Recently, I was playing with the hook programs that can be run, and read via the snmpd daemon....
(like a remote df, or a remote iostat... etc)
The snmpd daemon is given a program to run, if a certain MIB is strobed...
This runs fine, when I as root, spawn the SNMPD daemon.
However, when the automatic boot in rc5.d starts it, (and it is the identical script file I use to start it with manually), during init, it appears to work, as the daemon starts....
but, I get no data back. I -do-, however, find the following in the logs, however....
Mar 4 17:00:02 smoker kernel: audit(1109973602.066:0): avc: denied { write } for pid=1180 exe=/usr/sbin/snmpd path=pipe:[135310] dev=pipefs ino=135310 scontext=user_u:system_r:snmpd_t tcontext=user_u:system_r:snmpd_t tclass=fifo_file
The source and the targets appear to be the same, yet it is denied.
????
Ideas ?
init script:
-rwxr-xr-x root root system_u:object_r:initrc_exec_t /etc/rc.d/init.d/snmpd
An example of a Target file, ran by snmpd:
-r-xr-xr-x root root root:object_r:etc_t /etc/snmp/snmpload
It looks as though it cannot properly inherit the childs pipe, when ran by init ?
