This chapter describes how to configure the System Management Agent for use within your network. This chapter covers the configuration files and security features of the System Management Agent. This chapter contains material on the following topics:
The System Management Agent is bundled with this Solaris release. To install the System Management Agent on the Solaris software, follow the standard procedures for bundled products. These procedures are described in the Solaris 10 Installation Guide: Basic Installations and in the Solaris 10 Installation Guide: Custom JumpStart and Advanced Installations. Note that you only need to use the pkgadd command to install the packages of the System Management Agent if you have previously removed these packages.
All of the packages of the System Management Agent are bundled with this Solaris release. These packages are automatically installed when you boot your Solaris system.
The SMA package is divided into two parts, because the Solaris 10 Operating System is supported on the SPARC and x86 platforms.
The runtime SMA product includes the following unique packages:
The SUNWsmaS package contains the source files that are needed to rebuild the System Management Agent. These source files comprise the source code of Net-SNMP version 5.0.9. The files contained in SUNWsmaS are useful for configuring a lightweight daemon. As a source code package, SUNWsmaS is not installed by default with the Solaris software. You can install this package from the mounted CD, by using the pkgadd command:
| # pkgadd -d /sol_10_sparc_2/Solaris_10/Product SUNWsmaS | 
The SUNWsmagt package contains the 32–bit and 64–bit libraries. In addition, this package contains both the snmpd agent and the snmptrapd trap daemon. The package also contains header files, which are required to build the SMA.
The SUNWsmcmd package contains the SMA SNMP applications and utilities. These applications and utilities include developer tools such as snmpget, and Perl scripts such as mib2c. In addition, the SUNWsmcmd package contains the SDK demo modules. The SDK demo modules illustrate how to implement some types of data modeling. For more information about the demo modules, see the Solaris System Management Agent Developer’s Guide.
The SUNWsmdoc package contains the HTML documentation files for the SMA. These files are generated from Net-SNMP source. Do not confuse these generated HTML files with the product documentation for the SMA. The product documentation for the SMA includes this document, the Solaris System Management Agent Developer’s Guide and the man pages. This product documentation is provided by Sun.
The SUNWsmmgr package contains all files that are installed under /etc/sma, including:
All MIBs. For more information, see Supported MIBs.
Default snmpd.conf files. For more information, see Configuration Files and Scripts.
The helper scripts related to mib2c. For more information about mib2c, see the Solaris System Management Agent Developer’s Guide.
If you remove the packages that are mentioned in this chapter, you remove all files related to the System Management Agent.
Ensure that you stop the System Management Agent before uninstalling it. Failure to stop the agent before removing the packages can cause agent files in various locations to remain installed even after the packages are removed. Stop the agent before removing packages, to remove those files created the first time that the agent was initially started. For information about stopping the agent, see Starting and Stopping the System Management Agent.
Before uninstalling any packages, log in as root. Then use the following procedure to uninstall the packages.
Provided that you stopped the System Management Agent before removing these SUNW packages, the following files and their persistent stores are removed if they exist:
/etc/sma/snmp/snmptrapd.conf
/etc/sma/snmp/snmp.conf
/var/sma_snmp/snmp.conf
/var/sma_snmp/snmptrapd.conf
 To Uninstall the Packages of the System Management Agent
To Uninstall the Packages of the System Management AgentAs root, stop the SMA service.
| # svcadm disable svc:/application/management/sma:default | 
Remove the SUNWsmaS package.
| # pkgrm SUNWsmaS | 
Remove the SUNWsmdoc package.
| # pkgrm SUNWsmdoc | 
Remove the SUNWsmcmd package.
| # pkgrm SUNWsmcmd | 
Remove the SUNWsmmgr package.
| # pkgrm SUNWsmmgr | 
Remove the SUNWsmagt package.
| # pkgrm SUNWsmagt | 
The daemon of the System Management Agent is named, snmpd. This daemon is located in the /usr/sfw/sbin/ directory.
The trap daemon of the System Management Agent is named snmptrapd. This trap daemon is located in the/usr/sfw/sbin/ directory.
After using traps, the file snmptrapd.conf is created.
The main configuration file of the, System Management Agent is named snmpd.conf. This configuration file is installed by default in the /etc/sma/snmp/ directory. For more information about the snmpd.conf file, see Configuration Files and Scripts.
The files created when the snmpd daemon starts up are as follows:
/etc/sma/snmp/mibs/.index
/var/log/snmpd.log
/var/sma_snmp/snmpd.conf (persistent file)
Library files for 32–bit x86 platforms are placed in the /usr/sfw/lib directory.
Library files for 64–bit SPARC platforms are placed in the /usr/sfw/lib/sparcv9 directory.
Configuration scripts and other commands are placed in /usr/sfw/bin.
As a standard Net-SNMP implementation, configuration of the System Management Agent can be done principally through the snmpd.conf user configuration file. Usage of this file is described in Managing Configuration With the Main Configuration File. For configuring the default settings that the System Management Agent uses, a separate configuration file, named snmp.conf, is provided. This file is described in Appendix A, Tools and Man Pages.
Some configuration files, scripts and man pages bear similar names. These files, scripts and man pages are summarized for clarity in the following list.
A script that helps you to create and modify SMA configuration files. The SMA snmpconf script is located in the /usr/sfw/bin/ directory. An associated man page, snmpconf(1M), is provided.
A configuration file for the System Management Agent. This file defines how applications operate. Use this file to configure default settings to reduce the number of required arguments when using SNMP commands, for example, in defining an SNMPv3 default user. An associated man page, snmp.conf(4), is provided.
Several files named snmpd.conf are provided in this Solaris release. These files are as follows:
The most important snmpd.conf file is the configuration file for operation of the System Management Agent. This file is located in the /etc/sma/snmp directory. An associated man page, snmpd.conf(4), is provided.
The Solstice Enterprise Agents configuration file is also named snmpd.conf. This file is located in the /etc/snmp/conf directory.
The persistent storage file of the SMA is also named snmpd.conf. This persistent storage file is located in the /var/sma_snmp/ directory. This file is described in Persistent Storage Files.
The template file used by a migration script for Sun FireTM servers is also named snmpd.conf. This template file is located in the /usr/sfw/lib/sma_snmp/ directory. Sun Fire servers use the migration script to modify the System Management Agent's main configuration file, snmpd.conf. For more information about migration to the SMA from the management agent for Sun Fire servers, see Migration From the Sun Fire Management Agent.
Two snmpd daemons are provided in this Solaris release:
The System Management Agent snmpd daemon is the SNMP agent that executes requests of the SMA software. The SMA snmpd daemon is located in the /usr/sfw/sbin/ directory. An associated man page, snmpd(1M), is provided.
The Sun SNMP Management Agent for Sun Fire and Netra Systems (Sun SNMP Management Agent for Sun Fire and Netra Systems) uses an agent also named snmpd.
Overall introductory man page for the System Management Agent. An alias, or alternative name, for the sma_snmp(5) man page is the netsnmp(5)
The snmp_config(4) man page provides an overview of the System Management Agent configuration file, snmpd.conf.
For further information see Man Pages.
The persistent storage file, /var/sma_snmp/snmpd.conf, contains USM security information and any MIB components that are set for persistent storage. This file also contains the engineID and the engineID boots. This persistent storage file is automatically updated when the System Management Agent starts. When the System Management Agent stops, the snmpusm and snmpvacm utilities write user security information to this storage file. For more information on security, see Chapter 4, Managing Security.
The persistent storage file is generated based upon the tokens that are placed in the main user configuration file in /etc/sma/snmp/snmpd.conf. For more information, see the snmpd.conf(4) man page.
The main configuration file that is shipped with the System Management Agent is the snmpd.conf file. This file is located in the /etc/sma/snmp directory. A minimal version is provided as a standard template to help you get started.
Various tokens are available as with standard Net-SNMP for managing configuration. These tokens are managed through the snmpd.conf file. Each of these tokens has an init module that runs when the System Management Agent starts.
In addition to the standard Net-SNMP implementation, some extra modules are provided with the System Management Agent. These extra modules include the seaProxy module and the seaExtensions module, described in Migration From Solstice Enterprise Agents Software.
For more information about the snmpd.conf file, see the snmpd.conf(4) man page.
As an SNMP agent, the System Management Agent must run on port 161. If another process is running on port 161, the System Management Agent does not start. To see if the System Management Agent is not starting because another agent is running at port 161, check the contents of the /var/log/snmpd.log log file. This log file also details any other errors that might occur at startup.
The AgentX protocol is supported in the System Management Agent. By default, the System Management Agent ships with a secure profile, that is, read–only access. AgentX allows interaction with third party subagents, provided that these subagents support AgentX over Unix Domain Sockets. For security reasons, AgentX is not supported over TCP/UDP. For more information on the AgentX protocol, see http://www.ietf.org/rfc/rfc2741.txt
Edit the main /etc/sma/snmp/snmpd.conf configuration file to configure the System Management Agent to use the AgentX protocol. By default, the AgentX protocol is disabled. The following procedure describes how to enable the AgentX protocol.
 To Enable the AgentX Protocol
To Enable the AgentX ProtocolAs root, edit the main /etc/sma/snmp/snmpd.conf configuration file.
Add the following line:
| master agentx | 
Restart the System Management Agent.
| # svcadm restart svc:/application/management/sma:default | 
Various other options can be set for the AgentX protocol. For example, you can set the timeout period for AgentX requests. These options are described in the snmpd.conf(4) man page.