On Thu, 2011-05-26 at 07:33 -0400, Vadym Chepkov wrote:
Hi,
There is a series of nagios plugins which have to record previous call's status in a
file.
For example, check_snmp_uptime. It would record the previous uptime of a monitored server
into a bdb file and will generate an ERROR state if during a next call uptime was lower
then previous.
Unfortunately, there is no suitable context for files like that. even
nagios_system_plugin_tmp_t doesn't fit the bill.
I guess all (or at least the system and services) plugins should be able
to manage nagios_spool_t content:
mkdir ~/mytest; cd ~/mytest;
echo "policy_module(mytest, 1.0.0) gen_require(\` type nagios_spool_t,
nagios_services_plugin_t, nagios_system_plugin_t; ')
manage_dirs_pattern({nagios_services_plugin_t
nagios_services_plugin_t }, nagios_spool_t, nagios_spool_t)
manage_dirs_pattern({nagios_services_plugin_t
nagios_services_plugin_t }, nagios_spool_t, nagios_spool_t)" >
mytest.te; make -f /usr/share/selinux/devel/Makefile mytest.pp
sudo semodule -i mytest.pp
sudo restorecon -R -v /var/spool/nagios
See where that gets you.