Connie Sieh wrote: > Scientific Linux 4.0 for i386/x86 Release Candidate 2 April 5, 2005 Hi! I have installed RC2 on a soon-to-be internal firewall machine, with no problems during installation. The machine appears to be stable with one exception, so far: The snmpd daemon refuses to start, and is remarkably silent as to why. Machine details: ---------------- - P3 800MHz - BX chipset - 256MB RAM - 20GB IDE HD - Headless with neither CD, floppy, VGA nor sound - Installation performed using serial console as well as subsequent bootups. Works perfectly Problem details: ---------------- - Installed snmp rpms: net-snmp-libs-5.1.2-11.i386 net-snmp-utils-5.1.2-11.i386 net-snmp-devel-5.1.2-11.i386 net-snmp-5.1.2-11.i386 - uname -a: Linux gw2.alertir.net 2.6.9-5.0.3.EL #1 Fri Feb 18 13:27:27 CST 2005 i686 i686 i386 GNU/Linux - Using default /etc/snmp/snmpd.conf or locally tailored version makes no difference - SE-Linux in either permissive or enforcing mode, makes no difference - Trying to start snmpd via init-script (permissive selinux): [root@gw2 ~]# service snmpd start Starting snmpd: [ OK ] [root@gw2 ~]# service snmpd status snmpd dead but subsys locked [root@gw2 ~]# cat /var/log/snmpd.log [root@gw2 ~]# tail /var/log/messages | grep snmp Apr 15 11:36:37 gw2 kernel: audit(1113557797.171:0): avc: denied { read } for pid=2978 exe=/usr/sbin/snmpd name=config dev=hda2 ino=621981 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:selinux_config_t tclass=file Apr 15 11:36:37 gw2 kernel: audit(1113557797.287:0): avc: denied { getattr } for pid=2978 exe=/usr/sbin/snmpd path=/etc/selinux/config dev=hda2 ino=621981 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:selinux_config_t tclass=file Apr 15 11:36:37 gw2 snmpd: snmpd startup succeeded [root@gw2 ~]# - Manual strace of snmpd (permissive selinux): [root@gw2 ~]# strace /usr/sbin/snmpd execve("/usr/sbin/snmpd", ["/usr/sbin/snmpd"], [/* 21 vars */]) = 0 uname({sys="Linux", node="gw2.alertir.net", ...}) = 0 --- skipping many rows of output, keeping the last few --- read(3, "rootfs / rootfs rw 0 0\n/proc /pr"..., 1024) = 390 close(3) = 0 munmap(0xb7fff000, 4096) = 0 open("/var/log/snmpd.log", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb7ff1708) = 3001 --- SIGCHLD (Child exited) @ 0 (0) --- exit_group(0) = ? [root@gw2 ~]# Hmm. SIGCHLD following clone? Any ideas, anybody? Any more info from me that could be of use? Best regards, David Kinnvall Alert IR