semodule - global requirements not met

Trying to fix an issue with snmp, I started by building an snmp module using audit2allow. It kept failing to load, and the error message is a little cryptic...


[root@host thomas]# semodule -i snmp.pp
libsepol.print_missing_requirements: snmp's global requirements were not met: type/attribute snmpd_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory).
semodule: Failed!

The .te file for the module looks like this:


module snmp 1.0;

require {
type var_log_t;
type snmpd_t;
class file read;
}

#============= snmpd_t ==============
allow snmpd_t var_log_t:file read;

Fix is simple enough, it's the error message that's a bit misleading...it's just that there already is an snmp module loaded.


[root@host thomas]# semodule -l |grep snmp
snmp 1.10.2

I just changed the module name to my-snmp and it works fine.

[root@host thomas]# semodule -l |grep snmp
my-snmp 1.0
snmp 1.10.2

About the Author...

Slides from LISA 2019 Linux systems troubleshooting #LISA2019 https://t.co/D4dMKflK6R Tue Oct 29 05:59:30 +0000 2019

https://t.co/AGeihMALAv configuring grub2 with EFI Fri Sep 13 05:20:01 +0000 2019

I published a Thing on @thingiverse! https://t.co/IYpRyEb7Hz #thingalert Tue Jul 23 19:27:57 +0000 2019

Nokogiri install on MacOSX https://t.co/v3An0miW9L Fri Jul 12 15:06:49 +0000 2019

HTML email with plain mailer plugin on Jenkins https://t.co/Z6FSDMDjy8 Thu Jul 11 21:07:25 +0000 2019