Hi everyone,
I’m very new here (and the field in general), so I appreciate your patience if there’s a simple solution to this.
I am trying to test a simple echo 'Hi'
script in my /tmp
directory by having snmpwalk
print the output of the NET-SNMP-EXTEND-MIB
. I’ve decided to change this to /bin
, however. I configured the extend
directive in the appropriate snmpd.conf
to point to this script, and all the typical rwx permissions for the script look fine at first glance.
nsExtendCommand
shows the correct script mapped in the output of the snmpwalk
, but the nsExtendOutputFull
shows a blank string, with an nsExtendResult
of integer 1
. This leads me to believe there’s still something in the way of snmpwalk
getting to the script. I confimed this by putting the script in the /var/snap/net-snmp/27
directory, adjusting the extend
directive in the snmpd.conf
file to point to the script, and getting the desired output I’m looking for.
I’ve looked into AppArmor profiles that may be to blame, but the two that were sticking out to me (snap.net-snmp.snmpwalk
and snap.net-snmp.snmpd
) did not yield results when I added a /bin/script rix
access rule. I also tried temporarily disabling the profiles, but that caused the net-snmp service to go down (at least from the perspective of OpenNMS, which is the bigger project I’ve been trying to configure and test).
I’m now thinking it has to do with the snapcraft.yaml
configurations for the net-snmp package. Only the network
and network-bind
plugs show as configured in the snap connections net-snmp
output. I’ve read that configuring the system-files
interface would probably be necessary to let snmpwalk
access /bin
, is that correct? And if so, do I need to reinstall the whole package to manage this?
Any help would be appreciated!