Net SNMP daemon doesn't start

Question

I had it working perfectly for years but suddenly (I think it's following the debian 8 -> debian 9 upgrade) it stopped working.

I have tried several things and ended up purging everything:

# apt purge snmp snmpd

and then reinstalled, but it still doesn't work.

I'm starting it with systemd (even if it's in /etc/init.d) with

# systemctl start snmpd

I see that the process is started with the following options:

/usr/sbin/snmpd -Lsd -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux mteTrigger mteTriggerConf -f

Here's the daemon status:

# systemctl status snmpd
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
   Loaded: loaded (/lib/systemd/system/snmpd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2017-09-17 12:59:43 CEST; 5min ago
  Process: 58656 ExecStartPre=/bin/mkdir -p /var/run/agentx (code=exited, status=0/SUCCESS)
 Main PID: 58659 (snmpd)
    Tasks: 1 (limit: 9830)
   Memory: 5.9M
      CPU: 27ms
   CGroup: /system.slice/snmpd.service
           └─58659 /usr/sbin/snmpd -Lsd -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux mteTrigger mteTriggerConf -f

Sep 17 12:59:43 dikkenek systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon....
Sep 17 12:59:43 dikkenek systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..
Sep 17 12:59:43 dikkenek snmpd[58659]: error on subcontainer 'ia_addr' insert (-1)

I also saw that the user changed from snmp to Debian-snmp. I personally think it's a stupid change, but in the end I don't really care. I don't know if it's the cause of my problem.

The actual problem is:

• I can't stop or kill the process, I have to kill with -9 for it to stop
• if I start the process by hand, the shell is locked and doesn't respond to ctrl-C, ctrl-Z, etc
• the UDP port is not opened, e.g. lsof -i udp:161 doesn't return anything
• when trying to stop it (e.g. systemctl stop snmpd) it hangs and I have to actually pkill -9 snmpd to recover

I have checked that:

• iptables allows the traffic
• the configuration files are default
• the conf says it should listen to localhost:161
• launching it with -LS7d doesn't yield anything interesting in syslog (same output as the systemctl status output above)

Any attempt to get or walk on any version/community yields a timeout error.

I don't know a/ what happened, and b/ how to get it back on its feet.

Answer 1

I has a bogus NFS mount that for some reason was scanned by the SNMP daemon.

I stopped autofs, lazily umounted the bogus NFS shares and restarted SNMPd.

I could find that by stracing SNMP:

strace snmpd

It was stuck at stat on the bogus NFS share.