Lopez, Denise wrote:
snmp is trying to getattr /home. Which is being denied by SELinux. The latest policy looks like this is allowed. So you can either update to the latest policy, or you can useHello everyone,I keep getting the following messages in my messages log about every 30 seconds or so. I have SELinux set to enforcing and targeted mode. If I do a getenforce on the command line it returns enforcing.Dec 1 12:31:03 dev kernel: audit(1165005063.015:258313): avc: denied { getattr } for pid=31342 comm="snmpd" name="/" dev=sda3 ino=2 scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:home_root_t tclass=dirI need help deciphering what is happening. I have a snmpd daemon running that responds to queries from a Nagios host that performs service checks.
grep snmpd_t /var/log/audit/audit.log | audit2allow -M mysnmp And load your own custom policy.
Thanks in advance. Denise Lopez UCLA Center for Digital Humanities Network Services Systems Engineer 337 Charles E. Young Drive East PPB 1020 Los Angeles, CA 90095 310/206-8216 ------------------------------------------------------------------------ -- fedora-selinux-list mailing list fedora-selinux-list redhat com https://www.redhat.com/mailman/listinfo/fedora-selinux-list