-   Linux - Software (
-   -   Net-SNMP - Run a command as root with "extend" feature (

gimpy530 07-13-2010 10:03 PM

Net-SNMP - Run a command as root with "extend" feature
Using the extend feature in snmpd.conf I can see the command is being ran as root but does not have root privs. Take this example of an snmpd.conf:


rocommunity whatev
extend .1.4 test0 /usr/bin/whoami
extend .1.4 test1 /bin/touch /root/foo

...which gives the following output on a walk that shows that it runs everything as root, but cannot write to a directory which is writable by root.


. = STRING: "root"
. = STRING: "/bin/touch: cannot touch `/root/foo': Permission denied"

Even if I simply have snmpd.conf run a script which uses sudo, it fails with the error "sudo: can't set runas group vector: Operation not permitted". A line like this in the snmpd.conf gives the same error:


extend .1.4 test1 /usr/bin/sudo /bin/touch /root/foo
Running the sudo commands in a normal BASH session works fine so this is a net-snmp issue.

How can I get root access?

All times are GMT -5. The time now is 01:12 PM.