- daemon to respond to SNMP request packets
/usr/sfw/sbin/snmpd [options] [listening addresses]
The snmpd daemon is an SNMP agent that binds to a port and awaits requests from SNMP management software. Upon receiving a request, it processes the request(s), collects the requested information, performs any requested operation(s), and, finally, returns information to the requester.
The following options are supported:
Log the source addresses of incoming requests.
Append to the log file rather than truncating it.
Read file as a configuration file.
Do not read any configuration files except the one optionally specified by the -c option.
Note that this behavior also covers the persistent configuration files. This can result in dynamically-assigned values being reset following an agent restart, unless the relevant persistent configuration files are explicitly loaded using the -c option.
Dump (in hexadecimal) the sent and received SNMP packets.
Turn on debugging output for the given token(s). Without any tokens specified, this option defaults to printing all of the tokens (which is equivalent to the keyword ALL). Use ALL for extremely verbose output. Note that you must not put a space between the -D flag and the listed tokens.
Do not fork() from the calling shell.
Change to the numerical group ID GID after opening listening sockets.
Display a brief usage message and then exit.
Display a list of configuration file directives understood by the agent and then exit.
This option specifies which modules you do (or do not) want to be initialized when the agent starts up. If the comma-separated initlist is preceded with an hyphen (-), it is the list of modules that you do not want to be started. Otherwise, initlist is the list of modules to be started.
To obtain a list of compiled modules, run the agent with the arguments -Dmib_init -H This command assumes you have debugging support compiled in.
Log all output from the agent (including stdout and stderr) to file. If no filename is given, log to a default file set at compile time, normally /var/log/snmpd.log.
Do not open a log file. Send all messages to stderr instead.
Save the process ID of the daemon in file.
Print simpler output for easier automated parsing.
Do not require root access to run the daemon. Specifically, do not exit if files accessible only to root (such as /dev/kmem) cannot be opened.
Use syslog for logging. See syslogd(1M)
Specifies the syslog facility to use when logging to syslog. d means LOG_DAEMON and the integers 0 through 7 refer to LOG_LOCAL0 through LOG_LOCAL7. LOG_DAEMON is the default.
Change to the user ID UID (which can be given in numerical or text form) after opening listening sockets.
Display version information for the agent and then exit.
Symbolically dump SNMP transactions.
Listens for AgentX connections on address rather than on the default /var/agentx/master. The address can either be a Unix domain socket path or the address of a network interface. The format is the same as the format of listening addresses described below. Note that it is a possible security risk to expose the master agent listening address through TCP/UDP. See section 9 of RFC 2741 for more details.
Run as an AgentX subagent rather than as an SNMP master agent.
By default, snmpd listens for incoming SNMP requests only on UDP port 161. However, it is possible to modify this behavior by specifying one or more listening addresses as arguments to the daemon. A listening address takes the form:
At its simplest, a listening address can consist of only a port number, in which case snmpd listens on that UDP port on all IPv4 interfaces. Otherwise, the <transport-address> part of the specification is parsed according to the following table:
Currently transports TCP/UDP over IPv4/IPv6 and unix domain sockets. Note that <transport-specifier> strings are case-insensitive so that, for example, tcp and TCP are equivalent. Below are some examples, with accompanying explanations.
Listen on UDP port 161, but only on the loopback interface. This prevents snmpd from being queried remotely. The :161 is redundant because that is the default SNMP port.
Listen on TCP port 1161 on all IPv4 interfaces.
Listen on the Unix domain socket /tmp/local-agent.
Identical to the previous specification, because the Unix domain is the default transport if and only if the first character of <transport-address> is a slash (/).
Listen on port 10161 on all IPv6 interfaces.
Note that not all the transport domains listed above will always be available. For example, hosts with no IPv6 support will not be able to use udp6 transport addresses, and attempts to do so will result in the error “Error opening specified endpoint”.
snmpd checks for the existence of and parses the following files:
Common configuration for the agent and applications. See snmp.conf(4) for details.
Agent-specific configuration. See snmp.conf(4) for details. These files are optional and can be used to configure access control, trap generation, subagent protocols, and other features.
In addition to these two configuration files, the agent will read any files with the names snmpd.conf and snmpd.local.conf in a colon-separated path specified in the SNMPCONFPATH environment variable, the default location upon agent startup are /etc/sma/snmp and /usr/local/share/snmp.
The agent loads all files in this directory as MIBs. It does not, however, load any file that begins with a dot (.) or descend into subdirectories.
A usage syntax error. A usage message is displayed. Also used for timeout errors.
See attributes(5) for descriptions of the following attributes:
In addition to basic privileges, to run successfully, the agent requires PRIV_NET_PRIVADDR. See privileges(5).
The snmpd service is managed by the service management facility, smf(5), under the service identifiers:
The service uses the solaris.smf.manage.sma privilege. If /etc/sma/snmp/snmpd.conf contains DISABLE=YES, then the service does not start and displays the message:
snmpd disabled by config file /etc/sma/snmp/snmpd.conf