Friday, January 11, 2008

enable snmptrapd to work with selinux under Fedora Core 3

Purpose: to make HP ILO to send out snmp trap to snmp trap server running snmptrapd, through which, to send out email using snmptraptoemail function.

  1. enable snmptrapd to work with selinux first
  • download selinux-policy-targeted-sources-1.17.30-2.19.noarch.rpm then install it using rpm -ivh , after that, run the following commands
[root@mail policy]# pwd
/etc/selinux/targeted/src/policy
[root@mail policy]# dmesg |audit2allow
allow snmpd_t bin_t:dir { search };
allow snmpd_t device_t:sock_file { write };
allow snmpd_t snmpd_t:fifo_file { write };

then put the above lines to domains /etc/selinux/targeted/src/policy/domains/misc/local.te, after that, under policy folder, then 'make load'
finally, restart snmptrapd service before testing sending test snmp alert from ILO web interface.

2. how to setup snmptrap to email?
[root@mail snmp]# more /etc/snmp/snmptrapd.conf
traphandle default /usr/bin/perl /usr/bin/traptoemail -s localhost -f hpsnmptrap@yourdomain.com youremailaddress

You can put multiple lines for above snmptrapd.conf configuration

3. go to ILO - Administration - SNMP/ Insight Manager Setting to enable SNMP ILO Alert and put your snmp trap server IP address, send test alert out now.

No comments: