LISTSERV - SCIENTIFIC-LINUX-DEVEL Archives

> Apr 15 11:36:37 gw2 kernel: audit(1113557797.171:0): avc:  denied  { read } for  pid=2978 exe=/usr/sbin/snmpd name=config dev=hda2 ino=621981 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:selinux_config_t tclass=file
> Apr 15 11:36:37 gw2 kernel: audit(1113557797.287:0): avc:  denied  { getattr } for  pid=2978 exe=/usr/sbin/snmpd path=/etc/selinux/config dev=hda2 ino=621981 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:selinux_config_t tclass=file
> Apr 15 11:36:37 gw2 snmpd: snmpd startup succeeded
> [root@gw2 ~]# 
> 
> - Manual strace of snmpd (permissive selinux):
> 
> [root@gw2 ~]# strace /usr/sbin/snmpd 

strace -f .... ?

per the audit message, this could be the policy patch mentioned at 
http://www.nsa.gov/selinux/list-archive/0411/9591.cfm

Regards
Jan