Lopez, Denise wrote:
Hello everyone,
I keep getting the following messages in my messages log about every
30 seconds or so. I have SELinux set to enforcing and targeted mode.
If I do a getenforce on the command line it returns enforcing.
Dec 1 12:31:03 dev kernel: audit(1165005063.015:258313): avc: denied
{ getattr } for pid=31342 comm="snmpd" name="/" dev=sda3 ino=2
scontext=system_u:system_r:snmpd_t
tcontext=system_u:object_r:home_root_t tclass=dir
I need help deciphering what is happening. I have a snmpd daemon
running that responds to queries from a Nagios host that performs
service checks.
snmp is trying to getattr /home. Which is being denied by SELinux. The
latest policy looks like this is allowed. So you can either update to
the latest policy, or you can use
grep snmpd_t /var/log/audit/audit.log | audit2allow -M mysnmp
And load your own custom policy.
Thanks in advance.
Denise Lopez
UCLA Center for Digital Humanities
Network Services
Systems Engineer
337 Charles E. Young Drive East
PPB 1020
Los Angeles, CA 90095
310/206-8216
------------------------------------------------------------------------
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
