LISTSERV - SCIENTIFIC-LINUX-DEVEL Archives

SCIENTIFIC-LINUX-DEVEL Archives

April 2005

SCIENTIFIC-LINUX-DEVEL@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-DEVEL Home
	SCIENTIFIC-LINUX-DEVEL April 2005

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Release Candidate 2 for SL 4.x i386 and x86_64 now available for testing
From:	David Kinnvall <[log in to unmask]>
Reply To:	David Kinnvall <[log in to unmask]>
Date:	Fri, 15 Apr 2005 10:46:48 +0100
Content-Type:	text/plain
Parts/Attachments:	text/plain (73 lines)

Connie Sieh wrote:
> Scientific Linux 	4.0  for i386/x86 Release Candidate 2	April 5, 2005

Hi!

I have installed RC2 on a soon-to-be internal firewall machine,
with no problems during installation. The machine appears to be
stable with one exception, so far: The snmpd daemon refuses to
start, and is remarkably silent as to why.

Machine details:
----------------
- P3 800MHz
- BX chipset
- 256MB RAM
- 20GB IDE HD
- Headless with neither CD, floppy, VGA nor sound
- Installation performed using serial console as well as
  subsequent bootups. Works perfectly

Problem details:
----------------
- Installed snmp rpms:
  net-snmp-libs-5.1.2-11.i386
  net-snmp-utils-5.1.2-11.i386
  net-snmp-devel-5.1.2-11.i386
  net-snmp-5.1.2-11.i386

- uname -a:
  Linux gw2.alertir.net 2.6.9-5.0.3.EL #1 Fri Feb 18 13:27:27 CST 2005 i686 i686 i386 GNU/Linux

- Using default /etc/snmp/snmpd.conf or locally tailored version
  makes no difference

- SE-Linux in either permissive or enforcing mode, makes no difference

- Trying to start snmpd via init-script (permissive selinux):

[root@gw2 ~]# service snmpd start
Starting snmpd: [  OK  ]
[root@gw2 ~]# service snmpd status
snmpd dead but subsys locked
[root@gw2 ~]# cat /var/log/snmpd.log 
[root@gw2 ~]# tail /var/log/messages | grep snmp
Apr 15 11:36:37 gw2 kernel: audit(1113557797.171:0): avc:  denied  { read } for  pid=2978 exe=/usr/sbin/snmpd name=config dev=hda2 ino=621981 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:selinux_config_t tclass=file
Apr 15 11:36:37 gw2 kernel: audit(1113557797.287:0): avc:  denied  { getattr } for  pid=2978 exe=/usr/sbin/snmpd path=/etc/selinux/config dev=hda2 ino=621981 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:selinux_config_t tclass=file
Apr 15 11:36:37 gw2 snmpd: snmpd startup succeeded
[root@gw2 ~]# 

- Manual strace of snmpd (permissive selinux):

[root@gw2 ~]# strace /usr/sbin/snmpd 
execve("/usr/sbin/snmpd", ["/usr/sbin/snmpd"], [/* 21 vars */]) = 0
uname({sys="Linux", node="gw2.alertir.net", ...}) = 0
--- skipping many rows of output, keeping the last few ---
read(3, "rootfs / rootfs rw 0 0\n/proc /pr"..., 1024) = 390
close(3)                                = 0
munmap(0xb7fff000, 4096)                = 0
open("/var/log/snmpd.log", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb7ff1708) = 3001
--- SIGCHLD (Child exited) @ 0 (0) ---
exit_group(0)                           = ?
[root@gw2 ~]# 


Hmm. SIGCHLD following clone? Any ideas, anybody? Any more info from
me that could be of use?

Best regards,

David Kinnvall
Alert IR

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV