It looks like the rec_control line your snmpd.conf is triggering the problem. Likely the snmd subsystem starts rec_control as a user that does not have permission to write into /var/run/pdns-recursor.
You can try disabling (by commenting it out) the
extend pdns-rec /usr/local/bin/pdns_stats
line or, if you really need it, change the permissions of the
/var/run/pdns-recursor dir to include rwx for others.
Not that the latter might have security implications on your system. You
must decide if that is OK for you,
-Otto
On 2020-01-09 06:24, Sharone wrote:
> Hello Steve,
>
> I appreciate your response. Below is what is inside
> /etc/snmp/snmpd.conf file
>
> /rocommunity public
> syslocation "Data Center"
> syscontact ad...@techs.co.ug <mailto:ad...@techs.co.ug>
> createUser admin SHA admin123! AES admin123!
> rouser admin authPriv
> extend pdns-rec /usr/local/bin/pdns_stats
> agentAddress udp:161,udp6:[::1]:161/
> /
> /
> //
> /etc/default/snmpd
> /
> /
> /# This file controls the activity of snmpd
>
> # Don't load any MIBs by default.
> # You might comment this lines once you have the MIBs downloaded.
> export MIBS=
>
> # snmpd control (yes means start daemon).
> SNMPDRUN=yes
>
> # snmpd options (use syslog, close stdin/out/err).
> SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I
> -smux,mteTrigger,mteTriggerConf -p /run/snmpd.pid'/
> /
> /
> snmp service status/
> /
> /
> /
> /# systemctl status snmpd.service
> ● snmpd.service - LSB: SNMP agents
> Loaded: loaded (/etc/init.d/snmpd; bad; vendor preset: enabled)
> Active: active (running) since Thu 2020-01-09 08:24:04 EAT; 4s ago
> Docs: man:systemd-sysv-generator(8)
> Process: 694 ExecStop=/etc/init.d/snmpd stop (code=exited,
> status=0/SUCCESS)
> Process: 703 ExecStart=/etc/init.d/snmpd start (code=exited,
> status=0/SUCCESS)
> Tasks: 1
> Memory: 4.3M
> CPU: 66ms
> CGroup: /system.slice/snmpd.service
> └─710 /usr/sbin/snmpd -Lsd -Lf /dev/null -u snmp -g snmp -I
> -smux mteTrigger mteTriggerConf -p /run/snmpd.pid
>
> Jan 09 08:24:04 vdns-50 systemd[1]: Starting LSB: SNMP agents...
> Jan 09 08:24:04 vdns-50 snmpd[703]: * Starting SNMP services:
> Jan 09 08:24:04 vdns-50 systemd[1]: Started LSB: SNMP agents.
> Jan 09 08:24:04 vdns-50 snmpd[710]: NET-SNMP version 5.7.3
> /
>
> Regards,
> Sharone
>
>
> On Wed, 8 Jan 2020 at 22:35, Steve Shipway <steve.ship...@smxemail.com
> <mailto:steve.ship...@smxemail.com>> wrote:
>
> On Wed, 2020-01-08 at 09:20 +0300, Sharone wrote:
>> /# snmpwalk -v2c -c public localhost .1.3.6.1.4.1.8072.1.3.2.4.1.2
>> iso.3.6.1.4.1.8072.1.3.2.4.1.2.8.112.100.110.115.45.114.101.99.1 =
>> STRING: "Fatal: Unable to generate local temporary file in
>> directory '/var/run/pdns-recursor': Permission denied"/
>
> A couple of thoughts here . Either
> - SElinux is doing its magic and blocking - this should be logged in
> the syslog if so, or
> - Your SNMP is running with chroot enabled and
> /var/run/pdns-recursor doesn't exist in the chroot environment
> - rec_control is trying to generate a tmp file as the snmp user so
> doesn't have write permission.
> - Your SNMP daemon is using a temporary file for the rec_control
> output which it is trying to put in /var/run/pdns-recursor
>
> Being able to see your snmp daemon configuration would probably help
> with diagnosing this, so please post it here if possible.
>
> Steve
>
>
> --
> *Steve Shipway | *Senior Email Systems Administrator
> *Phone:* +64 9 302 0515 *Fax:* +64 9 302 0518
> *Freephone:* 0800 SMX SMX (769 769)
> *SMX Limited:* Level 10, 19 Victoria Street West, Auckland, New Zealand
> *Web:* http://smxemail.com <http://smxemail.com/>
>
> This email has been filtered by SMX. For more information
> visit smxemail.com <http://smxemail.com/>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users@mailman.powerdns.com <mailto:Pdns-users@mailman.powerdns.com>
> https://mailman.powerdns.com/mailman/listinfo/pdns-users
>
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users@mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users
>
--
kind regards,
Otto Moerbeek
PowerDNS Developer
Email: otto.moerb...@open-xchange.com
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
