I have a CentOS machine that has selinux in enforcing/targeted mode and is monitored with snmp checks by nagios successfully. The SE boolean value for snmpd_disable_trans is off on my machine and I can still query snmp. I would recommend the following: . check the firewall/iptables rules for udp port 161 . enable logging in iptables to see if the firewall is dropping packets (requires more work) . check the source and string under the com2sec definition in snmpd.conf . check the view definition in snmpd.conf, defaults are a bit restrictive . try using the setroubleshoot browser to see if any snmpd related warnings pop up. These warnings can include a section called Allowing Access.
-Giovanni Satish Patel wrote: > I already used this option its not working. > > ----- Original Message ----- From: "Giovanni Torres" > <torre...@ninds.nih.gov> > To: <nagios-users@lists.sourceforge.net> > Sent: Wednesday, March 04, 2009 10:50 AM > Subject: Re: [Nagios-users] SELinux problem for SNMP > > >> $ getsebool -a | grep snmpd >> snmpd_disable_trans --> off >> >> $ setsebool -P snmpd_disable_trans 1 >> >> $ getsebool snmpd_disable_trans >> snmpd_disable_trans --> on >> >> Let me know if that helps you out. >> >> Thanks, >> Giovanni >> >> Satish Patel wrote: >> > I have a selinx its running under default policy. i want SELinux >> disable for SNMP daemon thats it.. if any one know about how to disable >> for snmpd please let me know. >> > >> > I have tried to found on SELinux mailing list as well but not gave >> any appropriate answer. >> > >> > ----- Original Message ----- From: "Lee Azzarello" <l...@dropio.com> >> > To: <nagios-users@lists.sourceforge.net> >> > Sent: Thursday, February 26, 2009 12:09 PM >> > Subject: Re: [Nagios-users] SELinux problem for SNMP >> > >> > >> >> I believe your question would be better served on a list related to >> SELinux. >> >> >> >> In my experience SELinux is overkill for anything but the most >> >> paranoid security situations. Without a complete understanding of your >> >> entire security landscape, you'll just end up fighting with your own >> >> systems because SELinux is protecting them from you. >> >> >> >> -lee >> >> >> >> On Thu, Feb 26, 2009 at 9:45 AM, Satish Patel <sat...@linuxbug.org> >> wrote: >> >>> Hi, >> >>> >> >>> I have RHEL 5 Box with SELinux enforceing mode now what happend when >> >>> my nagios box trying to use snmp to get CPU load its working fine. >> but >> >>> when it trying to use DISK and MEM infor its failed not response. >> even >> >>> this same plugin working with all my linux client ubuntu, debian, >> >>> Redhat not problem with plugin but i found problem related to SELinux >> >>> and i dont want to Disable it so what is the other option and how i >> >>> can disable snmp policy in SELinux to make happy my nagios? >> >>> >> >>> >> >>> Regards, >> >>> >> >>> Satish Patel >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> ------------------------------------------------------------------------------ >> >> >> >>> Open Source Business Conference (OSBC), March 24-25, 2009, San >> Francisco, CA >> >>> -OSBC tackles the biggest issue in open source: Open Sourcing the >> Enterprise >> >>> -Strategies to boost innovation and cut costs with open source >> participation >> >>> -Receive a $600 discount off the registration fee with the source >> code: SFAD >> >>> http://p.sf.net/sfu/XcvMzF8H >> >>> _______________________________________________ >> >>> Nagios-users mailing list >> >>> Nagios-users@lists.sourceforge.net >> >>> https://lists.sourceforge.net/lists/listinfo/nagios-users >> >>> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> >>> ::: Messages without supporting info will risk being sent to >> /dev/null >> >>> >> >> >> ------------------------------------------------------------------------------ >> >> >> >> Open Source Business Conference (OSBC), March 24-25, 2009, San >> Francisco, CA >> >> -OSBC tackles the biggest issue in open source: Open Sourcing the >> Enterprise >> >> -Strategies to boost innovation and cut costs with open source >> participation >> >> -Receive a $600 discount off the registration fee with the source >> code: SFAD >> >> http://p.sf.net/sfu/XcvMzF8H >> >> _______________________________________________ >> >> Nagios-users mailing list >> >> Nagios-users@lists.sourceforge.net >> >> https://lists.sourceforge.net/lists/listinfo/nagios-users >> >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> >> ::: Messages without supporting info will risk being sent to /dev/null >> >> >> > >> > >> > >> ------------------------------------------------------------------------------ >> >> >> > Open Source Business Conference (OSBC), March 24-25, 2009, San >> Francisco, CA >> > -OSBC tackles the biggest issue in open source: Open Sourcing the >> Enterprise >> > -Strategies to boost innovation and cut costs with open source >> participation >> > -Receive a $600 discount off the registration fee with the source >> code: SFAD >> > http://p.sf.net/sfu/XcvMzF8H >> > _______________________________________________ >> > Nagios-users mailing list >> > Nagios-users@lists.sourceforge.net >> > https://lists.sourceforge.net/lists/listinfo/nagios-users >> > ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. ::: Messages without supporting info will risk >> being sent to /dev/null >> >> >> >> ------------------------------------------------------------------------------ >> >> >> Open Source Business Conference (OSBC), March 24-25, 2009, San >> Francisco, CA >> -OSBC tackles the biggest issue in open source: Open Sourcing the >> Enterprise >> -Strategies to boost innovation and cut costs with open source >> participation >> -Receive a $600 discount off the registration fee with the source >> code: SFAD >> http://p.sf.net/sfu/XcvMzF8H >> _______________________________________________ >> Nagios-users mailing list >> Nagios-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to /dev/null >> > -- Giovanni Torres Network Administrator Contractor - Kelly Services NINDS, NMR Center National Institutes of Health 301-402-3110 ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
