FS#59307 - [zabbix-server] permission problem with 3.4.11
Attached to Project:
Arch Linux
Opened by vince (wins) - Thursday, 12 July 2018, 06:14 GMT
Last edited by Florian Pritz (bluewind) - Thursday, 25 October 2018, 08:01 GMT
Opened by vince (wins) - Thursday, 12 July 2018, 06:14 GMT
Last edited by Florian Pritz (bluewind) - Thursday, 25 October 2018, 08:01 GMT
|
Details
Description:
extra/zabbix-server 3.4.11-1 package have a some problems: can't use fping, can't use snmp traps: Jul 12 08:49:08 zabbix zabbix_server[1165]: cannot stat SNMP trapper file "/tmp/zabbix_traps.tmp": [2] No such file or directory ls -la /tmp/zabbix_traps.tmp -rw-r--r-- 1 root root 1721 Jul 12 08:47 /tmp/zabbix_traps.tmp Jul 12 09:13:18 catbox zabbix_server[8854]: ping: socket: Operation not permitted Here is solution: Set directives PrivateDevices=yes PrivateTmp=yes in systemd startup file to PrivateDevices=no PrivateTmp=no |
This task depends upon
As for ping failing, this is due to PrivateDevices=yes which forces NoNewPrivileges=yes. Sadly this can't be turned off again so there the only choice is to either use something else or remove the option. Bartłomiej?
authCommunity execute <community>
perl do "/usr/bin/zabbix_trap_receiver.pl";
--
Script "zabbix_trap_receiver.pl" is provided in original zabbix package. It's generate trap file in zabbix-readable format.
CapabilityBoundingSet=CAP_NET_RAW
I changed location for snmp-trapper file from /tmp to ~zabbix-server.
Everything is ok ;)