zabbix server/agent on F34
I installed F34 in a VM and installed the zabbix server and agent. I
have updated the system to the latest. When I run the zabbix server and
agent I get a lot of SELinux alerts.
SELinux is preventing zabbix_agentd from getattr access on the fifo_file
/run/initctl
Source Context system_u:system_r:zabbix_agent_t:s0
Target Context system_u:object_r:initctl_t:s0
Target Objects /run/initctl [ fifo_file ]
Source zabbix_agentd
Source Path zabbix_agentd
SELinux is preventing zabbix_agentd from getattr access on the sock_file
/run/systemd/journal/dev-log.
Source Context system_u:system_r:zabbix_agent_t:s0
Target Context system_u:object_r:devlog_t:s0
Target Objects /run/systemd/journal/dev-log [ sock_file ]
Source zabbix_agentd
Source Path zabbix_agentd
SELinux is preventing zabbix_agentd from getattr access on the file
/proc/kcore
Source Context system_u:system_r:zabbix_agent_t:s0
Target Context system_u:object_r:proc_kcore_t:s0
Target Objects /proc/kcore [ file ]
Source zabbix_agentd
Source Path zabbix_agentd
SELinux is preventing sh from execute_no_trans access on the file
/usr/bin/rpm
Source Context system_u:system_r:zabbix_agent_t:s0
Target Context system_u:object_r:rpm_exec_t:s0
Target Objects /usr/bin/rpm [ file ]
Source sh
Source Path sh
Here are the installed packages
zabbix.x86_64 1:5.0.10-1.fc34 @updates
zabbix-agent.x86_64 1:5.0.10-1.fc34 @updates
zabbix-dbfiles-mysql.noarch 1:5.0.10-1.fc34 @updates
zabbix-selinux.noarch 1:5.0.10-1.fc34 @updates
zabbix-server.noarch 1:5.0.10-1.fc34 @updates
zabbix-server-mysql.x86_64 1:5.0.10-1.fc34 @updates
zabbix-web.noarch 1:5.0.10-1.fc34 @updates
zabbix-web-mysql.noarch 1:5.0.10-1.fc34 @updates
selinux-policy-targeted.noarch 34.3-1.fc34 @updates
selinux-policy.noarch 34.3-1.fc34 @updates
So is this a bug in the zabbix-selinux package or the zabbix_agentd
package?
Any help is appreciated.
Paolo