Hello,
I am trying to use SNMP on a CentOS 6.2 server, and am using the 'pass_persist' configuration command:
pass_persist .1.3.6.1.4.1.141.1 /usr/local/sbin/snmp-iostat
I have set the file context of 'snmpd_exec_t' on the snmp-iostat program.
If I disable SELinux, then it all works fine (that is, I can then snmpget/snmpwalk for OIDs in the configured pass_persist OID, and values are returned). If I enable SELinux and start the snmpd daemon, as root, from the command line, then again it all works fine. However, if I enable SELinux, and startup the SNMP daemon using the 'service' command, as occurs at system boot, then I get no values returned. I get, for example:
snmpwalk -v 2c -c public localhost enterprises.141.1.1.10 SNMPv2-SMI::enterprises.141.1.1.10 = No Such Instance currently exists at this OID
(Yes I am using the enterprise number 141 which doesn't belong to us. I have applied for a site enterprise number, but heard nothing yet.)
I really don't want to disable SELinux completely, but 'getsebool' shows no variables relating to SNMP so I am a bit stuck as to how I can get this to work. I also don't understand why it works with SELinux enabled when started from the command line, but not when started by the 'service' command. That seems very odd.
Anyone any ideas about this?
Thanks,
John.