/etc/acl.conf

Specify permitted operations on a defined SNMP context

Name:

/etc/acl.conf

Description:

The acl.conf file is used to specify what context is available to an agent and manager. This definition includes what operations are permitted on this collection of data objects.

Here's the search order that's used to find this file:

  1. /nodecfg/node_name/etc/acl.conf, where node_name is the value of the CS_NODENAME configuration string (see getconf and setconf)
  2. /etc/acl.conf

The file is in the format:

targetParty sourceParty context privileges

where:

targetParty
Party that a request is sent to (agent).
sourceParty
Party sending the request (manager).
context
Collection of objects that the sourceParty can view.
privileges
Actions that the source party is allowed to perform.

The privileges that you can specify are:

B
GetBulk
G
Get
I
Inform
N
GetNext
R
Response
S
Set
U
SNMPv2-Trap

For example:

agent_party manager_party agent_context G

The agent acting as agent_party allows the manager acting as manager_party to do GET operations on the collection of data objects included in the agent_context.

See also:

snmpget, snmptest, snmptrapd, snmpwalk

ISO IS 8824 (ASN.1), RFC 1065, RFC 1066, RFC 1067, RFC 1446