idnits 2.17.1 draft-ietf-disman-script-mib-05.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 8 instances of too long lines in the document, the longest one being 2 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 2360 has weird spacing: '...for the purpo...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 17, 1998) is 9405 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '16' is defined on line 2316, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2271 (ref. '1') (Obsoleted by RFC 2571) ** Downref: Normative reference to an Informational RFC: RFC 1215 (ref. '4') ** Obsolete normative reference: RFC 1902 (ref. '5') (Obsoleted by RFC 2578) ** Obsolete normative reference: RFC 1903 (ref. '6') (Obsoleted by RFC 2579) ** Obsolete normative reference: RFC 1904 (ref. '7') (Obsoleted by RFC 2580) ** Downref: Normative reference to an Historic RFC: RFC 1157 (ref. '8') ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '9') ** Obsolete normative reference: RFC 1906 (ref. '10') (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 2272 (ref. '11') (Obsoleted by RFC 2572) ** Obsolete normative reference: RFC 2274 (ref. '12') (Obsoleted by RFC 2574) ** Obsolete normative reference: RFC 1905 (ref. '13') (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 2273 (ref. '14') (Obsoleted by RFC 2573) ** Obsolete normative reference: RFC 2275 (ref. '15') (Obsoleted by RFC 2575) ** Obsolete normative reference: RFC 2028 (ref. '16') (Obsoleted by RFC 9281) ** Obsolete normative reference: RFC 1738 (ref. '17') (Obsoleted by RFC 4248, RFC 4266) ** Obsolete normative reference: RFC 2068 (ref. '19') (Obsoleted by RFC 2616) -- Possible downref: Non-RFC (?) normative reference: ref. '20' Summary: 26 errors (**), 0 flaws (~~), 4 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet-Draft Script MIB July 1998 4 Definitions of Managed Objects for the 5 Delegation of Management Scripts 7 July 17, 1998 9 11 David B. Levi 12 SNMP Research, Inc. 13 levi@snmp.com 15 Juergen Schoenwaelder 16 TU Braunschweig 17 schoenw@ibr.cs.tu-bs.de 19 Status of this Memo 21 This document is an Internet-Draft. Internet-Drafts are working 22 documents of the Internet Engineering Task Force (IETF), its areas, 23 and its working groups. Note that other groups may also distribute 24 working documents as Internet-Drafts. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as ``work in progress.'' 31 To view the entire list of current Internet-Drafts, please check the 32 "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow 33 Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern 34 Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific 35 Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast). 37 Distribution of this document is unlimited. Please send comments to 38 the Distributed Management Working Group, . 40 Copyright Notice 42 Copyright (C) The Internet Society (1998). All Rights Reserved. 44 1. Abstract 46 This memo defines an experimental portion of the Management 47 Information Base (MIB) for use with network management protocols in 48 the Internet community. In particular, it describes a set of managed 49 objects that allow the delegation of management scripts to 50 distributed managers. 52 This memo does not specify a standard for the Internet community. 54 2. The SNMP Management Framework 56 The SNMP Management Framework presently consists of five major 57 components: 59 o An overall architecture, described in RFC 2271 [1]. 61 o Mechanisms for describing and naming objects and events for the 62 purpose of management. The first version of this Structure of 63 Management Information (SMI) is called SMIv1 and described in 64 RFC 1155 [2], RFC 1212 [3] and RFC 1215 [4]. The second version, 65 called SMIv2, is described in RFC 1902 [5], RFC 1903 [6] and RFC 66 1904 [7]. 68 o Message protocols for transferring management information. The 69 first version of the SNMP message protocol is called SNMPv1 and 70 described in RFC 1157 [8]. A second version of the SNMP message 71 protocol, which is not an Internet standards track protocol, is 72 called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. 73 The third version of the message protocol is called SNMPv3 and 74 described in RFC 1906 [10], RFC 2272 [11] and RFC 2274 [12]. 76 o Protocol operations for accessing management information. The 77 first set of protocol operations and associated PDU formats is 78 described in RFC 1157 [8]. A second set of protocol operations 79 and associated PDU formats is described in RFC 1905 [13]. 81 o A set of fundamental applications described in RFC 2273 [14] and 82 the view-based access control mechanism described in RFC 2275 83 [15]. 85 Managed objects are accessed via a virtual information store, termed 86 the Management Information Base or MIB. Objects in the MIB are 87 defined using the mechanisms defined in the SMI. 89 This memo specifies a MIB module that is compliant to the SMIv2. A 90 MIB conforming to the SMIv1 can be produced through the appropriate 91 translations. The resulting translated MIB must be semantically 92 equivalent, except where objects or events are omitted because no 93 translation is possible (use of Counter64). Some machine readable 94 information in SMIv2 will be converted into textual descriptions in 95 SMIv1 during the translation process. However, this loss of machine 96 readable information is not considered to change the semantics of the 97 MIB. 99 3. Overview 101 The Script MIB module defined in this memo can be used to delegate 102 management functions to distributed managers. Management functions 103 are defined as management scripts written in a management scripting 104 language. This MIB makes no assumptions about the language itself and 105 even allows distribution of compiled native code, if an 106 implementation is able to execute native code under the control of 107 this MIB. 109 The Script MIB defines a standard interface for the delegation of 110 management functions based on the Internet management framework. In 111 particular, it provides the following capabilities: 113 1. Capabilities to transfer management scripts to a distributed 114 manager. 116 2. Capabilities for initiating, suspending, resuming and 117 terminating management scripts. 119 3. Capabilities to transfer arguments for management scripts. 121 4. Capabilities to monitor and control running management scripts. 123 5. Capabilities to transfer the results produced by running 124 management scripts. 126 This memo does not address any additional topics like the generation 127 of notifications or how to address remote agents from a Script MIB 128 implementation. 130 3.1. Terms 132 This section defines the terms used throughout this memo. 134 o A `distributed manager' is a processing entity which is capable 135 of performing network management functions. For the scope of 136 this memo, a distributed manager is assumed to implement the 137 Script MIB. 139 o A `higher-level manager', or just `manager', is a processing 140 entity or human who initiates and controls the operations 141 performed by one or more distributed managers. 143 o A `management script' is a set of instructions written in an 144 executable language which implements a management function. 146 o A `management scripting language' is a language used to write 147 management scripts. Note, that the term scripting language does 148 not imply that the language must have the characteristics of 149 scripting languages. 151 o A `distributed manager' can be decomposed into an `SNMP entity' 152 which implements the Script MIB defined in this memo and the 153 `runtime system' that executes scripts. The Script MIB sees the 154 runtime system as the managed resource which is controlled by 155 the MIB. 157 The runtime system can act as an SNMP application, according to 158 the SNMP architecture defined in RFC 2271 [1]. For example, a 159 runtime system which sends SNMP requests to other SNMP entities 160 will act as a command generator application. The SNMP 161 applications in the runtime system may use the same SNMP engine 162 which also serves the command responder application used to 163 implement the Script MIB, but they are not required to do so. 165 4. Requirements and Design Issues 167 This section discusses some general requirements that have influenced 168 the design of the Script MIB. 170 o The Script MIB must not make any assumptions about specific 171 languages or runtime systems. 173 o The Script MIB must provide mechanisms that help to avoid new 174 management problems (e.g. script version problems). 176 o The Script MIB must provide SNMP interfaces to all functions 177 required to delegate management scripts. However, other 178 protocols might be used in addition if they provide a 179 significant improvement in terms of convenience for 180 implementation or performance. 182 o The Script MIB must be organized so that access can be 183 controlled effectively by using view-based access control [15]. 185 The following sections discuss some design issues in more detail. 187 4.1. Script Languages 189 The Script MIB defined in this memo makes no assumption about the 190 script language. This MIB can therefore be used in combination with 191 different languages (such as Tcl or Java) and/or different versions 192 of the same language. No assumptions are made about the format in 193 which management scripts are transferred. 195 The Script MIB provides access to information about the language 196 versions supported by a Script MIB implementation so that a manager 197 can learn about the capabilities provided by an implementation. 198 Languages and language versions are identified as follows: 200 1. The language is identified by an object identifier. Object 201 identifier for well-known languages will be registered by the 202 Internet Assigned Numbers Authority (IANA). Enterprise specific 203 languages can also be registered in the enterprise specific OID 204 subtree. 206 2. A particular version of a language is identified by a language 207 version number. The combination of a language object identifier 208 and a language version is in most cases sufficient to decide 209 whether a script can be executed or not. 211 3. Different implementations of the same language version might 212 have differences due to ambiguities in the language definition 213 or additional language features provided by an implementor. An 214 additional object identifier value is provided which identifies 215 the organization which provides the implementation of a 216 language. This might be used by scripts that require a 217 particular implementation of a language. 219 4. Finally, there might be different versions of a language 220 implementation. A version number for the language implementation 221 is provided so that the manager can also distinguish between 222 different implementations from the same organization of a 223 particular language version. 225 The version numbers can either be used by a manager to select the 226 language version required to execute a particular script or to select 227 a script that fits the language versions supported by a particular 228 Script MIB implementation. 230 An additional table lists language extensions that provide features 231 not provided by the core language. Language extensions are usually 232 required to turn a general purpose language into a management 233 language. In many cases, language extensions will come in the form of 234 libraries that provide capabilities like sending SNMP requests to 235 remote SNMP agents or accessing the local MIB instrumentation. Every 236 extension is associated with a language and carries its own version 237 numbers. 239 4.2. Script Transfer 241 There are two different ways to transfer management scripts to a 242 distributed manager. The first approach requires that the manager 243 pushes the script to the distributed manager. This is therefore 244 called the `push model'. The second approach is the `pull model' 245 where the manager tells the distributed manager the location of the 246 script and the distributed manager retrieves the script itself. 248 The MIB defined in this memo supports both models. The `push model' 249 is realized by a table which allows a manager to write scripts by 250 sending a sequence of SNMP set requests. The script can be split into 251 several fragments in order to deal with SNMP message size 252 limitations. 254 The `pull model' is realized by the use of Uniform Resource Locators 255 (URLs) [17] that point to the script source. The manager writes the 256 URL which points to the script source to the distributed manager by 257 sending an SNMP set request. The distributed manager is then 258 responsible for retrieving the document using the protocol specified 259 in the URL. This allows the use of protocols like FTP [18] or HTTP 260 [19] to transfer large management scripts efficiently. 262 The Script MIB also allows management scripts that are hard-wired 263 into the Script MIB implementation. Built-in scripts can either be 264 implemented in a language runtime system, or they can be built 265 natively into the Script MIB implementation. The implementation of 266 the `push model' or the `pull model' is not required. 268 Scripts can be stored in non-volatile storage. This allows a 269 distributed manager to restart scripts if it is restarted (off-line 270 restart). A manager is not required to push scripts back into the 271 distributed manager after a restart if the script is backed up in 272 non-volatile storage. 274 Every script is identified by an administratively assigned name. This 275 name may be used to derive the name which is used to access the 276 script in non-volatile storage. This mapping is implementation 277 specific. However, the mapping must ensure that the Script MIB 278 implementation can handle scripts with the same administrative name 279 owned by different managers. One way to achieve this is to use the 280 script owner in addition to the script name in order to derive the 281 internal name used to refer to a particular script in non-volatile 282 storage. 284 4.3. Script Execution 286 The Script MIB permits execution of several instances of the same or 287 different management scripts. Script arguments are passed as OCTET 288 STRING values. Scripts return a single result value which is also an 289 OCTET STRING value. The semantic interpretation of result values is 290 left to the invoking manager or other management scripts. There is 291 necessarily an agreement between the script invoker and the script 292 itself about the format and the semantics of the arguments and the 293 results. 295 Scripts can also export complex results through a MIB interface. This 296 allows a management application to access and use script results in 297 the same manner as it processes any other MIB data. However, the 298 Script MIB does not provide any special support for the 299 implementation of MIBs through scripts. 301 Runtime errors terminate active scripts. An exit code is left in the 302 MIB and error specific information is stored as the result value. A 303 notification is generated when a script terminates with an error exit 304 code. 306 Script arguments and results do not have any size limitations other 307 than the limits imposed by the SMI and the SNMP protocol. However, 308 implementations of this MIB might have further restrictions. A script 309 designer might therefore choose to return the results via other 310 mechanisms if the script results can be very large. One possibility 311 is to return a URL as a script result which points to the file 312 containing the script output. 314 Executing scripts have a status object attached which allows script 315 execution to be suspended, resumed, or aborted. The precise 316 semantics of the suspend and resume operations are language and 317 runtime system dependent. Some runtime systems may choose to not 318 implement the suspend/resume operations. 320 A history of finished scripts is kept in the MIB. A script invoker 321 can collect results at a later point in time (offline operation). 322 Control objects can be used to control how entries in the history are 323 aged out if the table fills up. 325 5. The Structure of the MIB 327 This section presents the structure of the MIB. The objects are 328 arranged into the following groups: 330 o language group (smLanguageGroup) 332 o script group (smScriptGroup) 334 o script code group (smCodeGroup) 336 o script launch group (smLaunchGroup) 338 o running script group (smRunGroup) 340 5.1. The smLanguageGroup 342 The smLanguageGroup is used to provide information about the 343 languages and the language extensions supported by a Script MIB 344 implementation. This group includes two tables. The smLangTable 345 lists all languages supported by a Script MIB implementation and the 346 smExtsnTable lists the extensions that are available for a given 347 language. 349 5.2. The smScriptGroup 351 The smScriptGroup consists of a single table, called the 352 smScriptTable. The smScriptTable lists all scripts known to a Script 353 MIB implementation. The smScriptTable contains objects that allow the 354 following operations: 356 o download scripts from a URL (pull model) 358 o read scripts from local non-volatile storage 360 o store scripts in local non-volatile storage 361 o delete scripts from local non-volatile storage 363 o list permanent scripts (that can not be changed or removed) 365 o read and modify the script status (enabled, disabled, editing) 367 A status object called smScriptOperStatus allows a manager to obtain 368 the current status of a script. It is also used to provide an error 369 indication if an attempt to invoke one of the operations listed above 370 fails. The status change of a script can be requested by modifying 371 the associated smScriptAdminStatus object. 373 The source of a script is defined by the smScriptSource object. This 374 object may contain a URL pointing to a remote location which provides 375 access to the management script. The script source is read from the 376 smCodeTable (described below) or from non-volatile storage if the 377 smScriptSource object contains an empty URL. The smScriptStorageType 378 object is used to distinguish between scripts read from non-volatile 379 storage and scripts read from the smCodeTable. 381 Scripts are automatically loaded once the smScriptAdminStatus object 382 is set to `enabled'. Loading a script includes retrieving the script 383 (probably from a remote location), compiling the script for languages 384 that require a compilation step, and making the code available to the 385 runtime system. The smScriptOperStatus object is used to indicate 386 the status of the loading process. This object will start in the 387 state `retrieving', switch to the state `compiling' and finally reach 388 the state `enabled'. Errors during the retrieval or compilation phase 389 will result in an error state such as `compilationFailed'. 391 5.3. The smCodeGroup 393 The smCodeGroup consists of a single table, called the smCodeTable, 394 which provides the ability to transfer and modify scripts via SNMP 395 set requests. In particular, the smCodeTable allows the following 396 operations: 398 o download scripts via SNMP (push model) 400 o modify scripts via SNMP (editing) 402 The smCodeTable lists the code of a script. A script can be 403 fragmented over multiple rows of the smCodeTable in order to handle 404 SNMP message size limitations. Modifications of the smCodeTable are 405 only possible if the associated smScriptOperStatus object has the 406 value `editing'. The Script MIB implementation reloads the modified 407 script code once the smScriptOperStatus changes to `enabled' again. 409 The implementation of the smCodeGroup is optional. 411 5.4. The smLaunchGroup 413 The smLaunchGroup contains a single table, the smLaunchTable. The 414 smLaunchTable allows the following operations: 416 o associate a script with an owner used during script execution 418 o provide arguments and parameters for script invocation 420 o invoke scripts with a single set operation 422 The smLaunchTable describes scripts and their parameters that are 423 ready to be launched. An entry in the smLaunchTable attaches an 424 argument to a script and control values which, for example, define 425 the maximum number of times that a script invoked from a particular 426 row in the smLaunchTable may be running concurrently. 428 An entry in the smLaunchTable also defines the owner which will be 429 used to associate permissions with the script execution. 431 5.5. The smRunGroup 433 The smRunGroup contains a single table, called the smRunTable, which 434 lists all scripts that are currently running or have terminated 435 recently. The smRunTable contains objects that allow the following 436 operations: 438 o retrieve status information from running scripts 440 o control running scripts (suspend, resume, abort) 442 o retrieve results from recently terminated scripts 444 o control the remaining maximum lifetime of a running script 446 o control how long script results are accessible 448 Every row in the smRunTable contains the argument passed during 449 script invocation, the result produced by the script and the script 450 exit code. The smRunTable also provides information about the 451 current run state as well as start and end time-stamps. There are 452 three writable objects in the smRunTable. The smRunLifeTime object 453 defines the maximum time a running script may run before it is 454 terminated by the Script MIB implementation. The smRunExpireTime 455 object defines the time that a completed script can stay in the 456 smRunTable before it is aged out. The smRunControl object allows 457 running scripts to be suspended, resumed, or aborted. 459 6. Definitions 461 DISMAN-SCRIPT-MIB DEFINITIONS ::= BEGIN 463 IMPORTS 464 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 465 Integer32, Unsigned32, experimental 466 FROM SNMPv2-SMI 468 RowStatus, TimeInterval, DateAndTime, StorageType, DisplayString 469 FROM SNMPv2-TC 471 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 472 FROM SNMPv2-CONF 474 SnmpAdminString 475 FROM SNMP-FRAMEWORK-MIB; 477 scriptMIB MODULE-IDENTITY 478 LAST-UPDATED "9807170000Z" 479 ORGANIZATION "IETF DISMAN Working Group" 480 CONTACT-INFO 481 "David B. Levi 482 SNMP Research, Inc. 483 3001 Kimberlin Heights Road 484 Knoxville, TN 37920-9716 485 U.S.A. 486 Tel: +1 423 573 1434 487 E-mail: levi@snmp.com 489 Juergen Schoenwaelder 490 TU Braunschweig 491 Bueltenweg 74/75 492 38106 Braunschweig 493 Germany 494 Tel: +49-531-391-3283 495 E-mail: schoenw@ibr.cs.tu-bs.de" 496 DESCRIPTION 497 "This MIB module defines a set of objects that allow to 498 delegate management scripts to distributed managers." 499 -- XXX Replace with real registration number from IANA. Note, the 500 -- XXX IMPORTS must be updated when the real number is assigned. 501 ::= { experimental 5678 } 503 -- 504 -- The groups defined within this MIB module: 505 -- 506 smObjects OBJECT IDENTIFIER ::= { scriptMIB 1 } 507 smNotifications OBJECT IDENTIFIER ::= { scriptMIB 2 } 508 smConformance OBJECT IDENTIFIER ::= { scriptMIB 3 } 510 -- 511 -- Script language and language extensions. 512 -- 513 -- This group defines tables which list the languages and the 514 -- language extensions supported by a script MIB implementation. 515 -- Languages are uniquely identified by object identifier values. 516 -- 518 smLangTable OBJECT-TYPE 519 SYNTAX SEQUENCE OF SmLangEntry 520 MAX-ACCESS not-accessible 521 STATUS current 522 DESCRIPTION 523 "This table lists supported script languages." 524 ::= { smObjects 1 } 526 smLangEntry OBJECT-TYPE 527 SYNTAX SmLangEntry 528 MAX-ACCESS not-accessible 529 STATUS current 530 DESCRIPTION 531 "An entry describing a particular language." 532 INDEX { smLangIndex } 533 ::= { smLangTable 1 } 535 SmLangEntry ::= SEQUENCE { 536 smLangIndex Unsigned32, 537 smLangLanguage OBJECT IDENTIFIER, 538 smLangVersion SnmpAdminString, 539 smLangVendor OBJECT IDENTIFIER, 540 smLangRevision SnmpAdminString, 541 smLangDescr SnmpAdminString 542 } 544 smLangIndex OBJECT-TYPE 545 SYNTAX Unsigned32 (1..4294967295) 546 MAX-ACCESS not-accessible 547 STATUS current 548 DESCRIPTION 549 "The locally arbitrary, but unique identifier associated 550 with this language entry. 552 The value is expected to remain constant at least from one 553 re-initialization of the entity's network management system 554 to the next re-initialization." 555 ::= { smLangEntry 1 } 557 smLangLanguage OBJECT-TYPE 558 SYNTAX OBJECT IDENTIFIER 559 MAX-ACCESS read-only 560 STATUS current 561 DESCRIPTION 562 "The globally unique identification of the language." 563 ::= { smLangEntry 2 } 565 smLangVersion OBJECT-TYPE 566 SYNTAX SnmpAdminString (SIZE (0..32)) 567 MAX-ACCESS read-only 568 STATUS current 569 DESCRIPTION 570 "The version number of the language. 572 It is suggested that the version number consist of one or 573 more decimal numbers separated by dots, where the first 574 number is called the major version number." 575 ::= { smLangEntry 3 } 577 smLangVendor OBJECT-TYPE 578 SYNTAX OBJECT IDENTIFIER 579 MAX-ACCESS read-only 580 STATUS current 581 DESCRIPTION 582 "An object identifer which identifies the vendor who 583 provides the implementation of the language. This 584 object identifer should point to the OID node directly 585 below the enterprise OID {1 3 6 1 4 1} allocated for 586 the vendor. The value must by the object identifier 587 {0 0} if the vendor is not known." 588 ::= { smLangEntry 4 } 590 smLangRevision OBJECT-TYPE 591 SYNTAX SnmpAdminString (SIZE (0..32)) 592 MAX-ACCESS read-only 593 STATUS current 594 DESCRIPTION 595 "The version number of the language implementation. 596 The value of this object must be an empty string if 597 version number of the implementation is unknown. 599 It is suggested that the value consist of one or more 600 decimal numbers separated by dots, where the first 601 number is called the major version number." 602 ::= { smLangEntry 5 } 604 smLangDescr OBJECT-TYPE 605 SYNTAX SnmpAdminString 606 MAX-ACCESS read-only 607 STATUS current 608 DESCRIPTION 609 "A textual description of the language." 610 ::= { smLangEntry 6 } 612 smExtsnTable OBJECT-TYPE 613 SYNTAX SEQUENCE OF SmExtsnEntry 614 MAX-ACCESS not-accessible 615 STATUS current 616 DESCRIPTION 617 "This table lists supported language extensions." 618 ::= { smObjects 2 } 620 smExtsnEntry OBJECT-TYPE 621 SYNTAX SmExtsnEntry 622 MAX-ACCESS not-accessible 623 STATUS current 624 DESCRIPTION 625 "An entry describing a particular language extension." 626 INDEX { smLangIndex, smExtsnIndex } 627 ::= { smExtsnTable 1 } 629 SmExtsnEntry ::= SEQUENCE { 630 smExtsnIndex Unsigned32, 631 smExtsnExtension OBJECT IDENTIFIER, 632 smExtsnVersion SnmpAdminString, 633 smExtsnVendor OBJECT IDENTIFIER, 634 smExtsnRevision SnmpAdminString, 635 smExtsnDescr SnmpAdminString 636 } 638 smExtsnIndex OBJECT-TYPE 639 SYNTAX Unsigned32 (1..4294967295) 640 MAX-ACCESS not-accessible 641 STATUS current 642 DESCRIPTION 643 "The locally arbitrary, but unique identifier associated 644 with this language extension entry. 646 The value is expected to remain constant at least from one 647 re-initialization of the entity's network management system 648 to the next re-initialization." 649 ::= { smExtsnEntry 1} 651 smExtsnExtension OBJECT-TYPE 652 SYNTAX OBJECT IDENTIFIER 653 MAX-ACCESS read-only 654 STATUS current 655 DESCRIPTION 656 "The globally unique identification of the language 657 extension." 658 ::= { smExtsnEntry 2 } 660 smExtsnVersion OBJECT-TYPE 661 SYNTAX SnmpAdminString (SIZE (0..32)) 662 MAX-ACCESS read-only 663 STATUS current 664 DESCRIPTION 665 "The version number of the language extension. 667 It is suggested that the version number consist of one or 668 more decimal numbers separated by dots, where the first 669 number is called the major version number." 670 ::= { smExtsnEntry 3 } 672 smExtsnVendor OBJECT-TYPE 673 SYNTAX OBJECT IDENTIFIER 674 MAX-ACCESS read-only 675 STATUS current 676 DESCRIPTION 677 "An object identifer which identifies the vendor who 678 provides the implementation of the extension. The 679 object identifer value should point to the OID node 680 directly below the enterprise OID {1 3 6 1 4 1} 681 allocated for the vendor. The value must by the object 682 identifier {0 0} if the vendor is not known." 683 ::= { smExtsnEntry 4 } 685 smExtsnRevision OBJECT-TYPE 686 SYNTAX SnmpAdminString (SIZE (0..32)) 687 MAX-ACCESS read-only 688 STATUS current 689 DESCRIPTION 690 "The version number of the extension implementation. 691 The value of this object must be an empty string if 692 version number of the implementation is unknown. 694 It is suggested that the value consist of one or more 695 decimal numbers separated by dots, where the first 696 number is called the major version number." 697 ::= { smExtsnEntry 5 } 699 smExtsnDescr OBJECT-TYPE 700 SYNTAX SnmpAdminString 701 MAX-ACCESS read-only 702 STATUS current 703 DESCRIPTION 704 "A textual description of the language extension." 705 ::= { smExtsnEntry 6 } 707 -- 708 -- Scripts known by the Script MIB implementation. 709 -- 710 -- This group defines a table which lists all known scripts. 711 -- Scripts can be added and removed through manipulation of the 712 -- smScriptTable. 713 -- 715 smScriptObjects OBJECT IDENTIFIER ::= { smObjects 3 } 717 smScriptTable OBJECT-TYPE 718 SYNTAX SEQUENCE OF SmScriptEntry 719 MAX-ACCESS not-accessible 720 STATUS current 721 DESCRIPTION 722 "This table lists and describes locally known scripts." 723 ::= { smScriptObjects 1 } 725 smScriptEntry OBJECT-TYPE 726 SYNTAX SmScriptEntry 727 MAX-ACCESS not-accessible 728 STATUS current 729 DESCRIPTION 730 "An entry describing a particular script. Every script that 731 is stored in non-volatile memory is required to appear in 732 this script table." 733 INDEX { smScriptOwner, smScriptName } 734 ::= { smScriptTable 1 } 736 SmScriptEntry ::= SEQUENCE { 737 smScriptOwner SnmpAdminString, 738 smScriptName SnmpAdminString, 739 smScriptDescr SnmpAdminString, 740 smScriptLanguage Integer32, 741 smScriptSource DisplayString, 742 smScriptAdminStatus INTEGER, 743 smScriptOperStatus INTEGER, 744 smScriptStorageType StorageType, 745 smScriptRowStatus RowStatus 746 } 748 smScriptOwner OBJECT-TYPE 749 SYNTAX SnmpAdminString (SIZE (0..32)) 750 MAX-ACCESS not-accessible 751 STATUS current 752 DESCRIPTION 753 "The manager who owns this row in the smScriptTable." 754 ::= { smScriptEntry 1 } 756 smScriptName OBJECT-TYPE 757 SYNTAX SnmpAdminString 758 MAX-ACCESS not-accessible 759 STATUS current 760 DESCRIPTION 761 "The locally-unique, administratively assigned name for this 762 script. This object allows an smScriptOwner to have multiple 763 entries in the smScriptTable. 765 This value of this object may be used to derive the name 766 (e.g. a file name) which is used by the Script MIB 767 implementation to access the script in non-volatile 768 storage. The details of this mapping are implementation 769 specific. However, the mapping needs to ensure that scripts 770 created by different owners with the same script name do not 771 map to the same name in non-volatile storage." 772 ::= { smScriptEntry 2 } 774 smScriptDescr OBJECT-TYPE 775 SYNTAX SnmpAdminString 776 MAX-ACCESS read-create 777 STATUS current 778 DESCRIPTION 779 "A description of the purpose of the script." 780 ::= { smScriptEntry 3 } 782 smScriptLanguage OBJECT-TYPE 783 SYNTAX Integer32 (0..2147483647) 784 MAX-ACCESS read-create 785 STATUS current 786 DESCRIPTION 787 "The value of this object type identifies an entry in the 788 smLangTable which is used to execute this script. 789 The special value 0 may be used by hard-wired scripts 790 that can not be modified and that are executed by 791 internal functions." 792 ::= { smScriptEntry 4 } 794 smScriptSource OBJECT-TYPE 795 SYNTAX DisplayString 796 MAX-ACCESS read-create 797 STATUS current 798 DESCRIPTION 799 "This object either contains a reference to the script 800 source or an empty string. A reference must be given 801 in the form of a Uniform Resource Locator (URL) as 802 defined in RFC 1738. The allowed character sets and the 803 encoding rules defined in RFC 1738 section 2.2 apply. 805 The Script MIB implementation will `pull' the script 806 source from the URL contained in this object if the URL 807 is not empty. 809 An empty URL indicates that the script source is loaded 810 from local storage. The source is read from the smCodeTable 811 if the value of smScriptStorageType is volatile. Otherwise, 812 the source is read from non-volatile storage. 814 Note that there is a difference between a URL which usues 815 the file scheme defined in RFC 1738 section 3.10 and an 816 empty URL. The file URL scheme points to a named file on 817 the system running the Script MIB implementation while 818 the empty URL refers to a script by smScriptName and 819 smScriptOwner. An implementation might map this logical 820 name to whatever name is appropriate to access the script 821 source in non-volatile storage. 823 The following changes to smScriptSource require special 824 attention: 826 - Empty value changes to empty value: 827 This has no effect. 828 - Empty value changes to non-empty value: 829 This destroys the local script (possibly deleting it 830 from non-volatile storage), and initiates a download 831 of the script source the specified location. 832 - Non-empty value changes to empty value: 833 If the smScriptStorageType is non-volatile, the 834 currently loaded script is written to non-volatile 835 storage. Otherwise, no effect. 836 - Non-empty value changes to non-empty value: 837 This initiates a download of the script from the 838 specified location. 840 Set requests to change this object are only valid if the 841 value of smScriptOperStatus is `disabled'." 842 DEFVAL { ''H } 843 ::= { smScriptEntry 5 } 845 smScriptAdminStatus OBJECT-TYPE 846 SYNTAX INTEGER { 847 enabled(1), 848 disabled(2), 849 editing(3) 850 } 851 MAX-ACCESS read-create 852 STATUS current 853 DESCRIPTION 854 "The value of this object indicates the desired status of 855 the script. See the definition of smScriptOperStatus for 856 a description of the values." 857 DEFVAL { disabled } 858 ::= { smScriptEntry 6 } 860 smScriptOperStatus OBJECT-TYPE 861 SYNTAX INTEGER { 862 enabled(1), 863 disabled(2), 864 editing(3), 865 retrieving(4), 866 compiling(5), 867 noSuchScript(6), 868 accessDenied(7), 869 wrongLanguage(8), 870 wrongVersion(9), 871 compilationFailed(10), 872 noResourcesLeft(11), 873 unknownProtocol(12), 874 protocolFailure(13), 875 genericError(14) 876 } 877 MAX-ACCESS read-only 878 STATUS current 879 DESCRIPTION 880 "The actual status of the script in the runtime system. The 881 value of this object is only meaningful when the value of the 882 smScriptRowStatus object is `active'. 884 The smScriptOperStatus object may have the following values: 886 - `enabled' indicates that the script is available and can 887 be started by a launch table entry. 889 - `disabled' indicates that the script can not be used. 891 - `editing' indicates that the script can be modified in the 892 smCodeTable. 894 - `retrieving' indicates that the script is currently being 895 loaded from non-volatile storage or a remote system. 897 - `compiling' indicates that the script is currently being 898 compiled by the runtime system. 900 - `noSuchScript' indicates that the script does not exist 901 at the smScriptSource. 903 - `accessDenied' indicates that the script can not be loaded 904 from the smScriptSource due to a lack of permissions. 906 - `wrongLanguage' indicates that the script can not be loaded 907 from the smScriptSource because of a language mismatch. 909 - `wrongVersion' indicates that the script can not be loaded 910 from the smScriptSource because of a language version 911 mismatch. 913 - `compilationFailed' indicates that the compilation failed. 915 - `noResourcesLeft' indicates that the runtime system does 916 not have enough resources to load the script. 918 - `unknownProtocol' indicates that the script could not be 919 loaded from the smScriptSource because the requested 920 protocol is not supported. 922 - `protocolFailure' indicates that the script could not be 923 loaded from the smScriptSource because of a protocol 924 failure. 926 - `genericError' indicates that the script could not be 927 loaded due to an error condition not listed above. 929 The `retrieving' and `compiling' states are transient states 930 which will either lead to one of the error states or the 931 `enabled' state. The `disabled' and `editing' states are 932 administrative states which are only reached by explicit 933 management operations. 935 The implementation has to ensure that all launch table 936 entries which refer to this script entry have a 937 smLaunchOperStatus value of `disabled' when the value 938 of this object is not `enabled'." 939 DEFVAL { disabled } 940 ::= { smScriptEntry 7 } 942 smScriptStorageType OBJECT-TYPE 943 SYNTAX StorageType 944 MAX-ACCESS read-create 945 STATUS current 946 DESCRIPTION 947 "This object defines whether this row and the script 948 controlled by this row are kept in volatile storage and 949 lost upon reboot or if this row is backed up by 950 non-volatile or permanent storage. 952 Setting this object to `nonVolatile' stores the script 953 controlled by this row into non-volatile storage. Setting 954 this object to volatile removes a script from non-volatile 955 storage if the script has been in non-volatile storage 956 before. Attempts to set this object to permanent will 957 always fail with an inconsistentValue error. 959 The agent has to make sure that scripts controlled by a 960 row where smScriptStorageType is `nonVolatile' or permanent 961 are loaded at agent startup time. 963 The value of smScriptStorageType is only meaningful if the 964 value of the corresponding RowStatus object is `active'. 966 If smScriptStorageType has the value permanent(4), then all 967 objects whose MAX-ACCESS value is read-create must be 968 writable, with the exception of the smScriptStorageType and 969 smScriptRowStatus objects, which should be only be 970 readable." 971 DEFVAL { volatile } 972 ::= { smScriptEntry 8 } 974 smScriptRowStatus OBJECT-TYPE 975 SYNTAX RowStatus 976 MAX-ACCESS read-create 977 STATUS current 978 DESCRIPTION 979 "A control that allows entries to be added and removed from 980 this table. 982 Changing the smScriptRowStatus from `active' to `notInService' 983 will remove the associated script from the runtime system. 984 The value of smScriptOperStatus will be reset to `disabled'. 986 Deleting conceptual rows from this table includes the 987 deletion of all resources associated with this row. 988 This implies that a script is removed from non-volatile 989 storage if the value of smScriptStorageType is non-volatile. 991 An entry may not exist in the `active' state unless all 992 required objects in the entry have appropriate values. Rows 993 that are not complete or not in service are not known by the 994 script runtime system. 996 Attempts to `destroy' a row or to set a row `notInService' 997 while the script is executing will result in an 998 inconsistentValue error. 1000 Attempts to `destroy' a row or to set a row `notInService' 1001 where the value of the smScriptStorageType object is 1002 `permanent' or `readOnly' will result in an 1003 inconsistentValue error." 1004 ::= { smScriptEntry 9 } 1006 -- 1007 -- Access to script code via SNMP 1008 -- 1009 -- The smCodeTable allows script code to be read and modified 1010 -- via SNMP. 1011 -- 1013 smCodeTable OBJECT-TYPE 1014 SYNTAX SEQUENCE OF SmCodeEntry 1015 MAX-ACCESS not-accessible 1016 STATUS current 1017 DESCRIPTION 1018 "This table contains the script code for scripts that are 1019 retrieved or written via SNMP." 1020 ::= { smScriptObjects 2 } 1022 smCodeEntry OBJECT-TYPE 1023 SYNTAX SmCodeEntry 1024 MAX-ACCESS not-accessible 1025 STATUS current 1026 DESCRIPTION 1027 "An entry describing a particular fragment of a script." 1028 INDEX { smScriptOwner, smScriptName, smCodeIndex } 1029 ::= { smCodeTable 1 } 1031 SmCodeEntry ::= SEQUENCE { 1032 smCodeIndex Unsigned32, 1033 smCodeText OCTET STRING, 1034 smCodeRowStatus RowStatus 1035 } 1037 smCodeIndex OBJECT-TYPE 1038 SYNTAX Unsigned32 (1..4294967295) 1039 MAX-ACCESS not-accessible 1040 STATUS current 1041 DESCRIPTION 1042 "The index value identifying this code fragment." 1043 ::= { smCodeEntry 1 } 1045 smCodeText OBJECT-TYPE 1046 SYNTAX OCTET STRING (SIZE (1..1024)) 1047 MAX-ACCESS read-create 1048 STATUS current 1049 DESCRIPTION 1050 "The code that makes up a fragment of the script." 1051 ::= { smCodeEntry 2 } 1053 smCodeRowStatus OBJECT-TYPE 1054 SYNTAX RowStatus 1055 MAX-ACCESS read-create 1056 STATUS current 1057 DESCRIPTION 1058 "A control that allows entries to be added and removed from 1059 this table." 1060 ::= { smCodeEntry 3 } 1062 -- 1063 -- Script execution. 1064 -- 1065 -- This group defines tables which allow script execution to be 1066 -- initiated, suspended, resumed, and terminated. It also provides 1067 -- a mechanism for keeping a history of recent script executions 1068 -- and their results. 1070 -- 1072 smRunObjects OBJECT IDENTIFIER ::= { smObjects 4 } 1074 smLaunchTable OBJECT-TYPE 1075 SYNTAX SEQUENCE OF SmLaunchEntry 1076 MAX-ACCESS not-accessible 1077 STATUS current 1078 DESCRIPTION 1079 "This table lists and describes scripts that are ready 1080 to be executed together with their parameters." 1081 ::= { smRunObjects 1 } 1083 smLaunchEntry OBJECT-TYPE 1084 SYNTAX SmLaunchEntry 1085 MAX-ACCESS not-accessible 1086 STATUS current 1087 DESCRIPTION 1088 "An entry describing a particular executable script." 1089 INDEX { smLaunchOwner, smLaunchName } 1090 ::= { smLaunchTable 1 } 1092 SmLaunchEntry ::= SEQUENCE { 1093 smLaunchOwner SnmpAdminString, 1094 smLaunchName SnmpAdminString, 1095 smLaunchScriptOwner SnmpAdminString, 1096 smLaunchScriptName SnmpAdminString, 1097 smLaunchArgument OCTET STRING, 1098 smLaunchMaxRunning Unsigned32, 1099 smLaunchMaxCompleted Unsigned32, 1100 smLaunchLifeTime TimeInterval, 1101 smLaunchExpireTime TimeInterval, 1102 smLaunchStart Integer32, 1103 smLaunchControl INTEGER, 1104 smLaunchAdminStatus INTEGER, 1105 smLaunchOperStatus INTEGER, 1106 smLaunchRunIndexNext Unsigned32, 1107 smLaunchStorageType StorageType, 1108 smLaunchRowStatus RowStatus 1109 } 1111 smLaunchOwner OBJECT-TYPE 1112 SYNTAX SnmpAdminString (SIZE (0..32)) 1113 MAX-ACCESS not-accessible 1114 STATUS current 1115 DESCRIPTION 1116 "The manager who owns this row in the smLaunchTable." 1118 ::= { smLaunchEntry 1 } 1120 smLaunchName OBJECT-TYPE 1121 SYNTAX SnmpAdminString (SIZE (1..32)) 1122 MAX-ACCESS not-accessible 1123 STATUS current 1124 DESCRIPTION 1125 "The locally-unique, administratively assigned name for this 1126 launch button. This object allows an smLaunchOwner to have 1127 multiple entries in the smLaunchTable." 1128 ::= { smLaunchEntry 2 } 1130 smLaunchScriptOwner OBJECT-TYPE 1131 SYNTAX SnmpAdminString (SIZE (0..32)) 1132 MAX-ACCESS read-create 1133 STATUS current 1134 DESCRIPTION 1135 "The value of this object in combination with the value of 1136 smLaunchScriptName identifies the script that can be 1137 launched from this smLaunchTable entry. Attempts to write 1138 this objects will fail with an inconsistentValue error if 1139 the value of smLaunchOperStatus is `enabled'." 1140 ::= { smLaunchEntry 3 } 1142 smLaunchScriptName OBJECT-TYPE 1143 SYNTAX SnmpAdminString (SIZE (0..32)) 1144 MAX-ACCESS read-create 1145 STATUS current 1146 DESCRIPTION 1147 "The value of this object in combination with the value of 1148 the smLaunchScriptOwner identifies the script that can be 1149 launched from this smLaunchTable entry. Attempts to write 1150 this objects will fail with an inconsistentValue error if 1151 the value of smLaunchOperStatus is `enabled'." 1152 ::= { smLaunchEntry 4 } 1154 smLaunchArgument OBJECT-TYPE 1155 SYNTAX OCTET STRING 1156 MAX-ACCESS read-create 1157 STATUS current 1158 DESCRIPTION 1159 "The argument supplied to the script. When a script is 1160 invoked, the value of this object is used to initialize 1161 the smRunArgument object." 1162 DEFVAL { ''H } 1163 ::= { smLaunchEntry 5 } 1165 smLaunchMaxRunning OBJECT-TYPE 1166 SYNTAX Unsigned32 (1..4294967295) 1167 MAX-ACCESS read-create 1168 STATUS current 1169 DESCRIPTION 1170 "The maximum number of concurrently running scripts that may 1171 be invoked from this entry in the smLaunchTable." 1172 DEFVAL { 1 } 1173 ::= { smLaunchEntry 6 } 1175 smLaunchMaxCompleted OBJECT-TYPE 1176 SYNTAX Unsigned32 (1..4294967295) 1177 MAX-ACCESS read-create 1178 STATUS current 1179 DESCRIPTION 1180 "The maximum number of finished scripts invoked from this 1181 entry in the smLaunchTable allowed to be retained in the 1182 smRunTable. The value of this object is checked whenever a 1183 script terminates. Entries in the smRunTable are deleted 1184 until the number of completed scripts is smaller than the 1185 value of this object. Scripts whose smRunEndTime value 1186 indicates the oldest completion time are deleted first." 1187 DEFVAL { 1 } 1188 ::= { smLaunchEntry 7 } 1190 smLaunchLifeTime OBJECT-TYPE 1191 SYNTAX TimeInterval 1192 MAX-ACCESS read-create 1193 STATUS current 1194 DESCRIPTION 1195 "The default maximum amount of time a script launched 1196 from this entry may run. The value of this object is used 1197 to initialize the smRunLifeTime object when a script is 1198 launched. Changing the value of an smLaunchLifeTime 1199 instance does not affect scripts previously launched from 1200 this entry." 1201 DEFVAL { 360000 } 1202 ::= { smLaunchEntry 8 } 1204 smLaunchExpireTime OBJECT-TYPE 1205 SYNTAX TimeInterval 1206 MAX-ACCESS read-create 1207 STATUS current 1208 DESCRIPTION 1209 "The default maximum amount of time information about a 1210 script launched from this entry is kept in the smRunTable 1211 after the script has completed execution. The value of 1212 this object is used to initialize the smRunExpireTime 1213 object when a script is launched. Changing the value of an 1214 smLaunchExpireTime instance does not affect scripts 1215 previously launched from this entry." 1216 DEFVAL { 360000 } 1217 ::= { smLaunchEntry 9 } 1219 smLaunchStart OBJECT-TYPE 1220 SYNTAX Integer32 (0..2147483647) 1221 MAX-ACCESS read-create 1222 STATUS current 1223 DESCRIPTION 1224 "This object is used to start the execution of scripts. 1225 When retrieved, the value will be the value of smRunIndex 1226 for the last script that started execution by manipulating 1227 this object. The value will be zero if no script started 1228 execution yet. 1230 A script is started by setting this object to an unused 1231 smRunIndex value. A new row in the smRunTable will be 1232 created which is indexed by the value supplied by the 1233 set-request in addition to the value of smLaunchOwner and 1234 smLaunchName. An unused value can be obtained by reading 1235 the smLaunchRunIndexNext object. 1237 Setting this object to the special value 0 will start 1238 the script with a self-generated smRunIndex value. The 1239 consequence is that the script invoker has no reliable 1240 way to determine the smRunIndex value for this script 1241 invocation and that the invoker has therefore no way 1242 to obtain the results from this script invocation. The 1243 special value 0 is however useful for scheduled script 1244 invocations. 1246 Setting this object requires to perform the following 1247 checks: 1249 1) The value of the smLaunchOperStatus object in this 1250 entry of the smLaunchTable must be `enabled'. 1251 2) The values contents of smLaunchOwner and smLaunchName 1252 of this row must identify an existing entry in the 1253 smScriptTable. 1254 3) The value of smScriptOperStatus of this entry must 1255 be `enabled'. 1256 4) The principal performing the set operation must have 1257 read access to the script. This must be checked by 1258 calling the isAccessAllowed abstract service interface 1259 defined in RFC 2271 on the row in the smScriptTable 1260 identified by smLaunchOwner and smLaunchName. 1261 The isAccessAllowed abstract service interface must be 1262 called on all columnar objects in the smScriptTable with 1263 a MAX-ACCESS value different than `not-accessible'. The 1264 test fails as soon as a call indicates that access is 1265 not allowed. 1266 5) If the value provided by the set operation is not 0, 1267 a check must be made that the value is currently not 1268 in use. Otherwise, a suitable unused value must be 1269 generated. 1270 6) The number of currently executing scripts invoked 1271 from this smLaunchTable entry must be less than 1272 smLaunchMaxRunning. 1274 Attempts to start a script will fail with an 1275 inconsistentValue error if one of the checks described 1276 above fails. 1278 Otherwise, if all checks have been passed, a new entry 1279 in the smRunTable will be created indexed by smLaunchOwner, 1280 smLaunchName and the new value for smRunIndex. The value 1281 of smLaunchArgument will be copied into smRunArgument, 1282 the value of smLaunchLifeTime will be copied to 1283 smRunLifeTime, and the value of smLaunchExpireTime 1284 will be copied to smRunExpireTime. 1286 The smRunStartTime will be set to the current time and 1287 the smRunState will be set to `initializing' before the 1288 script execution is initiated in the appropriate runtime 1289 system." 1290 DEFVAL { 0 } 1291 ::= { smLaunchEntry 10 } 1293 smLaunchControl OBJECT-TYPE 1294 SYNTAX INTEGER { 1295 abort(1), 1296 suspend(2), 1297 resume(3), 1298 nop(4) 1299 } 1300 MAX-ACCESS read-create 1301 STATUS current 1302 DESCRIPTION 1303 "This object is used to request a state change for all 1304 running scripts in the smRunTable that were started from 1305 this row in the smLaunchTable. 1307 Setting this object to abort(1), suspend(2) or resume(3) 1308 will set the smRunControl object of all applicable rows 1309 in the smRunTable to abort(1), suspend(2) or resume(3) 1310 respectively. The phrase `applicable rows' means the set of 1311 rows which were created from this entry in the smLaunchTable 1312 and whose value of smRunState allows the corresponding 1313 state change as described in the definition of the 1314 smRunControl object. Setting this object to nop(4) will 1315 always succeed and has no effect." 1316 DEFVAL { nop } 1317 ::= { smLaunchEntry 11 } 1319 smLaunchAdminStatus OBJECT-TYPE 1320 SYNTAX INTEGER { 1321 enabled(1), 1322 disabled(2) 1323 } 1324 MAX-ACCESS read-create 1325 STATUS current 1326 DESCRIPTION 1327 "The value of this object indicates the desired status of 1328 this launch table entry." 1329 DEFVAL { disabled } 1330 ::= { smLaunchEntry 12 } 1332 smLaunchOperStatus OBJECT-TYPE 1333 SYNTAX INTEGER { 1334 enabled(1), 1335 disabled(2) 1336 } 1337 MAX-ACCESS read-only 1338 STATUS current 1339 DESCRIPTION 1340 "The value of this object indicates the actual status of 1341 this launch table entry. An `enabled' launch table 1342 entry can be used to start scripts while a `disabled' 1343 launch table entry will refuse any attempts to start 1344 scripts. The value `enabled' requires that the 1345 smLaunchRowStatus object is active. The value 1346 `disabled' requires that there are no entries in the 1347 smRunTable associated with this smLaunchTable entry." 1348 DEFVAL { disabled } 1349 ::= { smLaunchEntry 13 } 1351 smLaunchRunIndexNext OBJECT-TYPE 1352 SYNTAX Unsigned32 1353 MAX-ACCESS read-only 1354 STATUS current 1355 DESCRIPTION 1356 "This variable is used for creating rows in the smRunTable. 1357 The value of this variable is a currently unused value 1358 for smRunIndex, which can be written into the smLaunchStart 1359 object associated with this row to launch a script. 1361 The value returned when reading this variable must be unique 1362 for the smLaunchOwner and smLauchName associated with this 1363 row. Subsequent attempts to read this variable must return 1364 different values. 1366 This variable will return the special value 0 if no new rows 1367 can be created." 1368 ::= { smLaunchEntry 14 } 1370 smLaunchStorageType OBJECT-TYPE 1371 SYNTAX StorageType 1372 MAX-ACCESS read-create 1373 STATUS current 1374 DESCRIPTION 1375 "This object defines if this row is kept in volatile storage 1376 and lost upon reboot or if this row is backed up by stable 1377 storage. 1379 The value of smLaunchStorageType is only meaningful if the 1380 value of the corresponding RowStatus object is active. 1382 If smLaunchStorageType has the value permanent(4), then all 1383 objects whose MAX-ACCESS value is read-create must be 1384 writable, with the exception of the smLaunchStorageType and 1385 smLaunchRowStatus objects, which should be only be readable." 1386 DEFVAL { volatile } 1387 ::= { smLaunchEntry 15 } 1389 smLaunchRowStatus OBJECT-TYPE 1390 SYNTAX RowStatus 1391 MAX-ACCESS read-create 1392 STATUS current 1393 DESCRIPTION 1394 "A control that allows entries to be added and removed from 1395 this table. 1397 Attempts to `destroy' a row or to set a row `notInService' 1398 while scripts started from this launch button are running 1399 will result in an inconsistentValue error. 1401 Attempts to `destroy' a row or to set a row `notInService' 1402 where the value of the smLaunchStorageType object is 1403 `permanent' or `readOnly' will result in an 1404 inconsistentValue error." 1405 ::= { smLaunchEntry 16 } 1407 smRunTable OBJECT-TYPE 1408 SYNTAX SEQUENCE OF SmRunEntry 1409 MAX-ACCESS not-accessible 1410 STATUS current 1411 DESCRIPTION 1412 "This table lists and describes scripts that are currently 1413 running or have been running in the past." 1414 ::= { smRunObjects 2 } 1416 smRunEntry OBJECT-TYPE 1417 SYNTAX SmRunEntry 1418 MAX-ACCESS not-accessible 1419 STATUS current 1420 DESCRIPTION 1421 "An entry describing a particular running or finished 1422 script." 1423 INDEX { smLaunchOwner, smLaunchName, smRunIndex } 1424 ::= { smRunTable 1 } 1426 SmRunEntry ::= SEQUENCE { 1427 smRunIndex Unsigned32, 1428 smRunArgument OCTET STRING, 1429 smRunStartTime DateAndTime, 1430 smRunEndTime DateAndTime, 1431 smRunLifeTime TimeInterval, 1432 smRunExpireTime TimeInterval, 1433 smRunExitCode INTEGER, 1434 smRunResult OCTET STRING, 1435 smRunControl INTEGER, 1436 smRunState INTEGER 1437 } 1439 smRunIndex OBJECT-TYPE 1440 SYNTAX Unsigned32 (1..4294967295) 1441 MAX-ACCESS not-accessible 1442 STATUS current 1443 DESCRIPTION 1444 "The locally arbitrary, but unique identifier associated 1445 with this running or finished script. This value must be 1446 unique for all rows in the smRunTable." 1448 ::= { smRunEntry 1 } 1450 smRunArgument OBJECT-TYPE 1451 SYNTAX OCTET STRING 1452 MAX-ACCESS read-only 1453 STATUS current 1454 DESCRIPTION 1455 "The argument supplied to the script when it started." 1456 DEFVAL { ''H } 1457 ::= { smRunEntry 2 } 1459 smRunStartTime OBJECT-TYPE 1460 SYNTAX DateAndTime 1461 MAX-ACCESS read-only 1462 STATUS current 1463 DESCRIPTION 1464 "The date and time when when the execution started. The 1465 value '0000000000000000'H is returned if the script has 1466 not started yet." 1467 DEFVAL { '0000000000000000'H } 1468 ::= { smRunEntry 3 } 1470 smRunEndTime OBJECT-TYPE 1471 SYNTAX DateAndTime 1472 MAX-ACCESS read-only 1473 STATUS current 1474 DESCRIPTION 1475 "The date and time when when the execution terminated. The 1476 value '0000000000000000'H is returned if the script has 1477 not terminated yet." 1478 DEFVAL { '0000000000000000'H } 1479 ::= { smRunEntry 4 } 1481 smRunLifeTime OBJECT-TYPE 1482 SYNTAX TimeInterval 1483 MAX-ACCESS read-write 1484 STATUS current 1485 DESCRIPTION 1486 "This object specifies how long the script can execute. 1487 This object returns the remaining time that the script 1488 may run. The object is initialized with the value of the 1489 associated smLaunchLifeTime object and ticks backwards. 1490 The script is aborted immediately when the value reaches 0. 1492 The value of this object may be set in order to increase or 1493 reduce the remaining time that the script may run. Setting 1494 this value to 0 will abort script execution immediately, 1495 and, if the value of smRunExpireTime is also 0, will remove 1496 this entry from the smRunTable once it has terminated. 1498 The value of smRunLifeTime reflects the real-time execution 1499 time as seen by the outside world. The value of this object 1500 will always be 0 for a script that finished execution, that 1501 is smRunState has the value `terminated'. 1503 The value of smRunLifeTime does not change while a script 1504 is suspended, that is smRunState has the value `suspended'." 1505 ::= { smRunEntry 5 } 1507 smRunExpireTime OBJECT-TYPE 1508 SYNTAX TimeInterval 1509 MAX-ACCESS read-write 1510 STATUS current 1511 DESCRIPTION 1512 "This value specifies how long this row can exist in the 1513 smRunTable after the script has terminated. This object 1514 returns the remaining time that the row may exist before it 1515 is aged out. The object is initialized with the value of the 1516 associated smLaunchExpireTime object and ticks backwards. The 1517 entry in the smRunTable is destroyed when the value reaches 0 1518 and the smRunState has the value `terminated'. 1520 The value of this object may be set in order to increase or 1521 reduce the remaining time that the row may exist. Setting 1522 the value to 0 will destroy this entry as soon as the 1523 smRunState has the value `terminated'." 1524 ::= { smRunEntry 6 } 1526 smRunExitCode OBJECT-TYPE 1527 SYNTAX INTEGER { 1528 noError(1), 1529 halted(2), 1530 lifeTimeExceeded(3), 1531 noResourcesLeft(4), 1532 languageError(5), 1533 runtimeError(6), 1534 invalidArgument(7), 1535 securityViolation(8), 1536 genericError(9) 1537 } 1538 MAX-ACCESS read-only 1539 STATUS current 1540 DESCRIPTION 1541 "The value of this object indicates the reason why a 1542 script finished execution. The smRunExitCode code may have 1543 one of the following values: 1545 - `noError', which indicates that the script completed 1546 successfully without errors; 1548 - `halted', which indicates that the script was halted 1549 by a request from an authorized manager; 1551 - `lifeTimeExceeded', which indicates that the script 1552 exited because a time limit was exceeded; 1554 - `noResourcesLeft', which indicates that the script 1555 exited because it ran out of resources (e.g. memory); 1557 - `languageError', which indicates that the script exited 1558 because of a language error (e.g. a syntax error in an 1559 interpreted language); 1561 - `runtimeError', which indicates that the script exited 1562 due to a runtime error (e.g. a division by zero); 1564 - `invalidArgument', which indicates that the script could 1565 not be run because of invalid script arguments; 1567 - `securityViolation', which indicates that the script 1568 exited due to a security violation; 1570 - `genericError', which indicates that the script exited 1571 for an unspecified reason. 1573 If the script has not yet begun running, or is currently 1574 running, the value will be `noError'." 1575 DEFVAL { noError } 1576 ::= { smRunEntry 7 } 1578 smRunResult OBJECT-TYPE 1579 SYNTAX OCTET STRING 1580 MAX-ACCESS read-only 1581 STATUS current 1582 DESCRIPTION 1583 "The result value produced by the running script. This 1584 object should contain a descriptive error message if the 1585 script terminates in an abnormal way. In particular, an 1586 implementation should try to put a descriptive error 1587 message into this object if the script exits with the 1588 smRunExitCode `genericError'." 1590 DEFVAL { ''H } 1591 ::= { smRunEntry 8 } 1593 smRunControl OBJECT-TYPE 1594 SYNTAX INTEGER { 1595 abort(1), 1596 suspend(2), 1597 resume(3), 1598 nop(4) 1599 } 1600 MAX-ACCESS read-write 1601 STATUS current 1602 DESCRIPTION 1603 "The value of this object indicates the desired status of the 1604 script execution defined by this row. 1606 Setting this object to `abort' will abort execution if the 1607 value of smRunState is `initializing', `executing', 1608 `suspending', `suspended' or `resuming'. Setting this object 1609 to `abort' when the value of smRunState is `aborting' or 1610 `terminated' will result in an inconsistentValue error. 1612 Setting this object to `suspend' will suspend execution 1613 if the value of smRunState is `executing'. Setting this 1614 object to `suspend' will cause an inconsistentValue error 1615 if the value of smRunState is not `executing'. 1617 Setting this object to `resume' will resume execution 1618 if the value of smRunState is `suspending' or 1619 `suspended'. Setting this object to `resume' will cause an 1620 inconsistentValue error if the value of smRunState is 1621 not `suspending' or `suspended'. 1623 Setting this object to nop(4) will always succeed and has 1624 no effect." 1625 DEFVAL { nop } 1626 ::= { smRunEntry 9 } 1628 smRunState OBJECT-TYPE 1629 SYNTAX INTEGER { 1630 initializing(1), 1631 executing(2), 1632 suspending(3), 1633 suspended(4), 1634 resuming(5), 1635 aborting(6), 1636 terminated(7) 1638 } 1639 MAX-ACCESS read-only 1640 STATUS current 1641 DESCRIPTION 1642 "The value of this object indicates the script's execution 1643 status. If the script has been invoked but has not yet 1644 begun execution, the value will be `initializing'. If the 1645 script is running, the value will be `executing'. A script 1646 which received a request to suspend execution but which 1647 did not actually suspend execution will be `suspending'. 1648 A script which has suspended execution will be `suspended'. 1649 A script which received a request to resume execution but 1650 which is not yet running is `resuming'. The resuming state 1651 will finally lead to the `executing' state. A script which 1652 received a request to abort execution but which is still 1653 running is `aborting'. A script which stopped execution 1654 is `terminated'." 1655 ::= { smRunEntry 10 } 1657 -- 1658 -- Notifications. The definition of smTraps makes notification 1659 -- registrations reversible. 1660 -- 1662 smTraps OBJECT IDENTIFIER ::= { smNotifications 0 } 1664 smScriptAbort NOTIFICATION-TYPE 1665 OBJECTS { smRunExitCode } 1666 STATUS current 1667 DESCRIPTION 1668 "This notification is generated whenever a running script 1669 terminates with an smRunExitCode unequal to `noError'." 1670 ::= { smTraps 1 } 1672 smScriptResult NOTIFICATION-TYPE 1673 OBJECTS { smRunResult } 1674 STATUS current 1675 DESCRIPTION 1676 "This notification can be used by scripts to notify other 1677 management applications about script results. It can be 1678 used to notify managers about a script result. 1680 This notification is not automatically generated by the 1681 script MIB implementation. It is the responsibility of 1682 the executing script to emit this notification where it 1683 is appropriate to do so." 1684 ::= { smTraps 2 } 1686 -- conformance information 1688 smCompliances OBJECT IDENTIFIER ::= { smConformance 1 } 1689 smGroups OBJECT IDENTIFIER ::= { smConformance 2 } 1691 -- compliance statements 1693 smCompliance MODULE-COMPLIANCE 1694 STATUS current 1695 DESCRIPTION 1696 "The compliance statement for SNMP entities which implement 1697 the script MIB." 1698 MODULE -- this module 1699 MANDATORY-GROUPS { 1700 smLanguageGroup, smScriptGroup, smLaunchGroup, smRunGroup 1701 } 1702 GROUP smCodeGroup 1703 DESCRIPTION 1704 "The smCodeGroup is mandatory only for those implementations 1705 that support the downloading of scripts via SNMP." 1706 OBJECT smScriptSource 1707 MIN-ACCESS read-only 1708 DESCRIPTION 1709 "The smScriptSource object is read-only for implementations 1710 that are not able to download script code from a URL." 1711 OBJECT smRunState 1712 DESCRIPTION 1713 "A compliant implementation does not have to support script 1714 suspension and the smRunState `suspended'. Such an 1715 implementation will change into the `suspending' state 1716 when the smRunControl is set to `suspend' and remain in this 1717 state until smRunControl is set to `resume' or the script 1718 terminates." 1719 ::= { smCompliances 1 } 1721 smLanguageGroup OBJECT-GROUP 1722 OBJECTS { 1723 smLangLanguage, 1724 smLangVersion, 1725 smLangVendor, 1726 smLangRevision, 1727 smLangDescr, 1728 smExtsnExtension, 1729 smExtsnVersion, 1730 smExtsnVendor, 1731 smExtsnRevision, 1732 smExtsnDescr 1734 } 1735 STATUS current 1736 DESCRIPTION 1737 "A collection of objects providing information about the 1738 capabilities of the scripting engine." 1739 ::= { smGroups 1 } 1741 smScriptGroup OBJECT-GROUP 1742 OBJECTS { 1743 smScriptDescr, 1744 smScriptLanguage, 1745 smScriptSource, 1746 smScriptAdminStatus, 1747 smScriptOperStatus, 1748 smScriptStorageType, 1749 smScriptRowStatus 1750 } 1751 STATUS current 1752 DESCRIPTION 1753 "A collection of objects providing information about 1754 installed scripts." 1755 ::= { smGroups 2 } 1757 smCodeGroup OBJECT-GROUP 1758 OBJECTS { 1759 smCodeText, 1760 smCodeRowStatus 1761 } 1762 STATUS current 1763 DESCRIPTION 1764 "A collection of objects used to download or modify scripts 1765 by using SNMP set requests." 1766 ::= { smGroups 3 } 1768 smLaunchGroup OBJECT-GROUP 1769 OBJECTS { 1770 smLaunchScriptOwner, 1771 smLaunchScriptName, 1772 smLaunchArgument, 1773 smLaunchMaxRunning, 1774 smLaunchMaxCompleted, 1775 smLaunchLifeTime, 1776 smLaunchExpireTime, 1777 smLaunchStart, 1778 smLaunchControl, 1779 smLaunchAdminStatus, 1780 smLaunchOperStatus, 1781 smLaunchRunIndexNext, 1782 smLaunchStorageType, 1783 smLaunchRowStatus 1784 } 1785 STATUS current 1786 DESCRIPTION 1787 "A collection of objects providing information about scripts 1788 that can be launched." 1789 ::= { smGroups 4 } 1791 smRunGroup OBJECT-GROUP 1792 OBJECTS { 1793 smRunArgument, 1794 smRunStartTime, 1795 smRunEndTime, 1796 smRunLifeTime, 1797 smRunExpireTime, 1798 smRunExitCode, 1799 smRunResult, 1800 smRunState, 1801 smRunControl 1802 } 1803 STATUS current 1804 DESCRIPTION 1805 "A collection of objects providing information about running 1806 scripts." 1807 ::= { smGroups 5 } 1809 smNotificationsGroup NOTIFICATION-GROUP 1810 NOTIFICATIONS { 1811 smScriptAbort, 1812 smScriptResult 1813 } 1814 STATUS current 1815 DESCRIPTION 1816 "The notifications emitted by the script MIB." 1817 ::= { smGroups 6 } 1819 END 1821 7. Usage Examples 1823 This section presents some examples that explain how a manager can 1824 use the Script MIB defined in this memo. The purpose of these 1825 examples is to explain the steps that are normally used to delegate 1826 management scripts. 1828 7.1. Pushing a script via SNMP 1830 This example explains the steps performed by a manager to push a 1831 script into a distributed manager. 1833 1. The manager first checks the smLanguageTable and the 1834 smExtensionTable in order to select the appropriate script or 1835 language. 1837 2. The manager creates a row in the smScriptTable by issuing an 1838 SNMP set-request. The smScriptRowStatus object is set to 1839 `createAndWait' and the smScriptSource object is set to an empty 1840 string. The smScriptLanguage object is set to the language that 1841 should be used to execute the scipt. The smScriptStorageType 1842 object is set to `volatile' to indicate that the script will be 1843 loaded via the smCodeTable. The smScriptOwner is set to a 1844 string which identifies the principal who owns the new row. The 1845 smScriptName defines the administratively assigned unique name 1846 for the script. 1848 3. The manager sets the smScriptRowStatus object to `active' and 1849 the smScriptAdminStatus object to `editing'. 1851 4. The manager pushes the script to the distributed manager by 1852 issuing a couple of SNMP set-requests to fill the smCodeTable. 1854 5. Once the whole script has been transferred, the manager sends a 1855 set-request to set the smScriptAdminStatus object to `enabled'. 1856 The Script MIB implementation now makes the script accessible to 1857 the runtime system. This might include the compilation of the 1858 script if the language requires a compilation step. 1860 6. The manager polls the smScriptOperStatus object until the value 1861 is either `enabled' or one of the error status codes. The 1862 script can only be used if the value of smScriptOperStatus is 1863 `enabled'. 1865 7. If the manager wants to store the script in local non-volatile 1866 storage, it should send a set-request which changes the 1867 smScriptStorageType object to `nonVolatile'. 1869 7.2. Pulling a script from a URL 1871 This example explains the steps performed by a manager to pull a 1872 script from a URL. 1874 1. The manager first checks the smLanguageTable and the 1875 smExtensionTable in order to select the appropriate script or 1876 language. 1878 2. The manager creates a row in the smScriptTable by issuing an 1879 SNMP set-request. The smScriptRowStatus object is set to 1880 `createAndWait' and the smScriptSource object is set to the URL 1881 which points to the script source. The smScriptLanguage object 1882 is set to the language that should be used to execute the scipt. 1883 The smScriptOwner is set to a string which identifies the 1884 principal who owns the new row. The smScriptName defines the 1885 administratively assigned unique name for the script. 1887 3. The manager sets the smScriptRowStatus object to `active'. 1889 4. The manager sends a set-request to set the smScriptAdminStatus 1890 object to `enabled'. The Script MIB implementation now makes the 1891 script accessible to the runtime system. This causes a retrieval 1892 operation to pull the script from the URL stored in 1893 smScriptSource. This retrieval operation might be followed by a 1894 compile operation if the language requires a compilation step. 1896 5. The manager polls the smScriptOperStatus object until the value 1897 is either `enabled' or one of the error status codes. The 1898 script can only be used if the value of smScriptOperStatus is 1899 `enabled'. 1901 6. If the manager wants to store the script in local non-volatile 1902 storage, it should send a set-request which changes the 1903 smScriptStorageType object to `nonVolatile'. 1905 7.3. Modifying an existing script 1907 This section explains how a manager can modify a script by send SNMP 1908 set-requests. 1910 1. First, the script is de-activated by setting the 1911 smScriptAdminStatus to `disabled'. 1913 2. The manager polls the smScriptOperStatus object until the value 1914 is `disabled'. 1916 3. The manager sets smScriptSource to an empty string and 1917 smScriptAdminStatus to `editing'. This makes the script source 1918 available in the smCodeTable. 1920 4. The manager polls the smScriptOperStatus object until the value 1921 is `editing'. 1923 5. The manager sends SNMP set-requests to modify the script in the 1924 smCodeTable. 1926 6. The manager sends a set-request to set the smScriptAdminStatus 1927 object to `enabled'. The Script MIB implementation now makes the 1928 script accessible to the runtime system. This might include the 1929 compilation of the script if the language requires a compilation 1930 step. 1932 7. The manager polls the smScriptOperStatus object until the value 1933 is either `enabled' or one of the error status codes. The 1934 script can only be used if the value of smScriptOperStatus is 1935 `enabled'. 1937 7.4. Removing an existing script 1939 This section explains how a manager can remove a script from a 1940 distributed manager. 1942 1. First, the manager sets the smScriptAdminStatus to `disabled'. 1943 This will ensure that no new scripts can be started while 1944 running scripts finish their execution. 1946 2. The manager polls the smScriptOperStatus object until the value 1947 is `disabled'. 1949 3. The manager sends an SNMP set-request to change the 1950 smScriptRowStatus object to `destroy'. This will remove the row 1951 and all associated resources from the Script MIB implementation. 1953 7.5. Creating a launch button 1955 This section explains how a manager can create a launch button for 1956 starting a script. 1958 1. The manager, who is identified by an smLaunchOwner value, first 1959 chooses a name for the new row in the smLaunchTable. The manager 1960 sends an SNMP set-request to set the smLaunchRowStatus object 1961 for this smLaunchOwner and smLaunchName to `createAndWait'. 1963 2. The manager fills the new smLaunchTable row with all required 1964 parameters. The smLaunchScriptOwner and smLaunchScriptName 1965 values point to the script that should be started from this 1966 launch button. 1968 3. The manager sends a set-request to change smLaunchAdminStatus to 1969 `enabled' once the new smLaunchTable row is complete. 1971 4. The manager polls the smLaunchOperStatus object until the value 1972 is `enabled'. 1974 7.6. Launching a script 1976 This section explains the suggested way to launch a script from a 1977 given launch button. 1979 1. The manager first retrieves the value of smLaunchRunIndexNext 1980 from the launch button selected to start the script. 1982 2. The manager sends an SNMP set-request to set the smLaunchStart 1983 object to the value obtained in step 1. This will launch the 1984 script if all necessary pre-conditions are satisfied (see the 1985 definition of smLaunchStart for more details). The manager can 1986 also provide the smLaunchArgument in the same set-request that 1987 is used to start the script. Upon successful start, a new row 1988 will be created in the smRunTable indexed by smLaunchOwner, 1989 smLaunchName and the value written to smLaunchStart. 1991 Note, the first step is not required. A manager can also try to guess 1992 an unused value for smRunIndex if he wants to start script in a 1993 single transaction. A manager can also use the special value 0 if he 1994 does not care about the results produced by the script. 1996 7.7. Terminating a script 1998 This section explains two ways to terminate a running script. The 1999 first approach is as follows: 2001 1. The manager sets the smRunControl object of the running script 2002 or the smLaunchControl object of the launch button used to start 2003 the running script to `abort'. Setting smLaunchControl will 2004 abort all running scripts started from the launch button while 2005 smRunControl will only abort the running script associated with 2006 the smRunControl instance. 2008 The second way to terminate a script is to set the smRunLifeTime to 2009 zero which causes the runtime system to terminate the script with a 2010 `lifeTimeExceeded' exit code: 2012 1. The manager changes the value of smRunLifeTime to 0. This causes 2013 the Script MIB implementation to abort the script because the 2014 remaining life time has expired. 2016 Note, changing the smRunLifeTime value can also be used to increase 2017 the permitted lifetime of a running script. For example, a manager 2018 can choose to set smRunLifeTime to a small fixed time interval and 2019 increase the value periodically. This strategie has the nice effect 2020 that scripts terminate automatically if the manager looses contact 2021 with the Script MIB engine. 2023 7.8. Removing a launch button 2025 This section explains how a manager can remove a launch button from a 2026 distributed manager. 2028 1. First, the manager sets the smLaunchAdminStatus to `disabled'. 2029 This will ensure that no new scripts can be started from this 2030 launch button while running script will finish their execution. 2032 2. The manager polls the smLaunchOperStatus object until the value 2033 is `disabled'. 2035 3. The manager sends an SNMP set-request to change the 2036 smLaunchRowStatus object to `destroy'. This will remove the row 2037 and all associated resources from the Script MIB implementation. 2039 8. VACM Configuration Examples 2041 This section shows how the view-based access control model defined in 2042 RFC 2275 [15] can be configured to control access to the script MIB. 2044 8.1. Sandbox for guests 2046 The first example demonstrates how to configure VACM to give the 2047 members of the VACM group "guest" limited access to the script MIB. 2048 The MIB views defined below give the members of the "guest" group a 2049 sandbox where they can install and start their own scripts, but not 2050 access any other scripts maintained by the Script MIB implementation. 2052 vacmAccessReadView."guest"."".usm.authNoPriv = "guestReadView" 2053 vacmAccessWriteView."guest"."".usm.authNoPriv = "guestWriteView" 2055 The guestReadView grants read access to the smLangTable, the 2056 smExtsnTable and to all the table entries owned by "guest": 2058 guestReadView: 2059 smLangTable (included) 2060 smExtsnTable (included) 2061 smScriptObjects.*.*.*."guest" (included) 2062 smRunObjects.*.*.*."guest" (included) 2064 The guestWriteView grants write access to all the table entries owned 2065 by "guest": 2067 guestWriteView: 2068 smScriptObjects.*.*.*."guest" (included) 2069 smRunObjects.*.*.*."guest" (included) 2071 8.2. Sharing scripts 2073 This example demonstrates how VACM can be used to share a repository 2074 of scripts between the members of the "senior" and the members of the 2075 "junior" VACM group: 2077 vacmAccessReadView."junior"."".usm.authNoPriv = "juniorReadView" 2078 vacmAccessWriteView."junior"."".usm.authNoPriv = "juniorWriteView" 2080 juniorReadView: 2082 smLangTable (included) 2083 smExtsnTable (included) 2084 smScriptObjects.*.*.*."junior" (included) 2085 smRunObjects.*.*.*."junior" (included) 2086 smScriptObjects.*.*.*."utils" (included) 2088 juniorWriteView: 2089 smScriptObjects.*.*.*."junior" (included) 2090 smRunObjects.*.*.*."junior" (included) 2092 The definitions above allow the members of the "junior" VACM group to 2093 start the scripts owned by "utils" in addition to the script the 2094 members of the "junior" VACM group installed themself. This is 2095 accomplished by giving the members of "junior" read access to scripts 2096 in "utils". This allows members of "junior" to create entries in the 2097 smLauchTable which refer to scripts in "utils", and to launch those 2098 scripts using these entries in the smLaunchTable. 2100 vacmAccessReadView."senior"."".usm.authNoPriv = "seniorReadView" 2101 vacmAccessWriteView."senior"."".usm.authNoPriv = "seniorWriteView" 2103 seniorReadView: 2104 smLangTable (included) 2105 smExtsnTable (included) 2106 smScriptObjects.*.*.*."senior" (included) 2107 smRunObjects.*.*.*."senior" (included) 2108 smScriptObjects.*.*.*."utils" (included) 2110 seniorWriteView: 2111 smScriptObjects.*.*.*."senior" (included) 2112 smRunObjects.*.*.*."senior" (included) 2113 smScriptObjects.*.*.*."utils" (included) 2115 The definitions for the members of the "senior" VACM group allow to 2116 start the scripts owned by "utils" in addition to the script the 2117 members of the "senior" VACM group installed themself. The third 2118 write access rule in the seniorWriteView also grants the permission 2119 to install scripts owned by "utils". The members of the "senior" VACM 2120 group therefore have the permissions to install and modify scripts 2121 that can be called by the members of the "junior" VACM group. 2123 8.3. Emergency scripts 2125 This example demonstrates how VACM can be used to allow the members 2126 of the "junior" VACM group to launch scripts that are executed with 2127 the permissions associated with the "emergency" owner. This works by 2128 adding the following rules to the juniorReadView and the 2129 juniorWriteView: 2131 juniorReadView: 2132 smScriptObjects.*.*.*."emergency" (included) 2133 smRunObjects.*.*.*."emergency" (included) 2135 juniorWriteView 2136 smLaunchStart."emergency" (included) 2137 smLaunchArgument."emergency" (included) 2139 The rules added to the juniorReadView grant read access to the 2140 scripts, the launch buttons and the results owned by "emergency". The 2141 rules added to the juniorWriteView grant write permissions to the 2142 smLaunchStart and smLaunchArgument variables ownded by "emergency". 2143 Members of the "junior" VACM group can therefore start scripts that 2144 will execute under the owner "emergency". 2146 seniorReadView: 2147 smScriptObjects.*.*.*."emergency" (included) 2148 smRunObjects.*.*.*."emergency" (included) 2150 seniorWriteView: 2151 smScriptObjects.*.*.*."emergency" (included) 2152 smRunObjects.*.*.*."emergency" (included) 2154 The rules added to the seniorReadView and the seniorWriteView will 2155 give the members of the "senior" VACM group the rights to install 2156 emergency scripts and to configure appropriate launch buttons. 2158 9. IANA Considerations 2160 The Internet Assigned Numbers Authority (IANA) is responsible to 2161 maintain a MIB module which provides OID registrations for well-known 2162 languages. The IANA language registry is intented to reduce 2163 interoperability problems by providing a single list of well-known 2164 languages. However, it is of course still possible to register 2165 languages in private OID spaces. Registering languages in private 2166 spaces is especially attractive if a language is used for 2167 experimentation or if a language is only used in environments where 2168 the distribution MIB modules with the language registration does not 2169 cause any maintenance problems. 2171 Any additions or changes to the list of languages registered via IANA 2172 require Designated Expert Review as defined in the IANA guidelines 2173 [20]. The Designated Expert will be selected by the IESG Area 2174 Director for the IETF Operations and Management Area. 2176 10. Security Considerations 2178 This MIB provides the ability to distribute applications written in 2179 an arbitrary language to remote systems in a network. The security 2180 features of the languages available in a particular implementation 2181 should be taken into consideration when deploying an implementation 2182 of this MIB. 2184 To facilitate the provisioning of access control by a security 2185 administrator using the View-Based Access Control Model (VACM) 2186 defined in RFC 2275 [15] for tables in which multiple users may need 2187 to independently create or modify entries, the initial index is used 2188 as an "owner index". Such an initial index has a syntax of 2189 SnmpAdminString, and can thus be trivially mapped to a securityName 2190 or groupName as defined in VACM, in accordance with a security 2191 policy. 2193 All entries in related tables belonging to a particular user will 2194 have the same value for this initial index. For a given user's 2195 entries in a particular table, the object identifiers for the 2196 information in these entries will have the same subidentifiers 2197 (except for the "column" subidentifier) up to the end of the encoded 2198 owner index. To configure VACM to permit access to this portion of 2199 the table, one would create vacmViewTreeFamilyTable entries with the 2200 value of vacmViewTreeFamilySubtree including the owner index portion, 2201 and vacmViewTreeFamilyMask "wildcarding" the column subidentifier. 2202 More elaborate configurations are possible. 2204 The VACM access control mechanism described above provides control 2205 over SNMP access to Script MIB objects. There are a number of other 2206 access control issues that are outside of the scope of this MIB. For 2207 example, access control on URLs, especially those that use the file 2208 scheme, must be realized by the underlying operating system. A 2209 mapping of the owner index value to a local operating system security 2210 user identity should be used by an implementation of this MIB to 2211 control access to operating system resources when resolving URLs or 2212 executing scripts. 2214 11. Intellectual Property 2216 The IETF takes no position regarding the validity or scope of any 2217 intellectual property or other rights that might be claimed to 2218 pertain to the implementation or use of the technology described in 2219 this document or the extent to which any license under such rights 2220 might or might not be available; neither does it represent that it 2221 has made any effort to identify any such rights. Information on the 2222 IETF's procedures with respect to rights in standards-track and 2223 standards-related documentation can be found in BCP-11. Copies of 2224 claims of rights made available for publication and any assurances of 2225 licenses to be made available, or the result of an attempt made to 2226 obtain a general license or permission for the use of such 2227 proprietary rights by implementors or users of this specification can 2228 be obtained from the IETF Secretariat. 2230 The IETF invites any interested party to bring to its attention any 2231 copyrights, patents or patent applications, or other proprietary 2232 rights which may cover technology that may be required to practice 2233 this standard. Please address the information to the IETF Executive 2234 Director. 2236 12. Acknowledgments 2238 This document was produced by the IETF Distributed Management 2239 (DISMAN) working group. 2241 13. References 2243 [1] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for 2244 Describing SNMP Management Frameworks", RFC 2271, Cabletron 2245 Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, 2246 January 1998 2248 [2] Rose, M., and K. McCloghrie, "Structure and Identification of 2249 Management Information for TCP/IP-based Internets", RFC 1155, 2250 Performance Systems International, Hughes LAN Systems, May 1990 2252 [3] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, 2253 Performance Systems International, Hughes LAN Systems, March 1991 2255 [4] M. Rose, "A Convention for Defining Traps for use with the SNMP", 2256 RFC 1215, Performance Systems International, March 1991 2258 [5] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure 2259 of Management Information for Version 2 of the Simple Network 2260 Management Protocol (SNMPv2)", RFC 1902, SNMP Research,Inc., Cisco 2261 Systems, Inc., Dover Beach Consulting, Inc., International Network 2262 Services, January 1996. 2264 [6] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual 2265 Conventions for Version 2 of the Simple Network Management Protocol 2266 (SNMPv2)", RFC 1903, SNMP Research, Inc., Cisco Systems, Inc., 2267 Dover Beach Consulting, Inc., International Network Services, 2268 January 1996. 2270 [7] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Conformance 2271 Statements for Version 2 of the Simple Network Management Protocol 2272 (SNMPv2)", RFC 1904, SNMP Research, Inc., Cisco Systems, Inc., 2273 Dover Beach Consulting, Inc., International Network Services, 2274 January 1996. 2276 [8] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network 2277 Management Protocol", RFC 1157, SNMP Research, Performance Systems 2278 International, Performance Systems International, MIT Laboratory 2279 for Computer Science, May 1990. 2281 [9] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 2282 "Introduction to Community-based SNMPv2", RFC 1901, SNMP Research, 2283 Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., 2284 International Network Services, January 1996. 2286 [10] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport 2287 Mappings for Version 2 of the Simple Network Management Protocol 2288 (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc., 2289 Dover Beach Consulting, Inc., International Network Services, 2290 January 1996. 2292 [11] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message 2293 Processing and Dispatching for the Simple Network Management 2294 Protocol (SNMP)", RFC 2272, SNMP Research, Inc., Cabletron Systems, 2295 Inc., BMC Software, Inc., IBM T. J. Watson Research, January 1998. 2297 [12] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for 2298 version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2299 2274, IBM T. J. Watson Research, January 1998. 2301 [13] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol 2302 Operations for Version 2 of the Simple Network Management Protocol 2303 (SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco Systems, Inc., 2304 Dover Beach Consulting, Inc., International Network Services, 2305 January 1996. 2307 [14] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2308 2273, SNMP Research, Inc., Secure Computing Corporation, Cisco 2309 Systems, January 1998 2311 [15] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access 2312 Control Model (VACM) for the Simple Network Management Protocol 2313 (SNMP)", RFC 2275, IBM T. J. Watson Research, BMC Software, Inc., 2314 Cisco Systems, Inc., January 1998 2316 [16] Hovey, R., and S. Bradner, "The Organizations Involved in the IETF 2317 Standards Process", BCP 11, RFC 2028, October 1996. 2319 [17] Berners-Lee, T., Masinter, L., and M. McCahill, Editors, "Uniform 2320 Resource Locators (URL)", RFC 1738, CERN, Xerox Corporation, 2321 University of Minnesota, December 1994. 2323 [18] Postel, J., and J. Reynolds, "File Transfer Protocol", STD 9, RFC 2324 959, ISI, October 1985. 2326 [19] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., and T. Berners- 2327 Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2068, UC 2328 Irvine, DEC, MIT/LCS, January 1997. 2330 [20] Narten, T., and H. Alvestrand, "Guidelines for Writing an IANA 2331 Considerations Section in RFCs", Internet Draft , IBM, UNINETT, May 1998. 2334 14. Editors' Addresses 2336 David B. Levi Email: levi@snmp.com 2337 SNMP Research, Inc. Tel: +1 423 573 1434 2338 3001 Kimberlin Heights Road 2339 Knoxville, TN 37920-9716 2340 U.S.A. 2342 Juergen Schoenwaelder Email: schoenw@ibr.cs.tu-bs.de 2343 TU Braunschweig Tel: +49 531 391-3683 2344 Bueltenweg 74/75 2345 38106 Braunschweig 2346 Germany 2348 15. Full Copyright Statement 2350 Copyright (C) The Internet Society (1998). All Rights Reserved. 2352 This document and translations of it may be copied and furnished to 2353 others, and derivative works that comment on or otherwise explain it 2354 or assist in its implementation may be prepared, copied, published 2355 and distributed, in whole or in part, without restriction of any 2356 kind, provided that the above copyright notice and this paragraph are 2357 included on all such copies and derivative works. However, this 2358 document itself may not be modified in any way, such as by removing 2359 the copyright notice or references to the Internet Society or other 2360 Internet organizations, except as needed for the purpose of 2361 developing Internet standards in which case the procedures for 2362 copyrights defined in the Internet Standards process must be 2363 followed, or as required to translate it into languages other than 2364 English. 2366 The limited permissions granted above are perpetual and will not be 2367 revoked by the Internet Society or its successors or assigns. 2369 This document and the information contained herein is provided on an 2370 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 2371 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 2372 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 2373 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 2374 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 2376 16. IANA Language Registration MIB 2378 This appendix defines the initial content of the IANA-LANGUAGE-MIB. 2379 This section should be removed from this document prior to its approval, 2380 at which time this MIB will be administered by IANA. 2382 IANA-LANGUAGE-MIB DEFINITIONS ::= BEGIN 2384 IMPORTS 2385 MODULE-IDENTITY, OBJECT-IDENTITY, experimental 2386 FROM SNMPv2-SMI; 2388 ianaLanguages MODULE-IDENTITY 2389 LAST-UPDATED "9807170000Z" 2390 ORGANIZATION "IANA" 2391 CONTACT-INFO 2392 "Internet Assigned Numbers Authority (IANA) 2394 Postal: USC/Information Sciences Institute 2395 4676 Admiralty Way, Marina del Rey, CA 90292 2397 Tel: +1 310 822 1511 2398 E-Mail: iana@isi.edu" 2399 DESCRIPTION 2400 "The MIB module registers object identifier values for 2401 well-known programming and scripting languages. 2403 Any additions or changes to the contents of this MIB 2404 module require Designated Expert Review as defined in 2405 the Guidelines for Writing IANA Considerations Section 2406 document. The Designated Expert will be selected by 2407 the IESG Area Director of the OPS Area. 2409 Note that this module does not have to register all possible 2410 languages since languages are identified by object identifier 2411 values. It is therefore possible to registered language in 2412 private OID trees. 2414 The references given below are not normative with regard to 2415 the language version. Other references might be better suited 2416 to describe some newer versions of this language. The 2417 references are only provided as `a pointer into the right 2418 direction'." 2419 -- XXX Replace with real registration number from IANA. Note, the 2420 -- XXX IMPORTS must be updated when the real number is assigned. 2421 ::= { experimental 9876 } 2423 ianaLangJavaVM OBJECT-IDENTITY 2424 STATUS current 2425 DESCRIPTION 2426 "The Java virtual machine." 2427 REFERENCE 2428 "The Java Virtual Machine Specification. 2429 ISBN 0-201-63452-X" 2430 ::= { ianaLanguages 1 } 2432 ianaLangTcl OBJECT-IDENTITY 2433 STATUS current 2434 DESCRIPTION 2435 "The Tool Command Language (Tcl)." 2436 REFERENCE 2437 "Tcl and the Tk Toolkit. 2438 ISBN 0-201-63337-X" 2439 ::= { ianaLanguages 2 } 2441 ianaLangPerl OBJECT-IDENTITY 2442 STATUS current 2443 DESCRIPTION 2444 "The Perl Language." 2445 REFERENCE 2446 "Programming Perl. 2447 ISBN 1-56592-149-6" 2448 ::= { ianaLanguages 3 } 2450 ianaLangScheme OBJECT-IDENTITY 2451 STATUS current 2452 DESCRIPTION 2453 "The Scheme Language." 2454 REFERENCE 2455 "The Revised^4 Report on the Algorithmic Language Scheme. 2456 MIT Press" 2457 ::= { ianaLanguages 4 } 2459 ianaLangSSL OBJECT-IDENTITY 2460 STATUS current 2461 DESCRIPTION 2462 "The SNMP Script Language defined by SNMP Research." 2463 ::= { ianaLanguages 5 } 2465 ianaLangPSL OBJECT-IDENTITY 2466 STATUS current 2467 DESCRIPTION 2468 "The Patrol Script Language defined by BMC Software." 2469 REFERENCE 2470 "PATROL Script Language Reference Manual, Version 3.0, 2471 November 30, 1995. BMC Software, Inc. 2101 City West Blvd., 2472 Houston, Texas 77042." 2473 ::= { ianaLanguages 6 } 2475 ianaLangSMSL OBJECT-IDENTITY 2476 STATUS current 2477 DESCRIPTION 2478 "The Systems Management Scripting Language." 2479 REFERENCE 2480 "ISO/ITU Command Sequencer. 2481 ISO 10164-21 or ITU X.753" 2482 ::= { ianaLanguages 7 } 2484 END 2486 17. Revision History 2488 This section should be removed once this document gets published as an 2489 RFC. 2491 17.1. Changes from 2493 o Removed smLanguageVersion from the INDEX clause of 2494 smLanguageEntry. 2496 o Changed the order of smLanguageVersion and smLanguageID to make 2497 it consistent with the smExtensionTable. 2499 o Changed the definition of OwnerString so that it is compatible 2500 with the RMON definition. (The OwnerString definition should be 2501 defined in the DISMAN MIB.) 2503 o Clarified the definition of UniformResourceLocator to use the 2504 character set and encodings as defined by RFC 1738. 2506 o Changed the definition of VersionString to use a DisplayString 2507 as a base type. Changes the maximum length to 31 octets so that 2508 it easily fits into a 32 byte null-terminated string. 2510 o Restricted the values of smLanguageIndex to positive numbers. 2512 o Changed to allow modification of smScriptSource if smRowStatus 2513 is notReady. 2515 o Changed the type of smExecInterval to Unsigned32. 2517 o Changed the order of the first two operations in example 11.3. 2519 o Added a default value to smExecLastError, smExecInterval and 2520 smExecLastFinished. 2522 o Changed the wording of requirement 1 to avoid the term "concrete 2523 language". 2525 o Clarified the requirement to handle multiple version of the same 2526 script as well as scripts with the same administrative name 2527 owned by different managers in section 4.2. 2529 o Added text to the smScriptRowStatus description which requires 2530 to reset the smScriptOperStatus to unknown if the 2531 smScriptRowStatus is set to notInService. Also clarified that 2532 the value of smScriptAccess must be notAccessible or readOnly 2533 when setting smScriptRowStatus to active. 2535 o Added some more DEFVALs for RowStorage and some other objects. 2537 o Changes the range of smScriptNext and smExecNext to more 2538 reasonable values. Allow the value 0 so that the agent can give 2539 a hint if we have reached a resource limit (Perkins). 2541 o Moved the smCodeTable into the smScript group and removed the 2542 smCode group. 2544 o Changed the maximum size of smExecArgument and smExecLastResult 2545 to 2048. 2547 o Minor modifications to the MIB so that it passes the smicng 2548 compiler contained in Dave Perkins and Evan McGinnis book. 2550 o Rewrote the smExec group. The scheduling mechanism has been 2551 removed and the smExecTable has been split into the smExecTable 2552 and the smRunTable. 2554 o Changed the smScriptOperStatus state `loading' into `retrieving' 2555 to avoid confusion with runtime systems that have a loading 2556 phase. 2558 o Rewrote some paragraphs in the text to document the smExecTable 2559 and the smRunTable. 2561 o More changes in the smExecTable and the smRunTable. 2563 o Replaced the RowStorage TC with RFC 1903 StorageType since there 2564 are code bases that already support this TC. 2566 17.2. Changes from 2568 o Split the OBJECT-GROUP definition into smaller pieces. Changed 2569 the the compliance definition to full compliance. This permits 2570 the creation of additional compliance statements for agents with 2571 different capabilities (for example, agents which do not permit 2572 downloading or modifying scripts). 2574 o Changed the name of the smExecTable to smLaunchTable to avoid 2575 confusing. 2577 o Changed the names of the following objects as follows: 2578 smRunLifeTime -> smRunLifeTime 2579 smRunCompletedLifeTime -> smRunExpireTime 2580 smLaunchRunningLifeTime -> smLaunchLifeTime 2581 smLaunchCompletedLifeTime -> smLaunchExpireTime 2583 o Fixed the registration of smLanguageID, smLanguageVersion, 2584 smRunNext and smRunTable to close some gaps. 2586 o Clarified that smRunLifeTime is always 0 when a script has 2587 finished execution. 2589 o Removed the smScriptAccess. The SNMP access control model should 2590 be used to control whether script source is readable/writable or 2591 invisible. 2593 o Changed smScriptRowStorage and smLaunchRowStorage to 2594 smScriptStorageType and smLaunchStorageType which is more 2595 consistent with other MIBs. 2597 o Changed smScriptRowOwner and smLaunchRowOwner to smScriptOwner 2598 and smLaunchOwner. 2600 o Split the section about open and closed issues into two separate 2601 sections. 2603 17.3. Changes from 2605 o Added PSL and SMSL to the language directory. 2607 o Added the IPR section required by RFC 2026. 2609 o Clearified that languages may be registered in other branches of 2610 the OID registration tree. 2612 o Replaced "continue" with "resume". 2614 o Removed the consecutive value constaint for smCodeIndex. 2616 o Relaxed the index ranges from 1..65535 to 1..2147483647. 2618 o Turned the script exit codes into a textual convention. 2620 o The compliance macro allows implementations that do not support 2621 the push nor the pull model to download script code. 2623 o Changed the definition of smRunOperStatus to a) allow transient 2624 states between reception of a `signal' and the actual state 2625 change b) to use only one state to represent a terminated 2626 script. The smRunExitCode object contains the information 2627 necessary to distinguish between an aborted script and a script 2628 which terminates normally. 2630 o Added a smScriptAbort notification as discussed in San Jose. 2632 o Removed the index component smLanguageIndex from the 2633 smScriptTable, the smCodeTable, the smLaunchTable and the 2634 smRunTable. Added a new smScriptLanguage column which identifies 2635 the language. 2637 o Replaced DisplayStrings with SnmpAdminStrings to facilitate 2638 internationalization. 2640 o Removed the sections on open and closed issues. 2642 o Added smLauchAdminStatus and smLauchOperStatus. Added a note 2643 that writing smLauchStart will result in an inconsistentValue 2644 error if the value of smLauchOperStatus is disabled. 2646 o Updated the section about the SNMP management framework and 2647 added references to SNMPv3. 2649 o Added the smScriptAdminStatus object and renamed the 2650 smScriptStatus object to smScriptOperStatus. Renamed some of the 2651 states of the smScriptOperStatus object and added a short 2652 explanation for each possible state. 2654 o Changed the indexing scheme to use owner string as the first 2655 component. 2657 o Clarified the value of smRunStartTime and smRunEndTime after 2658 discontinuities. 2660 o Updated the usage examples to reflect the recent changes. 2662 17.4. Changes from 2664 o Fixed a few typos. 2666 o Removed the text from the description of smScriptRowStatus which 2667 explained when a script is known by the runtime system. 2669 o Removed the size constraints from and smLaunchArgument, 2670 smRunArgument and smRunResult. Added text that script designers 2671 might want to return pointers to results instead of the result 2672 itself if it can get very large. 2674 o Added reference to BCP-11. 2676 o Added the new boilerplate and the references that go along with 2677 it. 2679 o Renamed smRunOperStatus to smRunState and smRunAdminStatus to 2680 smRunControl. smRunControl is now identical to smLaunchControl 2681 with the exeception that smLaunchControl "loops" over all 2682 smRunControl objects that belong to a particular launch button. 2683 This change also allows to define a semantically sound default 2684 value for smLaunchControl (previously smRunAdminStatus). 2686 o RowStatus clarifications when you are allowed to destroy a row 2687 or take a row out of service. 2689 o Clarified that smRunLifeTime is frozen while the running script 2690 is suspended. 2692 o Added a new notification smScriptResult which can be used by 2693 scripts to send results via traps and informs. Changed the 2694 description of smRunResult so that it can contain results while 2695 the script is still executing. 2697 o The smCodeText size restriction now starts at 1 instead of 0. 2699 o Changed the data type of smRunStartTime and smRunEndTime from 2700 TimeStamp to DateAndTime. Added text to the description how 2701 these objects are initialized. 2703 o Changed smLaunchMaxRunning and smLaunchMaxCompleted from 2704 Integer32 (1..1024) to Unsigned32 (1..4294967295). 2706 o Added the IANA-LANGUAGE-MIB and added an "IANA Considerations" 2707 section with appropriate references. Clarified the meaning of 2708 the REFERENCE clauses in the IANA-LANGUAGE-MIB. 2710 o Added text to section 4.2 that neither the push nor the pull 2711 model are required and that the MIB can also be used with hard- 2712 wired scripts. 2714 o Restructured section 5 along the object groups. For each group, 2715 list the operations provided by this group. 2717 o Removed the intermediate smLanguage, smScript and smExec nodes. 2718 Renamed the smLanguage and the smExtension table and added 2719 attributes for the language vendor and the implementation 2720 version number. 2722 o Changed smLangIndex, smExtsnIndex, smCodeIndex, smRunNext, 2723 smRunIndex from Integer32 to Unsigned32 for `architectural 2724 purity'. 2726 o Changed the indexing structure to use (smScriptOwner, 2727 smScriptName) instead of (smScriptOwner, smScriptIndex) and 2728 (smLaunchOwner, smLaunchName) instead of (smLaunchOwner, 2729 smLaunchIndex). Removed the smScriptNext, the smLaunchNext and 2730 the smScriptVersion objects. 2732 o Moved the smRunNext object into the smLaunchTable 2733 (smLaunchRunIndexNext) so that we generate unique smRunIndex 2734 values for a given (smLaunchOwner, smLaunchName). 2736 o The tuple (smLaunchScriptOwner, smLaunchScriptName) now refers 2737 to the script in the smScriptTable. These objects can not be 2738 modified as long as the smLaunchTable entry is enabled. 2740 o Changed the MIB module name to DISMAN-SCRIPT-MIB. 2742 o Changed smScriptSource data type to DisplayString and added text 2743 to explain the difference between a "file:/..." URL and an empty 2744 value. 2746 o Added text to the security considerations section. (Needs 2747 probably more work.) 2749 o Added a more detailed description how write attempts to 2750 smLaunchStart are handled. 2752 o Merged the ExitCode TC into the smRunExitCode object as it is 2753 only used once. 2755 o Merged the VersionString TC into the objects that used this TC. 2756 This avoids any problems with regard to TC subtyping at a 2757 reasonable cost. 2759 o Added a clause to the compliance statement that script 2760 suspension is not required in order to be compliant. 2762 o Added two intermediate MIB nodes (smScriptObjects and 2763 smRunObjects) in order to group tables with similar indexing 2764 structures together. This allows to make use of the VACM 2765 wildcarding mechanism to reduce the total number of VACM 2766 entries. 2768 17.5. Changes from 2770 o Some clarifications for smRunLifeTime and smRunExpireTime. 2772 o Added VACM configuration examples. 2774 o Moved the change logs to the end of the document. 2776 Table of Contents 2778 1 Abstract ..................................................... 2 2779 2 The SNMP Management Framework ................................ 2 2780 3 Overview ..................................................... 3 2781 3.1 Terms ...................................................... 3 2782 4 Requirements and Design Issues ............................... 4 2783 4.1 Script Languages ........................................... 5 2784 4.2 Script Transfer ............................................ 6 2785 4.3 Script Execution ........................................... 7 2786 5 The Structure of the MIB ..................................... 8 2787 5.1 The smLanguageGroup ........................................ 8 2788 5.2 The smScriptGroup .......................................... 8 2789 5.3 The smCodeGroup ............................................ 9 2790 5.4 The smLaunchGroup .......................................... 10 2791 5.5 The smRunGroup ............................................. 10 2792 6 Definitions .................................................. 12 2793 7 Usage Examples ............................................... 41 2794 7.1 Pushing a script via SNMP .................................. 41 2795 7.2 Pulling a script from a URL ................................ 42 2796 7.3 Modifying an existing script ............................... 42 2797 7.4 Removing an existing script ................................ 43 2798 7.5 Creating a launch button ................................... 43 2799 7.6 Launching a script ......................................... 44 2800 7.7 Terminating a script ....................................... 44 2801 7.8 Removing a launch button ................................... 45 2802 8 VACM Configuration Examples .................................. 46 2803 8.1 Sandbox for guests ......................................... 46 2804 8.2 Sharing scripts ............................................ 46 2805 8.3 Emergency scripts .......................................... 47 2806 9 IANA Considerations .......................................... 48 2807 10 Security Considerations ..................................... 49 2808 11 Intellectual Property ....................................... 50 2809 12 Acknowledgments ............................................. 50 2810 13 References .................................................. 51 2811 14 Editors' Addresses .......................................... 53 2812 15 Full Copyright Statement .................................... 53 2813 16 IANA Language Registration MIB .............................. 54 2814 17 Revision History ............................................ 57 2815 17.1 Changes from ........ 57 2816 17.2 Changes from ........ 58 2817 17.3 Changes from ........ 59 2818 17.4 Changes from ........ 60 2819 17.5 Changes from ........ 63