Trying to fix an issue with snmp, I started by building an snmp module using audit2allow. It kept failing to load, and the error message is a little cryptic...
[root@host thomas]# semodule -i snmp.pp
libsepol.print_missing_requirements: snmp's global requirements were not met: type/attribute snmpd_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory).
semodule: Failed!
The .te file for the module looks like this:
module snmp 1.0;require {
type var_log_t;
type snmpd_t;
class file read;
}#============= snmpd_t ==============
allow snmpd_t var_log_t:file read;
Fix is simple enough, it's the error message that's a bit misleading...it's just that there already is an snmp module loaded.
[root@host thomas]# semodule -l |grep snmp
snmp 1.10.2
I just changed the module name to my-snmp and it works fine.
[root@host thomas]# semodule -l |grep snmp
my-snmp 1.0
snmp 1.10.2