LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (http://www.linuxquestions.org/questions/linux-software-2/)
-   -   Net-SNMP - Run a command as root with "extend" feature (http://www.linuxquestions.org/questions/linux-software-2/net-snmp-run-a-command-as-root-with-extend-feature-819702/)

gimpy530 07-13-2010 10:03 PM

Net-SNMP - Run a command as root with "extend" feature
 
Using the extend feature in snmpd.conf I can see the command is being ran as root but does not have root privs. Take this example of an snmpd.conf:

Code:

rocommunity whatev
extend .1.4 test0 /usr/bin/whoami
extend .1.4 test1 /bin/touch /root/foo

...which gives the following output on a walk that shows that it runs everything as root, but cannot write to a directory which is writable by root.

Code:

.1.4.3.1.1.5.116.101.115.116.48 = STRING: "root"
.1.4.3.1.1.5.116.101.115.116.49 = STRING: "/bin/touch: cannot touch `/root/foo': Permission denied"

Even if I simply have snmpd.conf run a script which uses sudo, it fails with the error "sudo: can't set runas group vector: Operation not permitted". A line like this in the snmpd.conf gives the same error:

Code:

extend .1.4 test1 /usr/bin/sudo /bin/touch /root/foo
Running the sudo commands in a normal BASH session works fine so this is a net-snmp issue.

How can I get root access?


All times are GMT -5. The time now is 07:57 AM.