This is an automated email from the git hooks/post-receive script.
mreynolds pushed a change to branch master in repository 389-ds-base.
from 6aa2acd CVE-2017-15134 389-ds-base: Remote DoS via search filters in slapi_filter_sprintf new ee62d3d Ticket 49546 - Fix broken snmp MIB file
The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference.
Summary of changes: ldap/servers/slapd/agtmmap.h | 74 ++-- ldap/servers/slapd/slap.h | 8 +- ldap/servers/slapd/snmp_collator.c | 16 +- ldap/servers/snmp/ldap-agent.h | 2 +- ldap/servers/snmp/redhat-directory.mib | 596 ++++++++++++++++++--------------- 5 files changed, 374 insertions(+), 322 deletions(-)
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch master in repository 389-ds-base.
commit ee62d3d57c02267123991b5ae31070d3a76e4c1b Author: Mark Reynolds mreynolds@redhat.com Date: Tue Jan 30 16:45:42 2018 -0500
Ticket 49546 - Fix broken snmp MIB file
Description: Converted our MIB file to be SMIv2 compliant. Also slightly rearranged the entities to be more organized.
https://pagure.io/389-ds-base/issue/49546
Reviewed by: firstyear & nkinder (Thanks!!) --- ldap/servers/slapd/agtmmap.h | 74 ++-- ldap/servers/slapd/slap.h | 8 +- ldap/servers/slapd/snmp_collator.c | 16 +- ldap/servers/snmp/ldap-agent.h | 2 +- ldap/servers/snmp/redhat-directory.mib | 596 ++++++++++++++++++--------------- 5 files changed, 374 insertions(+), 322 deletions(-)
diff --git a/ldap/servers/slapd/agtmmap.h b/ldap/servers/slapd/agtmmap.h index 7f75882..2397dad 100644 --- a/ldap/servers/slapd/agtmmap.h +++ b/ldap/servers/slapd/agtmmap.h @@ -80,34 +80,34 @@ struct ops_stats_t /* * Ops Table attributes */ - PRUint64 dsAnonymousBinds; - PRUint64 dsUnAuthBinds; - PRUint64 dsSimpleAuthBinds; - PRUint64 dsStrongAuthBinds; - PRUint64 dsBindSecurityErrors; - PRUint64 dsInOps; - PRUint64 dsReadOps; - PRUint64 dsCompareOps; - PRUint64 dsAddEntryOps; - PRUint64 dsRemoveEntryOps; - PRUint64 dsModifyEntryOps; - PRUint64 dsModifyRDNOps; - PRUint64 dsListOps; - PRUint64 dsSearchOps; - PRUint64 dsOneLevelSearchOps; - PRUint64 dsWholeSubtreeSearchOps; - PRUint64 dsReferrals; - PRUint64 dsChainings; - PRUint64 dsSecurityErrors; - PRUint64 dsErrors; - PRUint64 dsConnections; /* Number of currently connected clients */ - PRUint64 dsConnectionSeq; /* Monotonically increasing number bumped on each new conn est */ - PRUint64 dsMaxThreadsHit; /* Number of times a connection hit max threads */ - PRUint64 dsConnectionsInMaxThreads; /* current number of connections that are in max threads */ - PRUint64 dsBytesRecv; /* Count of bytes read from clients */ - PRUint64 dsBytesSent; /* Count of bytes sent to clients */ - PRUint64 dsEntriesReturned; /* Number of entries returned by the server */ - PRUint64 dsReferralsReturned; /* Number of entries returned by the server */ + uint64_t dsAnonymousBinds; + uint64_t dsUnAuthBinds; + uint64_t dsSimpleAuthBinds; + uint64_t dsStrongAuthBinds; + uint64_t dsBindSecurityErrors; + uint64_t dsInOps; + uint64_t dsReadOps; + uint64_t dsCompareOps; + uint64_t dsAddEntryOps; + uint64_t dsRemoveEntryOps; + uint64_t dsModifyEntryOps; + uint64_t dsModifyRDNOps; + uint64_t dsListOps; + uint64_t dsSearchOps; + uint64_t dsOneLevelSearchOps; + uint64_t dsWholeSubtreeSearchOps; + uint64_t dsReferrals; + uint64_t dsChainings; + uint64_t dsSecurityErrors; + uint64_t dsErrors; + uint64_t dsConnections; /* Number of currently connected clients */ + uint64_t dsConnectionSeq; /* Monotonically increasing number bumped on each new conn est */ + uint64_t dsMaxThreadsHit; /* Number of times a connection hit max threads */ + uint64_t dsConnectionsInMaxThreads; /* current number of connections that are in max threads */ + uint64_t dsBytesRecv; /* Count of bytes read from clients */ + uint64_t dsBytesSent; /* Count of bytes sent to clients */ + uint64_t dsEntriesReturned; /* Number of entries returned by the server */ + uint64_t dsReferralsReturned; /* Number of entries returned by the server */ };
struct entries_stats_t @@ -115,11 +115,11 @@ struct entries_stats_t /* * Entries Table Attributes */ - PRUint64 dsMasterEntries; - PRUint64 dsCopyEntries; - PRUint64 dsCacheEntries; - PRUint64 dsCacheHits; - PRUint64 dsSlaveHits; + uint64_t dsMasterEntries; + uint64_t dsCopyEntries; + uint64_t dsCacheEntries; + uint64_t dsCacheHits; + uint64_t dsSlaveHits; };
struct int_stats_t @@ -127,14 +127,14 @@ struct int_stats_t /* * Interaction Table Attributes */ - PRUint32 dsIntIndex; + int32_t dsIntIndex; char dsName[SNMP_FIELD_LENGTH]; time_t dsTimeOfCreation; time_t dsTimeOfLastAttempt; time_t dsTimeOfLastSuccess; - PRUint32 dsFailuresSinceLastSuccess; - PRUint32 dsFailures; - PRUint32 dsSuccesses; + uint64_t dsFailuresSinceLastSuccess; + uint64_t dsFailures; + uint64_t dsSuccesses; char dsURL[SNMP_FIELD_LENGTH]; };
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h index 53586af..3c26506 100644 --- a/ldap/servers/slapd/slap.h +++ b/ldap/servers/slapd/slap.h @@ -1897,14 +1897,14 @@ struct snmp_entries_tbl_t struct snmp_int_tbl_t { /* interaction table */ - PRUint32 dsIntIndex; + int32_t dsIntIndex; char dsName[SNMP_FIELD_LENGTH]; time_t dsTimeOfCreation; time_t dsTimeOfLastAttempt; time_t dsTimeOfLastSuccess; - PRUint32 dsFailuresSinceLastSuccess; - PRUint32 dsFailures; - PRUint32 dsSuccesses; + uint64_t dsFailuresSinceLastSuccess; + uint64_t dsFailures; + uint64_t dsSuccesses; char dsURL[SNMP_FIELD_LENGTH]; };
diff --git a/ldap/servers/slapd/snmp_collator.c b/ldap/servers/slapd/snmp_collator.c index 5d25597..d563794 100644 --- a/ldap/servers/slapd/snmp_collator.c +++ b/ldap/servers/slapd/snmp_collator.c @@ -302,20 +302,20 @@ search_interaction_table(char *dsURL, int *isnew) }
#ifdef DEBUG_SNMP_INTERACTION -/* for debuging until subagent part working, print contents of interaction table */ +/* for debugging until subagent part working, print contents of interaction table */ static void print_snmp_interaction_table() { int i; for (i = 0; i < NUM_SNMP_INT_TBL_ROWS; i++) { - fprintf(stderr, " dsIntIndex: %d \n", g_get_global_snmp_vars()->int_tbl[i].dsIntIndex); + fprintf(stderr, " dsIntIndex: %"PRInt32" \n", g_get_global_snmp_vars()->int_tbl[i].dsIntIndex); fprintf(stderr, " dsName: %s \n", g_get_global_snmp_vars()->int_tbl[i].dsName); - fprintf(stderr, " dsTimeOfCreation: %ld \n", g_get_global_snmp_vars()->int_tbl[i].dsTimeOfCreation); - fprintf(stderr, " dsTimeOfLastAttempt: %ld \n", g_get_global_snmp_vars()->int_tbl[i].dsTimeOfLastAttempt); - fprintf(stderr, " dsTimeOfLastSuccess: %ld \n", g_get_global_snmp_vars()->int_tbl[i].dsTimeOfLastSuccess); - fprintf(stderr, "dsFailuresSinceLastSuccess: %d \n", g_get_global_snmp_vars()->int_tbl[i].dsFailuresSinceLastSuccess); - fprintf(stderr, " dsFailures: %d \n", g_get_global_snmp_vars()->int_tbl[i].dsFailures); - fprintf(stderr, " dsSuccesses: %d \n", g_get_global_snmp_vars()->int_tbl[i].dsSuccesses); + fprintf(stderr, " dsTimeOfCreation: %"PRIu64" \n", g_get_global_snmp_vars()->int_tbl[i].dsTimeOfCreation); + fprintf(stderr, " dsTimeOfLastAttempt: %"PRIu64" \n", g_get_global_snmp_vars()->int_tbl[i].dsTimeOfLastAttempt); + fprintf(stderr, " dsTimeOfLastSuccess: %"PRIu64" \n", g_get_global_snmp_vars()->int_tbl[i].dsTimeOfLastSuccess); + fprintf(stderr, "dsFailuresSinceLastSuccess: %"PRIu64" \n", g_get_global_snmp_vars()->int_tbl[i].dsFailuresSinceLastSuccess); + fprintf(stderr, " dsFailures: %"PRIu64" \n", g_get_global_snmp_vars()->int_tbl[i].dsFailures); + fprintf(stderr, " dsSuccesses: %"PRIu64" \n", g_get_global_snmp_vars()->int_tbl[i].dsSuccesses); fprintf(stderr, " dsURL: %s \n", g_get_global_snmp_vars()->int_tbl[i].dsURL); fprintf(stderr, "\n"); } diff --git a/ldap/servers/snmp/ldap-agent.h b/ldap/servers/snmp/ldap-agent.h index fe0f023..935d3a6 100644 --- a/ldap/servers/snmp/ldap-agent.h +++ b/ldap/servers/snmp/ldap-agent.h @@ -76,7 +76,7 @@ extern "C" { */ typedef struct server_instance_s { - PRUint32 port; + uint32_t port; int server_state; char *stats_file; char *stats_sem_name; diff --git a/ldap/servers/snmp/redhat-directory.mib b/ldap/servers/snmp/redhat-directory.mib index 184e34f..c860897 100644 --- a/ldap/servers/snmp/redhat-directory.mib +++ b/ldap/servers/snmp/redhat-directory.mib @@ -1,6 +1,6 @@ -- BEGIN COPYRIGHT BLOCK -- Copyright (C) 2001 Sun Microsystems, Inc. Used by permission. --- Copyright (C) 2005 Red Hat, Inc. +-- Copyright (C) 2018 Red Hat, Inc. -- All rights reserved. -- -- License: GPL (version 3 or any later version). @@ -11,63 +11,124 @@ -- MIB for Red Hat Directory Server -- -- This is an implementation of the MADMAN mib for monitoring LDAP/CLDAP and X.500 --- directories described in RFC 2788 and 2789 +-- directories described in RFC 2788, 2789, and 1907 -- with the addition of traps for server up and down events
RHDS-MIB DEFINITIONS ::= BEGIN
-IMPORTS - MODULE-IDENTITY, Counter64, Counter32, Gauge32, OBJECT-TYPE - FROM SNMPv2-SMI - DisplayString, TimeStamp, TEXTUAL-CONVENTION - FROM SNMPv2-TC - MODULE-COMPLIANCE, OBJECT-GROUP - FROM SNMPv2-CONF - applIndex, DistinguishedName, URLString - FROM NETWORK-SERVICES-MIB - enterprises - FROM RFC1155-SMI - TRAP-TYPE - FROM RFC-1215; - - redhat OBJECT IDENTIFIER ::= {enterprises 2312} - - URLString ::= TEXTUAL-CONVENTION - STATUS current - DESCRIPTION - "I couldn't find it but madman said it should be here, guessing DisplayString" - SYNTAX DisplayString + IMPORTS + MODULE-IDENTITY, Counter64, OBJECT-TYPE, enterprises, Integer32, + NOTIFICATION-TYPE + FROM SNMPv2-SMI + MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP + FROM SNMPv2-CONF + DisplayString, TimeStamp + FROM SNMPv2-TC + applIndex, DistinguishedName, URLString + FROM NETWORK-SERVICES-MIB + ;
rhds MODULE-IDENTITY - LAST-UPDATED "200810230000Z" - ORGANIZATION "Red Hat, Inc." - CONTACT-INFO - "Red Hat, Inc. - Website: http://www.redhat.com" - DESCRIPTION - " An implementation of the MADMAN mib for monitoring LDAP/CLDAP and X.500 - directories described in RFC 2788 and 2789 - used for Red Hat Directory Server" - ::= {redhat 6} + LAST-UPDATED "201801180000Z" + ORGANIZATION "Red Hat, Inc." + CONTACT-INFO + "Red Hat, Inc. + Website: http://www.redhat.com" + DESCRIPTION + "An implementation of the MADMAN mib for monitoring LDAP/CLDAP and X.500 + directories described in RFC 2788 and 2789 + used for Red Hat Directory Server" + REVISION "201801180000Z" + DESCRIPTION + "Update RHDS MIB for SMIv2" + ::= { enterprises 2312 6 } + + redhat OBJECT IDENTIFIER ::= { enterprises 2312 } + rhdsNotification OBJECT IDENTIFIER ::= { redhat 0 } + rhdsMIBConformance OBJECT IDENTIFIER ::= { rhds 6 } + rhdsMIBCompliances OBJECT IDENTIFIER ::= { rhdsMIBConformance 1 } + rhdsMIBGroups OBJECT IDENTIFIER ::= { rhdsMIBConformance 2 } + + rhdsCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for RHDS entities which implement the RHDS-MIB." + MODULE + MANDATORY-GROUPS { rhdsGroup, rhdsTrapGroup } + ::= { rhdsMIBCompliances 1 } + + rhdsTrapGroup NOTIFICATION-GROUP + NOTIFICATIONS { directoryServerDown, directoryServerStart } + STATUS current + DESCRIPTION + "A collection of RHDS trap/notification objects." + ::= { rhdsMIBGroups 9 } + + rhdsGroup OBJECT-GROUP + OBJECTS { dsAnonymousBinds, + dsUnAuthBinds, + dsSimpleAuthBinds, + dsStrongAuthBinds, + dsBindSecurityErrors, + dsInOps, + dsReadOps, + dsCompareOps, + dsAddEntryOps, + dsRemoveEntryOps, + dsModifyEntryOps, + dsModifyRDNOps, + dsListOps, + dsSearchOps, + dsOneLevelSearchOps, + dsWholeSubtreeSearchOps, + dsReferrals, + dsChainings, + dsSecurityErrors, + dsErrors, + dsConnections, + dsConnectionsInMaxThreads, + dsMaxThreadsHit, + dsMasterEntries, + dsCopyEntries, + dsCacheEntries, + dsCacheHits, + dsSlaveHits, + dsName, + dsTimeOfCreation, + dsTimeOfLastAttempt, + dsTimeOfLastSuccess, + dsFailuresSinceLastSuccess, + dsFailures, + dsSuccesses, + dsURL, + dsEntityDescr, + dsEntityVers, + dsEntityOrg, + dsEntityLocation, + dsEntityContact, + dsEntityName } + STATUS current + DESCRIPTION + "A collection of objects providing basic instrumentation and + control of RHDS entity." + ::= { rhdsMIBGroups 8 }
dsOpsTable OBJECT-TYPE SYNTAX SEQUENCE OF DsOpsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION - " The table holding information related to the - DS operations." - ::= {rhds 1} + "The table holding information related to the DS operations." + ::= { rhds 1 }
dsOpsEntry OBJECT-TYPE SYNTAX DsOpsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION - " Entry containing operations related statistics - for a DS." + "Entry containing operations related statistics for a DS." INDEX { applIndex } - ::= {dsOpsTable 1} + ::= { dsOpsTable 1 }
DsOpsEntry ::= SEQUENCE {
@@ -80,7 +141,7 @@ IMPORTS dsSimpleAuthBinds Counter64, dsStrongAuthBinds - Counter64 + Counter64, dsBindSecurityErrors Counter64,
@@ -116,21 +177,22 @@ IMPORTS dsChainings Counter64,
- -- Connection Stats - - dsConnections - Counter64, - dsMaxThreadsHit - Counter64, - dsConnectionsInMaxThreads - Counter64, - -- Errors
dsSecurityErrors Counter64, dsErrors + Counter64, + + -- Connection Stats + + dsConnections + Counter64, + dsConnectionsInMaxThreads + Counter64, + dsMaxThreadsHit Counter64 + }
-- CLDAP does not use binds; for A CLDAP DS the bind @@ -151,237 +213,234 @@ IMPORTS -- the following fields will remain inaccessible for -- CLDAP and LDAP DSs: dsReferrals.
+ dsAnonymousBinds OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of anonymous binds to this DS from UAs + "Number of anonymous binds to this DS from UAs since application start." - ::= {dsOpsEntry 1} + ::= { dsOpsEntry 1 }
dsUnAuthBinds OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of un-authenticated binds to this DS since + "Number of un-authenticated binds to this DS since application start." - ::= {dsOpsEntry 2} + ::= { dsOpsEntry 2 }
dsSimpleAuthBinds OBJECT-TYPE - SYNTAX Counter64 + SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of binds to this DS that were authenticated + "Number of binds to this DS that were authenticated using simple authentication procedures since application start." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 8.1.2.1.1. and, RFC1777 Section 4.1" - ::= {dsOpsEntry 3} + ::= { dsOpsEntry 3 }
dsStrongAuthBinds OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of binds to this DS that were authenticated + "Number of binds to this DS that were authenticated using the strong authentication procedures since application start. This includes the binds that were authenticated using external authentication procedures." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Sections 8.1.2.1.2 & 8.1.2.1.3. and, RFC1777 Section 4.1." - ::= {dsOpsEntry 4} + ::= { dsOpsEntry 4 }
dsBindSecurityErrors OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of bind operations that have been rejected + "Number of bind operations that have been rejected by this DS due to inappropriateAuthentication or invalidCredentials." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 12.7.2 and, RFC1777 Section 4." - ::= {dsOpsEntry 5} + ::= { dsOpsEntry 5 }
dsInOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of operations forwarded to this DS - from UAs or other DSs since application - start up." - ::= {dsOpsEntry 6} + "Number of operations forwarded to this DS + from UAs or other DSs since application start up." + ::= { dsOpsEntry 6 } dsReadOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of read operations serviced by + "Number of read operations serviced by this DS since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: - Section 9.1." - ::= {dsOpsEntry 7} + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 9.1." + ::= { dsOpsEntry 7 }
dsCompareOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of compare operations serviced by + "Number of compare operations serviced by this DS since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 9.2. and, RFC1777 section 4.8" - ::= {dsOpsEntry 8} + ::= { dsOpsEntry 8 }
dsAddEntryOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of addEntry operations serviced by + "Number of addEntry operations serviced by this DS since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 11.1. and, RFC1777 Section 4.5." - ::= {dsOpsEntry 9} + ::= { dsOpsEntry 9 }
dsRemoveEntryOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of removeEntry operations serviced by + "Number of removeEntry operations serviced by this DS since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 11.2. and, RFC1777 Section 4.6." - ::= {dsOpsEntry 10} + ::= { dsOpsEntry 10 }
dsModifyEntryOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of modifyEntry operations serviced by + "Number of modifyEntry operations serviced by this DS since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 11.3. and, RFC1777 Section 4.4." - ::= {dsOpsEntry 11} + ::= { dsOpsEntry 11 }
dsModifyRDNOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of modifyRDN operations serviced by - this DS since application startup." + "Number of modifyRDN operations serviced by + this DS since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 11.4.and, RFC1777 Section 4.7" - ::= {dsOpsEntry 12} + ::= { dsOpsEntry 12 }
dsListOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of list operations serviced by + "Number of list operations serviced by this DS since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 10.1." - ::= {dsOpsEntry 13} + ::= { dsOpsEntry 13 }
dsSearchOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of search operations- baseObject searches, + "Number of search operations- baseObject searches, oneLevel searches and wholeSubtree searches, serviced by this DS since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 10.2. and, RFC1777 Section 4.3." - ::= {dsOpsEntry 14} + ::= { dsOpsEntry 14 }
dsOneLevelSearchOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of oneLevel search operations serviced + "Number of oneLevel search operations serviced by this DS since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 10.2.2.2. and, RFC1777 Section 4.3." - ::= {dsOpsEntry 15} + ::= { dsOpsEntry 15 }
dsWholeSubtreeSearchOps OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of wholeSubtree search operations serviced + "Number of wholeSubtree search operations serviced by this DS since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 10.2.2.2. and, RFC1777 Section 4.3." - ::= {dsOpsEntry 16} + ::= { dsOpsEntry 16 }
dsReferrals OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of referrals returned by this DS in response + "Number of referrals returned by this DS in response to requests for operations since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: - Section 12.6." - ::= {dsOpsEntry 17} + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 12.6." + ::= { dsOpsEntry 17 }
dsChainings OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of operations forwarded by this DS + "Number of operations forwarded by this DS to other DSs since application startup." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.518, 1988: - Section 14." - ::= {dsOpsEntry 18} + "CCITT Blue Book Fascicle VIII.8 - Rec. X.518, 1988: Section 14." + ::= { dsOpsEntry 18 }
- dsSecurityErrors OBJECT-TYPE + dsSecurityErrors OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of operations forwarded to this DS - which did not meet the security requirements. " + "Number of operations forwarded to this DS + which did not meet the security requirements. " REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: - Section 12.7. and, RFC1777 Section 4." - ::= {dsOpsEntry 19} + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + Section 12.7. and, RFC1777 Section 4." + ::= { dsOpsEntry 19 }
dsErrors OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of operations that could not be serviced + "Number of operations that could not be serviced due to errors other than security errors, and referrals. A partially serviced operation will not be counted @@ -389,63 +448,60 @@ IMPORTS The errors include NameErrors, UpdateErrors, Attribute errors and ServiceErrors." REFERENCE - " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: + "CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Sections 12.4, 12.5, 12.8 & 12.9. and, RFC1777 Section 4." - ::= {dsOpsEntry 20} + ::= { dsOpsEntry 20 }
dsConnections OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of total connections opened." + "Number of total connections opened." REFERENCE - " Redhat-defined 1.1" - ::= {dsOpsEntry 21} - + "Redhat-defined 1.1" + ::= { dsOpsEntry 21 } + dsConnectionsInMaxThreads OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of connections that are currently in a max thread state." + "Number of connections that are currently in a max thread state." REFERENCE - " Redhat defined 1.2." - ::= {dsOpsEntry 22} - + "Redhat defined 1.2." + ::= { dsOpsEntry 22 } + dsMaxThreadsHit OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of times any connection has hit max threads." + "Number of times any connection has hit max threads." REFERENCE - " Redhat defined 1.3." - ::= {dsOpsEntry 23} - + "Redhat defined 1.3." + ::= { dsOpsEntry 23 } + -- Entry statistics/Cache performance dsEntriesTable OBJECT-TYPE SYNTAX SEQUENCE OF DsEntriesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION - " The table holding information related to the + "The table holding information related to the entry statistics and cache performance of the DSs." - ::= {rhds 2} + ::= { rhds 2 }
dsEntriesEntry OBJECT-TYPE SYNTAX DsEntriesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION - " Entry containing statistics pertaining to entries - held by a DS." + "Entry containing statistics pertaining to entries held by a DS." INDEX { applIndex } - ::= {dsEntriesTable 1} - + ::= { dsEntriesTable 1 }
DsEntriesEntry ::= SEQUENCE { - dsMasterEntries Counter64, dsCopyEntries @@ -455,7 +511,7 @@ IMPORTS dsCacheHits Counter64, dsSlaveHits - Counter64 + Counter64 }
-- A (C)LDAP frontend to the X.500 Directory will not have @@ -468,47 +524,47 @@ IMPORTS MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of entries mastered in the DS." - ::= {dsEntriesEntry 1} + "Number of entries mastered in the DS." + ::= { dsEntriesEntry 1 }
dsCopyEntries OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of entries for which systematic (slave) + "Number of entries for which systematic (slave) copies are maintained in the DS." - ::= {dsEntriesEntry 2} + ::= { dsEntriesEntry 2 }
dsCacheEntries OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of entries cached (non-systematic copies) in + "Number of entries cached (non-systematic copies) in the DS. This will include the entries that are cached partially. The negative cache is not counted." - ::= {dsEntriesEntry 3} + ::= { dsEntriesEntry 3 }
dsCacheHits OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of operations that were serviced from + "Number of operations that were serviced from the locally held cache since application startup." - ::= {dsEntriesEntry 4} + ::= { dsEntriesEntry 4 }
dsSlaveHits OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Number of operations that were serviced from + "Number of operations that were serviced from the locally held object replications ( shadow entries) since application startup." - ::= {dsEntriesEntry 5} + ::= { dsEntriesEntry 5 }
-- The dsIntTable contains statistical data on the peer DSs -- with which the monitored DSs (attempt to) interact. This @@ -523,7 +579,7 @@ IMPORTS MAX-ACCESS not-accessible STATUS current DESCRIPTION - " Each row of this table contains some details + "Each row of this table contains some details related to the history of the interaction of the monitored DSs with their respective peer DSs." @@ -534,126 +590,120 @@ IMPORTS MAX-ACCESS not-accessible STATUS current DESCRIPTION - " Entry containing interaction details of a DS - with a peer DS." - INDEX { applIndex, dsIntIndex } + "Entry containing interaction details of a DS with a peer DS." + INDEX { applIndex, dsIntIndex } ::= { dsIntTable 1 }
DsIntEntry ::= SEQUENCE { - dsIntIndex - INTEGER, + INTEGER, dsName - DistinguishedName, + DistinguishedName, dsTimeOfCreation - TimeStamp, + TimeStamp, dsTimeOfLastAttempt - TimeStamp, + TimeStamp, dsTimeOfLastSuccess - TimeStamp, + TimeStamp, dsFailuresSinceLastSuccess - Counter32, + Counter64, dsFailures - Counter32, + Counter64, dsSuccesses - Counter32, + Counter64, dsURL - URLString - + URLString }
- dsIntIndex OBJECT-TYPE - SYNTAX INTEGER (1..2147483647) - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION - " Together with applIndex it forms the unique key to - identify the conceptual row which contains useful info + dsIntIndex OBJECT-TYPE + SYNTAX Integer32 (1..2147483647) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Together with applIndex it forms the unique key to + identify the conceptual row which contains useful info on the (attempted) interaction between the DS (referred to by applIndex) and a peer DS." - ::= {dsIntEntry 1} + ::= { dsIntEntry 1 }
dsName OBJECT-TYPE SYNTAX DistinguishedName MAX-ACCESS read-only STATUS current DESCRIPTION - " Distinguished Name of the peer DS to which this - entry pertains." - ::= {dsIntEntry 2} + "Distinguished Name of the peer DS to which this entry pertains." + ::= { dsIntEntry 2 }
dsTimeOfCreation OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION - " The value of sysUpTime when this row was created. + "The value of sysUpTime when this row was created. If the entry was created before the network management subsystem was initialized, this object will contain a value of zero." - ::= {dsIntEntry 3} + ::= { dsIntEntry 3 }
dsTimeOfLastAttempt OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION - " The value of sysUpTime when the last attempt was made + "The value of sysUpTime when the last attempt was made to contact this DS. If the last attempt was made before the network management subsystem was initialized, this object will contain a value of zero." - ::= {dsIntEntry 4} + ::= { dsIntEntry 4 }
dsTimeOfLastSuccess OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION - " The value of sysUpTime when the last attempt made to + "The value of sysUpTime when the last attempt made to contact this DS was successful. If there have been no successful attempts this entry will have a value of zero. If the last successful attempt was made before the network management subsystem was initialized, this object will contain a value of zero." - ::= {dsIntEntry 5} + ::= { dsIntEntry 5 }
dsFailuresSinceLastSuccess OBJECT-TYPE - SYNTAX Counter32 + SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " The number of failures since the last time an + "The number of failures since the last time an attempt to contact this DS was successful. If there has been no successful attempts, this counter will contain the number of failures since this entry was created." - ::= {dsIntEntry 6} + ::= { dsIntEntry 6 }
dsFailures OBJECT-TYPE - SYNTAX Counter32 + SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Cumulative failures since the creation of - this entry." - ::= {dsIntEntry 7} + "Cumulative failures since the creation of this entry." + ::= { dsIntEntry 7 }
dsSuccesses OBJECT-TYPE - SYNTAX Counter32 + SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION - " Cumulative successes since the creation of - this entry." - ::= {dsIntEntry 8} + "Cumulative successes since the creation of this entry." + ::= { dsIntEntry 8 }
dsURL OBJECT-TYPE SYNTAX URLString MAX-ACCESS read-only STATUS current DESCRIPTION - " URL of the DS application." - ::= {dsIntEntry 9} + "URL of the DS application." + ::= { dsIntEntry 9 }
-- -- Information about this installation of the directory server @@ -664,103 +714,105 @@ IMPORTS MAX-ACCESS not-accessible STATUS current DESCRIPTION - "This table holds general information related to an installed - instance of a directory server" - ::= {rhds 5} + "This table holds general information related to an installed + instance of a directory server" + ::= { rhds 5 }
dsEntityEntry OBJECT-TYPE SYNTAX DsEntityEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION - "Entry of general information about an installed instance - of a directory server" + "Entry of general information about an installed instance + of a directory server" INDEX { applIndex} - ::= {dsEntityTable 1} + ::= { dsEntityTable 1 }
DsEntityEntry ::= SEQUENCE { dsEntityDescr - DisplayString, - dsEntityVers - DisplayString, - dsEntityOrg - DisplayString, - dsEntityLocation - DisplayString, - dsEntityContact - DisplayString, - dsEntityName - DisplayString + DisplayString, + dsEntityVers + DisplayString, + dsEntityOrg + DisplayString, + dsEntityLocation + DisplayString, + dsEntityContact + DisplayString, + dsEntityName + DisplayString }
- dsEntityDescr OBJECT-TYPE - SYNTAX DisplayString(SIZE (0..255)) - ACCESS read-only - STATUS mandatory - DESCRIPTION - "A general textual description of this directory server." - ::= {dsEntityEntry 1} - - dsEntityVers OBJECT-TYPE - SYNTAX DisplayString(SIZE (0..255)) - ACCESS read-only - STATUS mandatory - DESCRIPTION - "The version of this directory server" - ::={dsEntityEntry 2} - - dsEntityOrg OBJECT-TYPE - SYNTAX DisplayString(SIZE (0..255)) - ACCESS read-only - STATUS mandatory - DESCRIPTION - "Organization responsible for directory server at this installation" - ::={dsEntityEntry 3} - - dsEntityLocation OBJECT-TYPE - SYNTAX DisplayString(SIZE (0..255)) - ACCESS read-only - STATUS mandatory - DESCRIPTION - "Physical location of this entity (directory server). - For example: hostname, building number, lab number, etc." - ::={dsEntityEntry 4} - - dsEntityContact OBJECT-TYPE - SYNTAX DisplayString(SIZE (0..255)) - ACCESS read-only - STATUS mandatory - DESCRIPTION - "Contact person(s)responsible for the directory server at this - installation, together with information on how to conact." - ::={dsEntityEntry 5} + dsEntityDescr OBJECT-TYPE + SYNTAX DisplayString(SIZE (0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A general textual description of this directory server." + ::= { dsEntityEntry 1 } + + dsEntityVers OBJECT-TYPE + SYNTAX DisplayString(SIZE (0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The version of this directory server" + ::={ dsEntityEntry 2 } + + dsEntityOrg OBJECT-TYPE + SYNTAX DisplayString(SIZE (0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Organization responsible for directory server at this installation" + ::={ dsEntityEntry 3 } + + dsEntityLocation OBJECT-TYPE + SYNTAX DisplayString(SIZE (0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Physical location of this entity (directory server). + For example: hostname, building number, lab number, etc." + ::={ dsEntityEntry 4 } + + dsEntityContact OBJECT-TYPE + SYNTAX DisplayString(SIZE (0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Contact person(s)responsible for the directory server at this + installation, together with information on how to conact." + ::={ dsEntityEntry 5 } - dsEntityName OBJECT-TYPE - SYNTAX DisplayString(SIZE (0..255)) - ACCESS read-only - STATUS mandatory - DESCRIPTION - "Name assigned to this entity at the installation site" - ::={dsEntityEntry 6} + dsEntityName OBJECT-TYPE + SYNTAX DisplayString(SIZE (0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Name assigned to this entity at the installation site" + ::={ dsEntityEntry 6 }
-- --- Traps +-- Traps -- -- - DirectoryServerDown TRAP-TYPE - ENTERPRISE redhat - VARIABLES { dsEntityDescr, dsEntityVers, dsEntityLocation, - dsEntityContact } - DESCRIPTION "This trap is generated whenever the agent detects the - directory server to be (potentially) Down." - ::= 6001 - - DirectoryServerStart TRAP-TYPE - ENTERPRISE redhat - VARIABLES { dsEntityDescr, dsEntityVers, dsEntityLocation } - DESCRIPTION "This trap is generated whenever the agent detects the - directory server to have (re)started." - ::= 6002 - + directoryServerDown NOTIFICATION-TYPE + OBJECTS { dsEntityDescr, dsEntityVers, dsEntityLocation, + dsEntityContact } + STATUS current + DESCRIPTION + "This trap is generated whenever the agent detects the + directory server to be (potentially) Down." + ::= { rhdsNotification 6001 } + + directoryServerStart NOTIFICATION-TYPE + OBJECTS { dsEntityDescr, dsEntityVers, dsEntityLocation } + STATUS current + DESCRIPTION + "This trap is generated whenever the agent detects the + directory server to have (re)started." + ::= { rhdsNotification 6002 } + END
389-commits@lists.fedoraproject.org