CentOS7 編譯安裝snmpd,解決與與Mariadb10衝突問題
CentOS7安裝了MariaDB10以後,無法使用yum安裝snmp服務,會提示mariadb-libs與mariadb-common 10的衝突提示。翻牆在谷歌上查到有人說在特定版本的mariadb上fix了這個bug,但是不是全版本通用,所以很麻煩。
最後測試可以通過編譯安裝snmp解決這個問題。記錄如下:
1、準備環境
yum -y installmake gcc gcc-c++ gcc-g77 openssl openssl-devel
2、編譯和安裝
首先我們需要下載Net-SNMP的原始碼,
官方地址:
下載:net-snmp-5.7.3.tar.gz
接下來對下載的原始碼包進行解壓縮,
tar xzvfnet-snmp-5.7.3.tar.gz
然後通過configure來生成編譯規則,
cdnet-snmp-5.7.3
./configure \
--prefix=/usr/local/snmp \
--with-mib-modules=ucd-snmp/diskio\
--with-default-snmp-version="2" \
--with-sys-contact=Robin \
--with-sys-location="shanghai"\
--with-logfile="/server/snmp/log/snmpd.log"\
--with-persistent-directory="/var/net-snmp"
注意,以上的
--with-mib-modules=ucd-snmp/diskio
選項,可以讓伺服器支援磁碟I/O監控。
回車出現下面問題,可以直接回車而不用回答,系統會採用預設資訊,其中日誌檔案預設安裝在/var/log/snmpd.log.資料存貯目錄預設存放在/var/net-snmp下。
配置預設snmp協議版本(1,2c,3),配置為v3版的話,支援登入驗證功能,相對來說更安全了
--with-default-snmp-version="2"
配置該裝置的聯絡人資訊,也可以是郵箱地址
--with-sys-contact=robin
配置該系統裝置的地理位置
--with-sys-location="shanghai"
配置日誌檔案位置
--with-logfile="/server/snmp/log/snmpd.log"
配置資料儲存目錄
--with-persistent-directory="/var/net-snmp"
接下來,開始編譯和安裝:
make&& make install
到現在為止,我們已經有了可以執行的SNMP代理程式,它位於/server/snmp/sbin/snmpd,在啟動它之前,我們還要進行一些必要的設定。
當然,路徑什麼的,可以根據需要調整。
3.建立並配置snmp配置檔案
Vi/etc/snmpd/snmpd.conf #建立並編輯snmpd配置檔案
程式碼如下:
###############################################################################
#
# EXAMPLE.conf:
# An example configuration file forconfiguring the ucd-snmp snmpd agent.
#
###############################################################################
#
# This file isintended to only be an example. If,however, you want
# to use it, itshould be placed in /usr/local/net-snmp/etc/snmp/snmpd.conf.
# When the snmpdagent starts up, this is where it will look for it.
#
# You might beinterested in generating your own snmpd.conf file using
# the"snmpconf" program (perl script) instead. It's a nice menu
# based interface towriting well commented configuration files. Try it!
#
# Note: This file isautomatically generated from EXAMPLE.conf.def.
# Do NOT read theEXAMPLE.conf.def file! Instead, after you have run
# configure &make, and then make sure you read the EXAMPLE.conf file
# instead, as itwill tailor itself to your configuration.
# All linesbeginning with a '#' are comments and are intended for you
# to read. All other lines are configuration commandsfor the agent.
#
# PLEASE: read thesnmpd.conf(5) manual page as well!
#
###############################################################################
# Access Control
###############################################################################
# YOU SHOULD CHANGETHE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
# KNOWN AT YOURSITE. YOU *MUST* CHANGE THE NETWORKTOKEN BELOW TO
# SOMETHINGREFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
# By far, the mostcommon question I get about the agent is "why won't
# it work?",when really it should be "how do I configure the agent to
# allow me to accessit?"
#
# By default, theagent responds to the "public" community for read
# only access, ifrun out of the box without any configuration file in
# place. The following examples show you other ways ofconfiguring
# the agent so thatyou can change the community names, and give
# yourself writeaccess as well.
#
# The followinglines change the access permissions of the agent so
# that the COMMUNITYstring provides read-only access to your entire
# NETWORK (EG:10.10.10.0/24), and read/write access to only the
# localhost(127.0.0.1, not its real ipaddress).
#
# For moreinformation, read the FAQ as well as the snmpd.conf(5)
# manual page.
####
# First, map thecommunity name (COMMUNITY) into a security name
# (local andmynetwork, depending on where the request is coming
# from):
# sec.name source community
#com2sec mynetwork 127.0.0.1 public
com2sec mynetwork default public
#com2sec mynetwork 60.195.252.107 public
#com2sec mynetwork 60.195.252.110 public
####
# Second, map thesecurity name into a group name:
# groupName securityModel securityName
#group notConfigGroup v1 notConfigUser
#group notConfigGroup v2c notConfigUser
group my_group v1 mynetwork
group my_group v2c mynetwork
####
# Third, create aview for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fastagain.
# name incl/excl subtree mask(optional)
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
view all included .1 80
####
# Finally, grant thegroup read-only access to the systemview view.
# group context sec.model sec.level prefixread write notif
#access notConfigGroup "" any noauth exact systemview none none
access my_group "" any noauth exact all none none
#-----------------------------------------------------------------------------
4.建立snmp服務
進入原始碼目錄,如/usr/local/src/net-snmp-5.7.3目錄,將啟動配置檔案範例複製到/etc/init.d/目錄:
cp/usr/local/src/net-snmp-5.7.3/dist/snmpd-init.d /etc/init.d/snmpd
修改/etc/init.d/snmpd檔案
將其中的
vi /etc/init.d/snmpd
prog="/usr/local/sbin/snmpd"
修改為
prog="/usr/local/snmp/sbin/snmpd"
將其中的
[ -x $prog -a -f/usr/local/share/snmp/snmpd.conf ] || exit 0
修改為
[ -x $prog -a -f/etc/snmp/snmpd.conf ] || exit 0
groupaddsnmp #新增apache使用者組及使用者
useradd -g snmp -s/usr/sbin/nologin apache
chown -R snmp:snmp/usr/local/apache2
chmod +x/etc/init.d/snmpd
chkconfig--add snmpd #增加執行許可權
chkconfig--level 2345 snmpd on #設定開機啟動
chkconfig--list snmpd #檢視是否設定成功
snmpd 0:關閉 1:關閉 2:啟用 3:啟用 4:啟用 5:啟用 6:關閉
5.配置snmpd服務啟動
systemctlenable snmpd #設定開機啟動
systemctlstart snmpd #啟動snmpd服務
其他的不多說了