start > seLinux > Fix Problems
(2017-09-20)
… then it works.
Scroll down to the bottom; the last entry starts with:
Now when I enable enforcement and restart snmpd again, everything works.
Example Problem
I'm on a CentOS 7.4.1708 system. I copied /etc/snmp/snmpd.conf from another system. When I query snmpd, I get nothing back. If I issue a# setenforce 0
Troubleshooting
# yum -y install setroubeshoot < ten million RPMs install ># sealert -a /var/log/audit/audit.log | less
SELinux is preventing /usr/sbin/snmpd from getattr access on the file /etc/snmp/snmpd.conf.***** Plugin restorecon (99.5 confidence) suggests ************************If you want to fix the label. /etc/snmp/snmpd.conf default label should be etc_t. Then you can run restorecon. Do # /sbin/restorecon -v /etc/snmp/snmpd.conf
Solution
# /sbin/restorecon -v /etc/snmp/snmpd.conf /sbin/restorecon reset /etc/snmp/snmpd.conf context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:etc_t:s0
Commentary
That was much less painful than previous expeditions into selinux. It still isn't clear what's going on, but figuring out what's wrong and how to fix it quickly is much easier. It would be nice if the setroubleshoot tool didn't decide you needed a bunch of X dependencies though.
no comments |
post comment
Virtual Dave Megaplex:
Home Page- Planet Xdroop
- This wiki's start page
- Send Feedback To Dave
Click Here
(read this note about local search)Logged in Users: (0)
Recently Changed
Factory Reset- postgresql
- Connecting Multiple vDOMs to the same VLAN
- Remove Spaces In Filenames
- Change HELO name
- FortiClient Registering To FortiGate
- VPN Flapping Leads To Bogus Routing
- debug session
- debug flow
- SSL VPN logs out after 8 hours
- Switching Table
- Spanning Tree
- Connect to a Cisco SG500-52
- tftp-server
- Self-Signed Certificates
- Sysadmin Bag 2011
- SSH2_MSG_UNIMPLEMENTED
- debug sniffer
- Fixing Sync Problems
- Identify a VM by IP address
- Interface Flow Control
- VLAN interfaces from command line
- chroot sftp logging
- DHCP Only
- Read A SSL Certificate Details
- Fix Problems
- v3 example
- change user password
- list users
- dotfiles
Editing: snipsnap-help, Image Macro(Et auditum est, et idcirco ego nunc simulare)Installed 7 years and 102 days ago
Powered By
SnipSnap Version 1.0b1-uttoxeter
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.