With the help of several people, I have put in a new version of nagios and nrpe into epel-testing for EL-7. I am still trying to figure out some rpmspec file problems with EL-6 that are causing it not to work.
nagios is now 4.2.4 changes include moving various control files from /var/log/nagios to /var/spool/nagios and /var/run/nagios to better meet packaging guidelines. Selinux may have issues and I am trying to work through a proper way to update the selinux policy for it without over-writing items.
nrpe is now 3.0.1 this is a major change from the very old version.
"SJS" == Stephen John Smoogen smooge@gmail.com writes:
SJS> Selinux may have issues and I am trying to work through a proper SJS> way to update the selinux policy for it without over-writing items.
You might need new policy if the new nagios does things that the old one didn't, like call out to different programs, connect to different network sockets, etc. However, since you moved files around, your biggest problem would be file contexts.
Best thing to do is look at the existing rules:
# semanage fcontext -l | grep nagios
will show you:
/var/spool/nagios(/.*)? all files system_u:object_r:nagios_spool_t:s0
/var/run/nagios.* all files system_u:object_r:nagios_var_run_t:s0
/var/log/nagios(/.*)? all files system_u:object_r:nagios_log_t:s0
So, hmm, the existing policy does already categorize things in those directories differently, and moving things around between those directories might upset the existing policy (though it might not). You'll definitely want to run permissive for a bit and collect AVCs.
- J<
epel-devel@lists.fedoraproject.org
-
Jason L Tibbitts III -
Stephen John Smoogen