Hi everyone,
I’m very new here (and the field in general), so I appreciate your patience if there’s a simple solution to this.
I am trying to test a simple echo 'Hi' script in my /tmp directory by having snmpwalk print the output of the NET-SNMP-EXTEND-MIB. I’ve decided to change this to /bin, however. I configured the extend directive in the appropriate snmpd.conf to point to this script, and all the typical rwx permissions for the script look fine at first glance.
nsExtendCommand shows the correct script mapped in the output of the snmpwalk, but the nsExtendOutputFull shows a blank string, with an nsExtendResult of integer 1. This leads me to believe there’s still something in the way of snmpwalk getting to the script. I confimed this by putting the script in the /var/snap/net-snmp/27 directory, adjusting the extend directive in the snmpd.conf file to point to the script, and getting the desired output I’m looking for.
I’ve looked into AppArmor profiles that may be to blame, but the two that were sticking out to me (snap.net-snmp.snmpwalk and snap.net-snmp.snmpd) did not yield results when I added a /bin/script rix access rule. I also tried temporarily disabling the profiles, but that caused the net-snmp service to go down (at least from the perspective of OpenNMS, which is the bigger project I’ve been trying to configure and test).
I’m now thinking it has to do with the snapcraft.yaml configurations for the net-snmp package. Only the network and network-bind plugs show as configured in the snap connections net-snmp output. I’ve read that configuring the system-files interface would probably be necessary to let snmpwalk access /bin, is that correct? And if so, do I need to reinstall the whole package to manage this?
Any help would be appreciated!