Bug 153758 - snmpd exec not returning output
Summary: snmpd exec not returning output
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: net-snmp
Version: 4.0
Hardware: All
OS: Linux
Target Milestone: ---
: ---
Assignee: Radek Vokal
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2005-04-05 17:48 UTC by Steve Cleveland
Modified: 2007-11-30 22:07 UTC (History)
0 users

Clone Of:
Last Closed: 2005-05-09 09:13:01 UTC

Attachments (Terms of Use)

Description Steve Cleveland 2005-04-05 17:48:05 UTC
Description of problem:

Using the 'exec' keyword, you can run custom scripts and have the output
available in snmp queries.  However, after upgrading to rhel4 (from rhel3), I no
longer get the ouput.

Version-Release number of selected component (if applicable):


How reproducible:

Every time

Steps to Reproduce:

1. Create a simple shell script.
    echo "Test";
2. Save it to /usr/bin/mytest.  chmod a+x. Make sure you can run it manually.
3. Add this line to /etc/snmp/snmpd.conf:
    exec testing /usr/bin/mytest
4. Restart snmpd service
5. Run an snmp query:
    snmpwalk -v 2c -c <community> <host>
Actual results:

UCD-SNMP-MIB::extIndex.1 = INTEGER: 1
UCD-SNMP-MIB::extNames.1 = STRING: testing
UCD-SNMP-MIB::extCommand.1 = STRING: /usr/bin/mytest
UCD-SNMP-MIB::extResult.1 = INTEGER: 1
UCD-SNMP-MIB::extOutput.1 = STRING:
UCD-SNMP-MIB::extErrFix.1 = INTEGER: 0
UCD-SNMP-MIB::extErrFixCmd.1 = STRING:

Expected results:

UCD-SNMP-MIB::extOutput.1 = STRING: Test

Additional info:

This also occurs with custom OID's.  With custom OID's, the extOutput entry
(.101.1) doesn't even show up.

Comment 1 Steve Cleveland 2005-04-22 15:47:18 UTC
It turned out to be SELinux not allowing snmpd to execute anything.  Changing
selinux to permissive allowed snmp to work as expected.  Now I just need to read
up on selinux and figure out how to get them to work together.

Comment 2 Radek Vokal 2005-05-09 09:13:01 UTC
Yep, works same for me. SELinux retrains the output of the script so this only
needs SELinux audit tune-up. 

Note You need to log in before you can comment on or make changes to this bug.