Re: snmpd proc monitoring problem

Carlos Pastorino wrote: >Hello, > >I've inserted the following line on my /etc/snmpd.conf file: > > proc sshd > >Then I executed the following command: > >snmpwalk -On -v2c -c public localhost .1.3.6.1.4.1.2021.2.1 > >and got the answer: > >.1.3.6.1.4.1.2021.2.1.1.1 = INTEGER: 1 >.1.3.6.1.4.1.2021.2.1.2.1 = STRING: sshd >.1.3.6.1.4.1.2021.2.1.3.1 = INTEGER: 0 >.1.3.6.1.4.1.2021.2.1.4.1 = INTEGER: 0 >.1.3.6.1.4.1.2021.2.1.5.1 = INTEGER: 0 >.1.3.6.1.4.1.2021.2.1.100.1 = INTEGER: 1 >.1.3.6.1.4.1.2021.2.1.101.1 = STRING: No sshd process running. >.1.3.6.1.4.1.2021.2.1.102.1 = INTEGER: 0 >.1.3.6.1.4.1.2021.2.1.103.1 = STRING: > >But, if I execute the command below: > >setenforce 0 > >I get the correct answer: > >.1.3.6.1.4.1.2021.2.1.1.1 = INTEGER: 1 >.1.3.6.1.4.1.2021.2.1.2.1 = STRING: sshd >.1.3.6.1.4.1.2021.2.1.3.1 = INTEGER: 0 >.1.3.6.1.4.1.2021.2.1.4.1 = INTEGER: 0 >.1.3.6.1.4.1.2021.2.1.5.1 = INTEGER: 2 >.1.3.6.1.4.1.2021.2.1.100.1 = INTEGER: 0 >.1.3.6.1.4.1.2021.2.1.101.1 = STRING: >.1.3.6.1.4.1.2021.2.1.102.1 = INTEGER: 0 >.1.3.6.1.4.1.2021.2.1.103.1 = STRING: > >The problem is, nothing shows up on /var/log/messages to allow me to >figure out how to tweak the >/etc/selinux/targeted/src/policy/domains/program/snmpd.te file. > >Any hints? > >Regards, > >Carlos > >-- >fedora-selinux-list mailing list >fedora-selinux-list(a)redhat.com >http://www.redhat.com/mailman/listinfo/fedora-selinux-list > > You are being bitten by a dontaudit rule. To disable dont audits cd /etc/selinux/targeted/src/policy make enableaudit make load The culprit line is the following. dontaudit snmpd_t domain:dir { getattr search }; If you change this to allow you will get further. --