Bug 163928 - Can't start snmptrapd anymore
Summary: Can't start snmptrapd anymore
Keywords:
Status: CLOSED DUPLICATE of bug 161833
Alias: None
Product: Fedora
Classification: Fedora
Component: beecrypt
Version: 3
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Paul Nasrat
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-07-22 01:20 UTC by Alfred Ganz
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-07-22 16:36:28 UTC
Type: ---


Attachments (Terms of Use)

Description Alfred Ganz 2005-07-22 01:20:35 UTC
Description of problem:
I used to be able to start snmptrapd, definitely with the original release of
FC3, but no longer with the latest FC3 updates. I am not able to determine when
the problem started unfortunately.
I am running with vanilla targeted policy, no modifications after install, just
reboot. 
I assume that snmptrapd isn't allowed to have the dynamic library in question,
but I don't really understand the audit error message and what to do about it.
I tried to start several earlier versions of snmptrapd (starting with the cdrom
version), but always get the same errors.

Version-Release number of selected component (if applicable):
net-snmp-5.2.1.2-FC3.1, selinux-policy-targeted-1.17.30-3.16,
policycoreutils-1.18.1-2.12
 
How reproducible:
Always

Steps to Reproduce:
1./etc/init.d/snmptrapd start
2.Note, you would need some configuration, but you never get there
3.
 
Actual results:
The logs show:  
Jul 21 21:06:48 network kernel: audit(1121994408.952:4): avc:  denied  { execmem
} for  pid=6942 comm="snmptrapd" scontext=root:system_r:snmpd_t
tcontext=root:system_r:snmpd_t tclass=process
Jul 21 21:06:48 network snmptrapd: /usr/sbin/snmptrapd: error while loading
shared libraries: libbeecrypt.so.6: cannot enable executable stack as shared
object requires: Permission denied

Expected results:
With proper configuration files the daemon is started and does its thing.

Additional info:
Please let me know what you need.

Thanks, AG

Comment 1 Daniel Walsh 2005-07-22 11:56:18 UTC
Try execstack -c libbeecrypt.so.6

Comment 2 Alfred Ganz 2005-07-22 14:47:15 UTC
Yes this worked, thank you!

But why are you building traps for me without sending out some sort of warning,
nowhere in the updates for selinux did I see a warning that this might happen
with the latest targeted ploicy.

Comment 3 Paul Nasrat 2005-07-22 16:36:28 UTC

*** This bug has been marked as a duplicate of 161833 ***


Note You need to log in before you can comment on or make changes to this bug.