snmpd proc monitoring problem
Daniel J Walsh
dwalsh at redhat.com
Fri Apr 29 19:39:40 UTC 2005
Carlos Pastorino wrote:
>Hello,
>
>I've inserted the following line on my /etc/snmpd.conf file:
>
> proc sshd
>
>Then I executed the following command:
>
>snmpwalk -On -v2c -c public localhost .1.3.6.1.4.1.2021.2.1
>
>and got the answer:
>
>.1.3.6.1.4.1.2021.2.1.1.1 = INTEGER: 1
>.1.3.6.1.4.1.2021.2.1.2.1 = STRING: sshd
>.1.3.6.1.4.1.2021.2.1.3.1 = INTEGER: 0
>.1.3.6.1.4.1.2021.2.1.4.1 = INTEGER: 0
>.1.3.6.1.4.1.2021.2.1.5.1 = INTEGER: 0
>.1.3.6.1.4.1.2021.2.1.100.1 = INTEGER: 1
>.1.3.6.1.4.1.2021.2.1.101.1 = STRING: No sshd process running.
>.1.3.6.1.4.1.2021.2.1.102.1 = INTEGER: 0
>.1.3.6.1.4.1.2021.2.1.103.1 = STRING:
>
>But, if I execute the command below:
>
>setenforce 0
>
>I get the correct answer:
>
>.1.3.6.1.4.1.2021.2.1.1.1 = INTEGER: 1
>.1.3.6.1.4.1.2021.2.1.2.1 = STRING: sshd
>.1.3.6.1.4.1.2021.2.1.3.1 = INTEGER: 0
>.1.3.6.1.4.1.2021.2.1.4.1 = INTEGER: 0
>.1.3.6.1.4.1.2021.2.1.5.1 = INTEGER: 2
>.1.3.6.1.4.1.2021.2.1.100.1 = INTEGER: 0
>.1.3.6.1.4.1.2021.2.1.101.1 = STRING:
>.1.3.6.1.4.1.2021.2.1.102.1 = INTEGER: 0
>.1.3.6.1.4.1.2021.2.1.103.1 = STRING:
>
>The problem is, nothing shows up on /var/log/messages to allow me to
>figure out how to tweak the
>/etc/selinux/targeted/src/policy/domains/program/snmpd.te file.
>
>Any hints?
>
>Regards,
>
>Carlos
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
You are being bitten by a dontaudit rule. To disable dont audits
cd /etc/selinux/targeted/src/policy
make enableaudit
make load
The culprit line is the following.
dontaudit snmpd_t domain:dir { getattr search };
If you change this to allow you will get further.
--
More information about the fedora-selinux-list
mailing list