Hello all,
I've been messing around with the RHEL 4 installation of Net-SNMP and after reading the docs ( man snmpd.conf ) I've tried to monitor the disks on my system. Its been failing miserably with "token" errors. I guessed that I need to compile my own version of net-snmp so I did and did so with these options.
./configure --with-perl-modules --with-mib-modules="disman/event-mib"
I was hoping that by using this it would work but now I'm getting slightly different errors. Seems like progress though.
Dec 15 14:45:20 w72l-tux kernel: audit(1134675920.917:0): avc: denied { getattr } for pid=9101 exe=/usr/sbin/snmpd path=/home dev=hda4 ino=2 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:home_root_t tclass=dir
I really have no idea what it is complaining about. Can anybody tell me ? Here is my snmpd.conf
###########################################################################
#
# snmpd.conf
#
# - created by the snmpconf configuration program
#
###########################################################################
# SECTION: Trap Destinations
#
# Here we define who the agent will send traps to.
# trap2sink: A SNMPv2c trap receiver
# arguments: host [community] [portnum]
trap2sink netcool
trap2sink 209.243.240.105
# informsink: A SNMPv2c inform (acknowledged trap) receiver
# arguments: host [community] [portnum]
informsink 209.243.240.105
# trapcommunity: Default trap sink community to use
# arguments: community-string
trapcommunity SPG-UnxVisi0n
trapcommunity public
# authtrapenable: Should we send traps when authentication failures occur
# arguments: 1 | 2 (1 = yes, 2 = no)
authtrapenable 1
###########################################################################
# SECTION: System Information Setup
#
# This section defines some of the information reported in
# the "system" mib group in the mibII tree.
# syslocation: The [typically physical] location of the system.
# Note that setting this value here means that when trying to
# perform an snmp SET operation to the sysLocation.0 variable will make
# the agent return the "notWritable" error code. IE, including
# this token in the snmpd.conf file will disable write access to
# the variable.
# arguments: location_string
syslocation "Siemens Power Generation"
# syscontact: The contact information for the administrator
# Note that setting this value here means that when trying to
# perform an snmp SET operation to the sysContact.0 variable will make
# the agent return the "notWritable" error code. IE, including
# this token in the snmpd.conf file will disable write access to
# the variable.
# arguments: contact_string
syscontact "PG IT Root [EMAIL PROTECTED]"
###########################################################################
# SECTION: Monitor Various Aspects of the Running Host
#
# The following check up on various aspects of a host.
# disk: Check for disk space usage of a partition.
# The agent can check the amount of available disk space, and make
# sure it is above a set limit.
#
# disk PATH [MIN=100000]
#
# PATH: mount path to the disk in question.
# MIN: Disks with space below this value will have the Mib's errorFlag set.
# Can be a raw byte value or a percentage followed by the %
# symbol. Default value = 100000.
#
# The results are reported in the dskTable section of the UCD-SNMP-MIB tree
disk /home 90%
agentSecName internal
rouser internal
monitor -o dskPath -o dskErrorMsg "dskTable" dskErrorFlag != 0
#monitor -u root -i -r 30 -o dskPath.1 -o dskErrorMsg.1 "home file system" dskErrorFlag.1 !=0
# load: Check for unreasonable load average values.
# Watch the load average levels on the machine.
#
# load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
#
# 1MAX: If the 1 minute load average is above this limit at query
# time, the errorFlag will be set.
# 5MAX: Similar, but for 5 min average.
# 15MAX: Similar, but for 15 min average.
#
# The results are reported in the laTable section of the UCD-SNMP-MIB tree
# load 5.5 5.5 5.5
###########################################################################
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# rocommunity: a SNMPv1/SNMPv2c read-only access community name
# arguments: community [default|hostname|network/bits] [oid]
rocommunity xxxx localhost
rocommunity xxxx pg-mon-01
rocommunity xxxx pg-mon-02
rocommunity xxxx pg-mon-03
rocommunity xxxx pg-mon-04
rocommunity xxxx pg-mon-05
rocommunity xxxx pg-mon-06
rocommunity xxxx pg-mon-07
rocommunity xxxx pg-mon-08
rocommunity xxxx pg-mon-09
rocommunity xxxx pg-mon-10
rocommunity xxxx netcool
rocommunity xxxx nnm
rocommunity xxxx ehealth
Jack