Have you ever wondered why net-snmp doesn’t report a ccomments: true orrect interface speed on Linux?
I was also wondering, until this morning…
I tried to run net-snmp as root, and miracle, the right interface speed was detected for my interfaces.
In fact net-snmp uses the
SIOCETHTOOL ioctl to access this information.
Unfortunately the get settings variant of this ioctl needs to have the
root has this capability set, but when net-snmp drops its privileges to an unprivileged user,
this capability is lost and the
ioctl fails with
That’s too bad because getting this information is at most harmless and shouldn’t require special privileges to succeed.
Someone even posted a Linux Kernel patch to remove CAP_NET_ADMIN check for SIOCETHTOOL which doesn’t seem to have been merged.
The fix could also be on the snmpd side before dropping privileges.
The workaround is to tell net-snmp how the interface are looking:
interface eth0 6 10000000 interface eth1 6 100000000
Here I defined eth0 as a 100mbit/s FastEthernet interface, and eth1 as a GigabitEthernet interface.