Enable an SNMP Script
SNMP scripts are stored on a device’s hard drive in the /var/db/scripts/snmp directory or on the flash drive
in the /config/scripts/snmp directory.
Only users in the Junos OS super-user
login class can access
and edit files in these directories. For information about setting
the storage location for scripts, see Storing and Enabling Scripts and Storing Scripts in Flash Memory.
To prevent the execution of unauthorized Python code on devices
running Junos OS, unsigned Python scripts must meet certain requirements
before you can execute the scripts on a device. Starting in Junos OS Release 16.1R3, unsigned Python
scripts must be owned by either root or a user in the Junos OS super-user
login class, and only the file owner can have write
permission for the file. Prior to Junos OS
Release 16.1R3, unsigned Python scripts must only be owned by the
root user. For detailed information about the requirements for executing
Python automation scripts on devices running Junos OS, see Requirements for Executing Python Automation Scripts
on Devices Running Junos OS.
If the device has dual Routing Engines and you want to
enable an SNMP script to execute on both Routing Engines, you can
copy the script to the /var/db/scripts/snmp or /config/scripts/snmp directory
on both Routing Engines, or you can issue the commit synchronize
scripts
command to synchronize the configuration and copy the
scripts to the other Routing Engine as part of the commit operation.
You must enable an SNMP script before it can be executed.
To enable an SNMP script, include the file filename
statement at the [edit system scripts snmp]
hierarchy
level, and specify the name of a file containing an SNMP script. Only
users who belong to the Junos OS super-user
login class
can enable SNMP scripts.
[edit system scripts snmp] user@host# set file filename
SLAX and Python scripts must include the .slax or .py filename extension, respectively,
in both the actual script name and the filename in the configuration.
XSLT scripts do not require a filename extension, but we strongly
recommend that you append the .xsl extension. Whether or not you choose to include the .xsl extension on the file, the filename that you
add at the [edit system scripts op file]
hierarchy level
must exactly match the filename of the script in the directory. For
example, if the XSLT script filename is script1.xsl, then you must include script1.xsl in the configuration hierarchy to enable the script; likewise, if
the XSLT script filename is script1, then you must include script1 in
the configuration hierarchy.
By default, you cannot execute unsigned Python scripts
on devices running Junos OS. To enable the execution of unsigned Python
automation scripts that meet the requirements outlined in Requirements for Executing Python Automation Scripts
on Devices Running Junos OS, you must configure the language python
or language python3
statement at
the [edit system scripts]
hierarchy level.
[edit system scripts] user@host# set language (python | python3)
By default, Junos OS executes Python SNMP scripts with
the access privileges of the generic, unprivileged user and group nobody
. Starting in Junos OS Release 16.1R3, you can specify
the user under whose access privileges the Python script will execute.
To execute a Python SNMP script under the access privileges of a specific
user, configure the python-script-user username
statement at the [edit system scripts snmp file filename] hierarchy level
.
[edit system scripts snmp file filename] user@host# set python-script-user username
To enable a user who does not belong to the file’s user or group class to execute an unsigned Python automation script, the script’s file permissions must include read permission for others.
To determine which SNMP scripts are currently enabled on the device, use the
show
command to display the files configured at the [edit
system scripts snmp]
hierarchy level.
[edit system scripts snmp] user@host# show
To ensure that the enabled files are on the device, list the contents of the
/var/run/scripts/snmp/ directory using the file list
/var/run/scripts/snmp
operational mode command.
user@host> file list /var/run/scripts/snmp
In order for SNMP scripts to return values for OIDs, SNMP must be configured on the device running Junos OS. For more information about configuring SNMP, see the Junos OS Network Management Administration Guide for Routing Devices.
Change History Table
Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.
super-user
login class, and only the file owner can have write
permission for the file.