Below is my snmp config file for all my systems
#######################################################
sysLocation
sysContact
sysServices 72
rocommunity
trapcommunity
trap2sink
linkUpDownNotifications yes
defaultMonitors yes
dontPrintUnits true
includeAllDisks 10%
#######################################################
last week I started seeing my var directory growing when I checked my log files I get the following error
[root@gp60 ~]# tail /var/log/messages
Jan 31 13:49:00 gp60 kernel: audit(1328017738.673:6186949): avc: denied { getattr } for pid=19832 comm="snmpd" name="/" dev=dm-3 ino=2 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:tmp_t tclass=dir
Jan 31 13:49:00 gp60 kernel: audit(1328017738.674:6186950): avc: denied { getattr } for pid=19832 comm="snmpd" name="tmp" dev=dm-5 ino=32769 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:tmp_t tclass=dir
Jan 31 13:49:00 gp60 kernel: audit(1328017738.674:6186951): avc: denied { read } for pid=19832 comm="snmpd" name="tmp" dev=dm-4 ino=12 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:usr_t tclass=lnk_file
Jan 31 13:49:00 gp60 kernel: audit(1328017738.674:6186952): avc: denied { getattr } for pid=19832 comm="snmpd" name="/" dev=dm-3 ino=2 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:tmp_t tclass=dir
Jan 31 13:49:00 gp60 kernel: audit(1328017738.678:6186953): avc: denied { getattr } for pid=19832 comm="snmpd" name="/" dev=dm-1 ino=2 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:file_t tclass=dir
Jan 31 13:49:00 gp60 kernel: audit(1328017738.678:6186954): avc: denied { getattr } for pid=19832 comm="snmpd" name="/" dev=dm-3 ino=2 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:tmp_t tclass=dir
Jan 31 13:49:00 gp60 kernel: audit(1328017738.679:6186955): avc: denied { search } for pid=19832 comm="snmpd" name="mnt" dev=dm-0 ino=145154 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:mnt_t tclass=dir
Any Idea what to do?
Note: Its only happening on my Rhel4 systems.