Hi Jan!

Jan Iven wrote:
>>Apr 15 11:36:37 gw2 kernel: audit(1113557797.171:0): avc:  denied  { read } for  pid=2978 exe=/usr/sbin/snmpd name=config dev=hda2 ino=621981 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:selinux_config_t tclass=file
>>Apr 15 11:36:37 gw2 kernel: audit(1113557797.287:0): avc:  denied  { getattr } for  pid=2978 exe=/usr/sbin/snmpd path=/etc/selinux/config dev=hda2 ino=621981 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:selinux_config_t tclass=file
>>Apr 15 11:36:37 gw2 snmpd: snmpd startup succeeded
>>[root@gw2 ~]# 
>>
>>- Manual strace of snmpd (permissive selinux):
>>
>>[root@gw2 ~]# strace /usr/sbin/snmpd 
> 
> strace -f .... ?

Yeah, that produced more output from the forked child process,
which dies from a segfault.

> per the audit message, this could be the policy patch mentioned at 
> http://www.nsa.gov/selinux/list-archive/0411/9591.cfm

Hmm...yes, could be. Should not be the cause of the startup problem
in this case, though, since I run SE-Linux in permissive mode, right?

Oh...found the cause for my problem: I forgot to mention (sorry) that
I also run lm_sensors against the probes that are integrated on the
motherboard. When testing to disable as much as possible of not really
critical stuff, especially modules, I find that disabling lm_sensors
indeed allows snmpd to start normally.

Guess I will have to try to figure out the reason for lm_sensors to
cause this problem in the first place... Hmm: Seems to have been a
misconfiguration where two separate sensor-modules ended up being
loaded due to both of them supporting the sensor chips. Disabling one
of them allows both lm_sensors and snmpd to start normally. Solved!

So: This was an administrator error. I will go away and hide now...

> Regards
> Jan

Thanks!
David