When trying to configure SNMPv3 using CLI am getting this error. It seems that many other people have been getting this also, but I haven't seen a solution posted.
router# commit; save; exit; [ service snmp v3 ] chown: unknown user snmp Saving configuration to '/config/config.boot'... Done exit router:~$ show version Version: v2.0.9-hotfix.2 Build ID: 5402463 Build on: 05/11/21 13:16 Copyright: 2012-2020 Ubiquiti Networks, Inc. HW model: EdgeRouter Infinity HW S/N: F492BF982671 Uptime: 14:42:48 up 7 days, 20:45, 1 user, load average: 1.06, 1.07, 1.02
I seem to remember this had come up in the past and a very quick search turned up this thread.
The 'snmp' user is now 'Debian-snmp' but the vyatta/edgeos scripts are still looking for 'snmp'.
I haven't dug into this, but I do know that at minimum this file needs to be updated:
/opt/vyatta/share/vyatta-cfg/templates/service/snmp/v3/node.def
There is a 'sudo chown -R snmp /config/snmp/tls;' in there that is most likely the cause here, but there may be other references that would need to also be fixed. Changing that one line to 'sudo chown -R Debian-snmp /config/snmp/tls;' might be a start, noting that this gets lost on firmware updates (IE: don't forget)
Also unrelated, but 'commit; save; exit' is probably not a good habit. In cases like this if the commit fails you'll blindly be saving a configuration that may be in an inconsistent state. Part of your config may have been committed and part of it may not have. Plus with the exist you'd lose those uncommitted changes, leaving you unable to determine exactly what didn't get saved. It is best to do these as separate steps, or at least in a success-dependent manner such as "commit && save && exit"
I seem to remember this had come up in the past and a very quick search turned up this thread.
The 'snmp' user is now 'Debian-snmp' but the vyatta/edgeos scripts are still looking for 'snmp'.
I haven't dug into this, but I do know that at minimum this file needs to be updated:
/opt/vyatta/share/vyatta-cfg/templates/service/snmp/v3/node.def
There is a 'sudo chown -R snmp /config/snmp/tls;' in there that is most likely the cause here, but there may be other references that would need to also be fixed. Changing that one line to 'sudo chown -R Debian-snmp /config/snmp/tls;' might be a start, noting that this gets lost on firmware updates (IE: don't forget)
Also unrelated, but 'commit; save; exit' is probably not a good habit. In cases like this if the commit fails you'll blindly be saving a configuration that may be in an inconsistent state. Part of your config may have been committed and part of it may not have. Plus with the exist you'd lose those uncommitted changes, leaving you unable to determine exactly what didn't get saved. It is best to do these as separate steps, or at least in a success-dependent manner such as "commit && save && exit"
Thanks @waterside that seems to help some. Wish they would fix that in the next OS update.
@waterside wrote:
Also unrelated, but 'commit; save; exit' is probably not a good habit. In cases like this if the commit fails you'll blindly be saving a configuration that may be in an inconsistent state. Part of your config may have been committed and part of it may not have. Plus with the exist you'd lose those uncommitted changes, leaving you unable to determine exactly what didn't get saved. It is best to do these as separate steps, or at least in a success-dependent manner such as "commit && save && exit"
Thanks for the tip.