roblems with AVC in setting up snmpd

Yong Lee ylee at neltura.com
Thu Feb 2 06:24:43 UTC 2006 

Hi all,

I think this is just a configuration/policy issue and i would appreciate
any advice you can send my way.  I am trying to play around with the
snmpd daemon on my machine to set up some network monitoring.  In doing
this, i have configured the sndmpd.conf file using the 'snmpconf' tool
and then i started the agent: 

service snmpd start

I query the agent with snmpwalk and i get back some results but in the
message log for the snmp machine with snmpd, i see the message log
outputting many log lines dealing with AVC permission issues.  Following
is a snippet of the logs that I am seeing :

Feb  1 21:50:24 yongs kernel: audit(1138859423.574:136900): avc:  denied
{ read } for  pid=16748 comm="snmpd" name="tmp" dev=dm-0 ino=9093496
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:usr_t
tclass=lnk_file
Feb  1 21:50:24 yongs kernel: audit(1138859423.574:136901): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="tmp" dev=dm-0 ino=18825217
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:tmp_t
tclass=dir
Feb  1 21:50:24 yongs kernel: audit(1138859423.575:136902): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="tmp" dev=dm-0 ino=22003716
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:tmp_t
tclass=dir
Feb  1 21:50:24 yongs kernel: audit(1138859423.575:136903): avc:  denied
{ read } for  pid=16748 comm="snmpd" name="tmp" dev=dm-0 ino=9093496
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:usr_t
tclass=lnk_file
Feb  1 21:50:24 yongs kernel: audit(1138859423.575:136904): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="tmp" dev=dm-0 ino=18825217
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:tmp_t
tclass=dir
Feb  1 21:50:24 yongs kernel: audit(1138859423.575:136905): avc:  denied
{ search } for  pid=16748 comm="snmpd" name="net" dev=proc
ino=-268435348 scontext=root:system_r:snmpd_t
tcontext=system_u:object_r:sysctl_net_t tclass=dir
Feb  1 21:50:24 yongs kernel: audit(1138859423.575:136906): avc:  denied
{ search } for  pid=16748 comm="snmpd" name="net" dev=proc
ino=-268435348 scontext=root:system_r:snmpd_t
tcontext=system_u:object_r:sysctl_net_t tclass=dir
Feb  1 21:50:24 yongs kernel: audit(1138859423.576:136907): avc:  denied
{ search } for  pid=16748 comm="snmpd" name="net" dev=proc
ino=-268435348 scontext=root:system_r:snmpd_t
tcontext=system_u:object_r:sysctl_net_t tclass=dir
Feb  1 21:50:24 yongs kernel: audit(1138859423.576:136908): avc:  denied
{ search } for  pid=16748 comm="snmpd" name="net" dev=proc
ino=-268435348 scontext=root:system_r:snmpd_t
tcontext=system_u:object_r:sysctl_net_t tclass=dir
Feb  1 21:50:24 yongs kernel: audit(1138859423.576:136909): avc:  denied
{ search } for  pid=16748 comm="snmpd" name="net" dev=proc
ino=-268435348 scontext=root:system_r:snmpd_t
tcontext=system_u:object_r:sysctl_net_t tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.011:136931): avc:  denied
{ signull } for  pid=16748 comm="snmpd" scontext=root:system_r:snmpd_t
tcontext=user_u:system_r:unconfined_t tclass=process
Feb  1 21:51:18 yongs kernel: audit(1138859478.011:136932): avc:  denied
{ signull } for  pid=16748 comm="snmpd" scontext=root:system_r:snmpd_t
tcontext=user_u:system_r:unconfined_t tclass=process
Feb  1 21:51:18 yongs kernel: audit(1138859478.011:136933): avc:  denied
{ signull } for  pid=16748 comm="snmpd" scontext=root:system_r:snmpd_t
tcontext=user_u:system_r:unconfined_t tclass=process
Feb  1 21:51:18 yongs kernel: audit(1138859478.011:136934): avc:  denied
{ signull } for  pid=16748 comm="snmpd" scontext=root:system_r:snmpd_t
tcontext=root:system_r:unconfined_t tclass=process
Feb  1 21:51:18 yongs kernel: audit(1138859478.015:136935): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=usbfs ino=1213
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.015:136936): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=sda1 ino=2
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:boot_t
tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.015:136937): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=binfmt_misc
ino=4359 scontext=root:system_r:snmpd_t
tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.018:136938): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=usbfs ino=1213
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.019:136939): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=sda1 ino=2
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:boot_t
tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.019:136940): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=binfmt_misc
ino=4359 scontext=root:system_r:snmpd_t
tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.023:136941): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=usbfs ino=1213
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.023:136942): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=sda1 ino=2
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:boot_t
tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.024:136943): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=binfmt_misc
ino=4359 scontext=root:system_r:snmpd_t
tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.027:136944): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=usbfs ino=1213
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.027:136945): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=sda1 ino=2
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:boot_t
tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.027:136946): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=binfmt_misc
ino=4359 scontext=root:system_r:snmpd_t
tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.030:136947): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=usbfs ino=1213
scontext=root:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
Feb  1 21:51:18 yongs kernel: audit(1138859478.030:136948): avc:  denied
{ getattr } for  pid=16748 comm="snmpd" name="/" dev=sda1 ino=2
scontext:

I am using the default policies with RHEL4, 

Linux yongs 2.6.9-22.0.2.ELsmp #1 SMP Thu Jan 5 17:13:01 EST 2006 i686
i686 i386 GNU/Linux

I am trying to run snmpd with the process and disk monitoring

I am using the following snmp versions :
net-snmp-libs-5.1.2-11.EL4.6
net-snmp-5.1.2-11.EL4.6
net-snmp-utils-5.1.2-11.EL4.6

More information about the redhat-list mailing list