = Interface->retrieve($ints[0]);
$rem_dev = $iface->device;
@@ -400,6 +402,7 @@
if ( $iftype eq 'propVirtual' || $iftype eq '53' ||
$iftype eq 'l2vlan' || $iftype eq '135' ){
# Ignore virtual interfaces, but do set the remote device
+ $logger->debug("Topology::_find_by_mac: $str is a virtual
interface and does not identify the port");
}else{
# This should be good then
$rem_int = $iface;
</pre>
----------------------------------------
Bug #1816: LLDP issues with Netgear switches
https://osl.uoregon.edu/redmine/issues/1816#change-3189
Author: Brian Candler
Status: New
Priority: Normal
Assignee:
Category:
Target version:
Resolution:
There are problems getting LLDP link relationships with Netgear switches.
Part of this is a problem with SNMP::Info. This is reported at
http://sourceforge.net/p/snmp-info/mailman/snmp-info-users/thread/53ABF242.30703%40pobox.com/#msg32507476
which includes detailed dumps of the SNMP MIBs.
But in summary it's down to the meaning of ifDescr, ifAlias and ifName as
compared to LLDP "PortId" and "PortDesc".
The Netgear reports lldp{Rem,Loc}PortID as a string like "1/0/1" which matches
ifName (not ifDescr or IfAlias), and the PortDesc is an optional user-entered
comment (in my case sometimes I enter the name of the device this port is
linked to). Example:
<pre>
iso.0.8802.1.1.2.1.3.7.1.3.45 = STRING: "1/0/45" #lldpLocPortId
iso.0.8802.1.1.2.1.3.7.1.4.45 = STRING: "wrn-sw11" #lldpLocPortDesc
IF-MIB::ifDescr.45 = STRING: Unit: 1 Slot: 0 Port: 45 Gigabit - Level
IF-MIB::ifAlias.45 = STRING: wrn-sw11
IF-MIB::ifName.45 = STRING: 1/0/45
</pre>
This all seems pretty reasonable and standards-compliant behaviour. SNMP::Info
was instead trying to map the lldpLocPortDesc (which is blank if the user
hasn't entered any comment) against the ifDescr and ifAlias, and was giving
arbitrary results. The mail pointed above includes patches to fix this.
However this still leaves some problems with Netdot.
<pre>
DEBUG - Topology::get_dp_links: Cannot find neighbor interface using
20:4e:7f:7b:d5:e0
WARN - Topology::get_dp_links: wrn-sw11.int.example.net [Unit: 1 Slot: 0 Port:
1 10G - Level]: Port 1/0/45 not found in Device: wrn-coresw1.int.example.net
</pre>
The general problem seems to be that dp_remote_port is "1/0/45" which needs to
be matched against ifName on the other device, but as far as I can see, ifName
is not actually stored in the interface table.
<pre>
*************************** 1. row ***************************
admin_duplex: NULL
admin_status: up
auto_dns: 1
bpdu_filter_enabled: 0
bpdu_guard_enabled: 0
circuit: NULL
contactlist: NULL
description: NULL
device: 5
dlci: NULL
doc_status: snmp
down_from: NULL
down_until: NULL
dp_remote_id: 74:44:01:8d:56:e0
dp_remote_ip: 192.168.0.10
dp_remote_port: 1/0/1
dp_remote_type: XSM7224S - 24-Port 10G SFP+ Layer 2 Stackable Managed
Switch with four 10G combo ports
id: 2116
ignore_ip: 0
info: NULL
jack: NULL
jack_char: NULL
loop_guard_enabled: 0
monitored: 0
monitorstatus: 3
name: Unit: 1 Slot: 0 Port: 45 Gigabit - Level
neighbor: 8
neighbor_fixed: 0
neighbor_missed: 0
number: 45
oper_duplex: NULL
oper_status: up
overwrite_descr: 0
physaddr: 759128
room_char: NULL
root_guard_enabled: 0
snmp_managed: 1
speed: 1000000000
stp_id: NULL
type: ethernet-csmacd
</pre>
The "name" column appears to come from ifDescr currently.
I can think of two solutions.
(1) if ifName is non-empty, store it in the database instead of ifDescr. That
is a change of behavior and might break other things. On a Cisco I have handy:
<pre>
IF-MIB::ifDescr.1 = STRING: GigabitEthernet0/0/0
IF-MIB::ifName.1 = STRING: Gi0/0/0
</pre>
(actually I'd prefer the shorter name to be used in the GUI anyway)
(2) Add another column for ifName. This is arguably the Right Thing but is a
schema change. Then it would require more changes in the searching code -
whenever looking for an interface try ifName in addition to ifDescr. And it has
to be decided whether ifDescr or ifName is displayed in the GUI (selectable
globally? per device type?)
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://osl.uoregon.edu/redmine/my/account
------------------------------
Message: 2
Date: Thu, 26 Jun 2014 06:48:57 -0700
From: [email protected]
Subject: [Netdot-devel] [Netdot - Bug #1815] (In Progress) cron
entries running as root
To: [email protected], [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
Issue #1815 has been updated by Carlos Vicente.
Category set to Netdot
Status changed from New to In Progress
Assignee set to Carlos Vicente
Priority changed from Low to Normal
Target version set to 1.0.7
Hi Brian,
Good point. I think the crontab should specify "apache" as the user to run all
commands. That way we make sure we don't have ownership conflicts.
I don't see any benefit to run as root and use setuid.
----------------------------------------
Bug #1815: cron entries running as root
https://osl.uoregon.edu/redmine/issues/1815#change-3190
Author: Brian Candler
Status: In Progress
Priority: Normal
Assignee: Carlos Vicente
Category: Netdot
Target version: 1.0.7
Resolution:
The sample crontab runs everything as root, including building of the topo
graphs. So if you subsequently click the button in the web page to update it,
you get the following error:
<pre>
Permission denied: open(
/usr/local/netdot/htdocs/img/graphs/whole_network_with_vlans.png, 0x241 ) at
/usr/share/perl5/GraphViz.pm line 1195
</pre>
This is easily fixed:
<pre>
# Update whole-network topology graphs
45 0 * * * www-data $PREFIX/bin/build_topo_graph.pl -f
$PREFIX/htdocs/img/graphs/whole_network_no_vlans.png
50 0 * * * www-data $PREFIX/bin/build_topo_graph.pl -v -f
$PREFIX/htdocs/img/graphs/whole_network_with_vlans.png
</pre>
But it does beg the question of whether *any* of these should be running as
root. Perhaps the sample crontab should have "apache" for all of the crontab
entries (same as APACHEUSER defaults to), and users can then change them to
www-data or whatever if their systems requires this?
Another suggestion: if the script is run as root it should setuid to this user,
in case any data files are generated as a side-effect. pollstats.rrd is one I
found.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://osl.uoregon.edu/redmine/my/account
------------------------------
Message: 3
Date: Thu, 26 Jun 2014 07:03:38 -0700
From: [email protected]
Subject: [Netdot-devel] [Netdot - Bug #1815] cron entries running as
root
To: [email protected], [email protected],
[email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
Issue #1815 has been updated by Brian Candler.
> I don't see any benefit to run as root and use setuid.
I was just thinking about what happens when the user runs updatedevices.pl (or
whatever) from the command line. They might sometimes do it as root, and
sometimes as a regular user.
In most cases it doesn't matter, but in cases where netdot writes any file to
disk it should arguably setuid() to a consistent user first (or check the uid
and refuse to run). Otherwise there will be problems where the first run as
root works, but subsequent runs from cron as apache fail.
----------------------------------------
Bug #1815: cron entries running as root
https://osl.uoregon.edu/redmine/issues/1815#change-3191
Author: Brian Candler
Status: In Progress
Priority: Normal
Assignee: Carlos Vicente
Category: Netdot
Target version: 1.0.7
Resolution:
The sample crontab runs everything as root, including building of the topo
graphs. So if you subsequently click the button in the web page to update it,
you get the following error:
<pre>
Permission denied: open(
/usr/local/netdot/htdocs/img/graphs/whole_network_with_vlans.png, 0x241 ) at
/usr/share/perl5/GraphViz.pm line 1195
</pre>
This is easily fixed:
<pre>
# Update whole-network topology graphs
45 0 * * * www-data $PREFIX/bin/build_topo_graph.pl -f
$PREFIX/htdocs/img/graphs/whole_network_no_vlans.png
50 0 * * * www-data $PREFIX/bin/build_topo_graph.pl -v -f
$PREFIX/htdocs/img/graphs/whole_network_with_vlans.png
</pre>
But it does beg the question of whether *any* of these should be running as
root. Perhaps the sample crontab should have "apache" for all of the crontab
entries (same as APACHEUSER defaults to), and users can then change them to
www-data or whatever if their systems requires this?
Another suggestion: if the script is run as root it should setuid to this user,
in case any data files are generated as a side-effect. pollstats.rrd is one I
found.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://osl.uoregon.edu/redmine/my/account
------------------------------
Message: 4
Date: Thu, 26 Jun 2014 07:28:58 -0700
From: [email protected]
Subject: [Netdot-devel] [SCM] Netdot branch master updated.
netdot-1.0.6-15-g851b1a6
To: [email protected]
Message-ID: <[email protected]>
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Netdot".
The branch, master has been updated
via 851b1a6ef74325605a56475ca8e5e911930bab3c (commit)
from e33c47cf4f980ae6282810849a54e6501810b101 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 851b1a6ef74325605a56475ca8e5e911930bab3c
Author: Carlos Vicente <[email protected]>
Date: Thu Jun 26 10:28:32 2014 -0400
Fix for #1814 - Avoid Perl warning from _assign_base_mac()
diff --git a/lib/Netdot/Model/Device.pm b/lib/Netdot/Model/Device.pm
index f468f50..07991ed 100644
--- a/lib/Netdot/Model/Device.pm
+++ b/lib/Netdot/Model/Device.pm
@@ -5612,9 +5612,9 @@ sub _munge_speed_high {
#
sub _assign_base_mac {
my ($self, $info) = @_;
-
+
my $host = $self->fqdn;
- my $address = delete $info->{physaddr};
+ my $address = delete $info->{physaddr};
if ( $address && ($address = PhysAddr->validate($address)) ) {
# OK
}else{
@@ -5626,6 +5626,10 @@ sub _assign_base_mac {
}
}
}
+ unless ( $address ){
+ $logger->debug("$host: No suitable MAC address found");
+ return;
+ }
# Look it up
my $mac;
if ( $mac = PhysAddr->search(address=>$address)->first ){
-----------------------------------------------------------------------
Summary of changes:
lib/Netdot/Model/Device.pm | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
hooks/post-receive
--
Netdot
------------------------------
Message: 5
Date: Thu, 26 Jun 2014 07:29:11 -0700
From: [email protected]
Subject: [Netdot-devel] [SCM] Netdot branch netdot-1.0 updated.
netdot-1.0.6-15-g851b1a6
To: [email protected]
Message-ID: <[email protected]>
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Netdot".
The branch, netdot-1.0 has been updated
via 851b1a6ef74325605a56475ca8e5e911930bab3c (commit)
from e33c47cf4f980ae6282810849a54e6501810b101 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
lib/Netdot/Model/Device.pm | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
hooks/post-receive
--
Netdot
------------------------------
Message: 6
Date: Thu, 26 Jun 2014 07:30:39 -0700
From: [email protected]
Subject: [Netdot-devel] [Netdot - Bug #1814] (Resolved) Use of
uninitialized value $address in sprintf
To: [email protected], [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
Issue #1814 has been updated by Carlos Vicente.
Category set to DeviceManagement
Status changed from New to Resolved
Assignee set to Carlos Vicente
Target version set to 1.0.7
Resolution set to fixed
I found and corrected the cause of the warning. Fix will go into next release
(1.0.7)
Thanks for reporting it.
----------------------------------------
Bug #1814: Use of uninitialized value $address in sprintf
https://osl.uoregon.edu/redmine/issues/1814#change-3192
Author: Marc CYPRIEN
Status: Resolved
Priority: Normal
Assignee: Carlos Vicente
Category: DeviceManagement
Target version: 1.0.7
Resolution: fixed
Hello,
When I updated some devices with this command :
bin/updatedevices.pl -DIFA -v 2 -c public --match "my.zone"
I got this error:
Use of uninitialized value $address in sprintf at /usr/local/netdot/lib/Netdot/M
odel/Device.pm line 5645.
Use of uninitialized value $address in sprintf at /usr/local/netdot/lib/Netdot/M
odel/Device.pm line 5645.
Use of uninitialized value $address in sprintf at /usr/local/netdot/lib/Netdot/M
odel/Device.pm line 5645.
And the output is:
INFO - bin/updatedevices.pl started at Thu Jun 26 08:54:43 2014
INFO - Updating all devices in the DB
INFO - Using traditional method for SNMP collection
INFO - Device::snmp_update: device1: Finished updating
INFO - Device::snmp_update: device2: Finished updating
INFO - Device::snmp_update: device3: Finished updating
INFO - Device::snmp_update: device4: Finished updating
INFO - Device::snmp_update: device5: Finished updating
INFO - Device::snmp_update: device6: Finished updating
...
INFO - Device::snmp_update: device22: Finished updating
INFO - All Devices updated. 22 devices in 6 sec
INFO - bin/updatedevices.pl total runtime: 6 sec
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://osl.uoregon.edu/redmine/my/account
------------------------------
Message: 7
Date: Thu, 26 Jun 2014 10:23:48 -0700
From: [email protected]
Subject: [Netdot-devel] [Netdot - Bug #1817] (New) Missing
dependencies - ubuntu 14.04
To: [email protected], [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
Issue #1817 has been reported by Brian Candler.
----------------------------------------
Bug #1817: Missing dependencies - ubuntu 14.04
https://osl.uoregon.edu/redmine/issues/1817
Author: Brian Candler
Status: New
Priority: Normal
Assignee:
Category:
Target version:
Resolution:
Miscellaneous errors during install of Netdot on ubuntu 14.04; the fixes are
pretty simple.
Problem 1:
<pre>
...
A new /etc/snmp/snmp.conf needs to be installed to point to the newly installed
MIB files.
The current file will be backed up. Continue? [y/n] y
mv: cannot stat ?/etc/snmp/snmp.conf?: No such file or directory
There was a problem running mv -f /etc/snmp/snmp.conf
/etc/snmp/snmp.conf.netdot_install
make: *** [apt-install] Error 2
</pre>
Workaround: <code>sudo apt-get install snmp</code> then re-run <code>make
apt-install</code>
Fix:
<pre>
--- a/bin/perldeps.pl
+++ b/bin/perldeps.pl
@@ -64,7 +64,8 @@ my @DEPS = (
{apt=> 'libssl-dev', rpm=>'openssl-devel'}, # needed by Net::DNS::ZoneFile:
{cpan=>'Net::DNS::ZoneFile::Fast', apt=> 'dnssec-tools', rpm=>''},
{cpan=>'Socket6', apt=> 'libsocket6-perl', rpm=>'perl-Socket6'},
- {cpan=>'XML::Simple', apt=>'libxml-simple-perl', rpm=>'perl-XML-Simple'}
+ {cpan=>'XML::Simple', apt=>'libxml-simple-perl', rpm=>'perl-XML-Simple'},
+ {apt=>'snmp'}, # we expect snmp.conf
) ;
</pre>
Problem 2:
<pre>
...
SNMP::Info 2.06...................................MISSING
...
</pre>
What has happened is that libsnmp-info-perl has been installed, but not
libsnmp-perl (which should be its dependency).
<pre>
$ dpkg-query -l | grep snmp
ii libsnmp-base 5.7.2~dfsg-8.1ubuntu3 all
SNMP configuration script, MIBs and documentation
ii libsnmp-info-perl 3.13-1 all
OO Interface to Network devices and MIBs through SNMP
ii libsnmp30:amd64 5.7.2~dfsg-8.1ubuntu3 amd64
SNMP (Simple Network Management Protocol) library
ii snmp 5.7.2~dfsg-8.1ubuntu3 amd64
SNMP (Simple Network Management Protocol) applications
</pre>
The problem is that the libsnmp-info-perl 3.13 package is missing a dependency
on libsnmp-perl:
<pre>
Version: 3.13-1
Depends: perl
Filename: unstable/libsnmp-info-perl_3.13-1_all.deb
cf.
Version: 3.11-1
Depends: perl, libsnmp-perl
Suggests: netdisco-mibs-installer
Filename: pool/universe/libs/libsnmp-info-perl/libsnmp-info-perl_3.11-1_all.deb
</pre>
Workaround: <code>sudo apt-get install libsnmp-perl</code> - although the
proper fix is to update the dependency.
Problem 3:
<pre>
sudo service apache2 restart
[Fri Jun 20 14:03:51.039859 2014] [so:warn] [pid 20696:tid 140375836866432]
AH01574: module apreq_module is already loaded, skipping
</pre>
Fix: comment out this line
<pre>
#LoadModule apreq_module /usr/lib/apache2/modules/mod_apreq2.so
</pre>
(it's already commented out in netdot_apache24_local.conf)
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://osl.uoregon.edu/redmine/my/account
------------------------------
Message: 8
Date: Thu, 26 Jun 2014 11:26:58 -0700
From: [email protected]
Subject: [Netdot-devel] [SCM] Netdot branch master updated.
netdot-1.0.6-16-g3408e2a
To: [email protected]
Message-ID: <[email protected]>
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Netdot".
The branch, master has been updated
via 3408e2abc159483380c38c4654a71c6c26c64e61 (commit)
from 851b1a6ef74325605a56475ca8e5e911930bab3c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3408e2abc159483380c38c4654a71c6c26c64e61
Author: Carlos Vicente <[email protected]>
Date: Thu Jun 26 13:41:10 2014 -0400
Fixes for #1817 (missing dependencies)
diff --git a/bin/perldeps.pl b/bin/perldeps.pl
index 87f90cd..8e328fd 100755
--- a/bin/perldeps.pl
+++ b/bin/perldeps.pl
@@ -64,7 +64,8 @@ my @DEPS = (
{apt=> 'libssl-dev', rpm=>'openssl-devel'}, # needed by
Net::DNS::ZoneFile::Fast
{cpan=>'Net::DNS::ZoneFile::Fast', apt=> 'dnssec-tools', rpm=>''},
{cpan=>'Socket6', apt=> 'libsocket6-perl', rpm=>'perl-Socket6'},
- {cpan=>'XML::Simple', apt=>'libxml-simple-perl', rpm=>'perl-XML-Simple'}
+ {cpan=>'XML::Simple', apt=>'libxml-simple-perl', rpm=>'perl-XML-Simple'},
+ {apt=>'snmp'},
) ;
if ( $action eq 'test' ){
diff --git a/etc/netdot_apache2_local.conf b/etc/netdot_apache2_local.conf
index 1205d51..e5b3542 100644
--- a/etc/netdot_apache2_local.conf
+++ b/etc/netdot_apache2_local.conf
@@ -22,7 +22,7 @@ PerlModule HTML::Mason::ApacheHandler
# Uncomment this next line if you get errors from libapreq2
# about an 'undefined symbol'
-LoadModule apreq_module /usr/lib/apache2/modules/mod_apreq2.so
+#LoadModule apreq_module /usr/lib/apache2/modules/mod_apreq2.so
# Add Netdot's libraries to @INC
PerlSwitches -I<<Make:PREFIX>>/lib
-----------------------------------------------------------------------
Summary of changes:
bin/perldeps.pl | 3 ++-
etc/netdot_apache2_local.conf | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
hooks/post-receive
--
Netdot
------------------------------
_______________________________________________
Netdot-devel mailing list
[email protected]
https://osl.uoregon.edu/mailman/listinfo/netdot-devel
End of Netdot-devel Digest, Vol 87, Issue 8
*******************************************
