# [~Solved] Munin & Grsecurity

## Timz

Hello everyone,

I'v got a problem with munin for a few plugins like the network and i'm wondering if there is not a problem with grsecurity patchs.

i'm using munin 1.3.3-r2

with a kernel 2.6.23-hardened-r7 and grsecurity activated.

the plugin netstat and if_ aren't working:

but they are working from my shell

```
linux #  /etc/munin/plugins/netstat

active.value 2064

passive.value 99565

failed.value 167

resets.value 1676

established.value 1
```

```
linux #  /etc/munin/plugins/if_eth0

down.value 1188463932

up.value 524118957
```

from the master node with telnet i got this :

```
fetch if_eth0

.

fetch netstat

.

```

on the node i got :

/var/log/munin/munin-node.log:

 *Quote:*   

> cannot open /proc/net/snmp: Permission denied

 

wherehas:

linux # ls -lah /proc/net/snmp

-r--r--r-- 1 root root 0 Apr  9 18:01 /proc/net/snmp

anybody with the same problem ?

thanks a lot !

i hope i'm in the good forum.

----------

## Sadako

Could you post the output of `grep GRKERNSEC` on the config of the kernel you're currently running?

I'm not familiar with munin, so how's it supposed to work, ie is it started by an init script, is it run under a restricted account (drops root privileges), etc?

----------

## nixnut

Moved from Kernel & Hardware to Networking & Security.

grsec has an option that restricts access to proc. see http://www.gentoo.org/proj/en/hardened/grsecurity.xml#doc_chap4

----------

## Timz

Yes of course but unfortunatly i don't have any idea to conceal munin with grsec.

Any idea ?

----------

## Timz

The only solution i've found is to use smnp to get values i cant get with munin plugins.

----------

