Problems with snmptrapd.conf

[pluscarden]

I am running snmptrapd version 5.1.2 on a server with Linux ES 4 installed.

I have configured the /etc/snmp/snmptrapd.conf file to call a script for all incoming traps :

traphandle default /usr/sbin/snmptthandler

But whenever a trap is sent to my server the above script is not run. Instead, the following error message is being logged in /var/log/messages:

Sep 5 15:48:00 hnsrnoh1 kernel: audit(1157467680.732:0): avc: denied { write } for pid=23819 exe=/usr/sbin/snmptrapd path=pipe:[486588] dev=pipefs ino=486588 scontext=root:system_r:snmpd_ttcontext=root:system_r:snmpd_t tclass=fifo_file

I have tried it with different scripts and get exactly the same result.

Has anyone any ideas what the problem could be?

 

[pluscarden]

Problem solved! Those messages relate to SELinux which is apparently some kind of new prototype security feature shipped with later releases of RedHat Linux. I just disabled it...and things starting working.

But I understand I could of equally amended the policy settings to remove the restrictions affecting snmptrapd.