I installed F34 in a VM and installed the zabbix server and agent. I have updated the system to the latest. When I run the zabbix server and agent I get a lot of SELinux alerts.
SELinux is preventing zabbix_agentd from getattr access on the fifo_file /run/initctl Source Context system_u:system_r:zabbix_agent_t:s0 Target Context system_u:object_r:initctl_t:s0 Target Objects /run/initctl [ fifo_file ] Source zabbix_agentd Source Path zabbix_agentd
SELinux is preventing zabbix_agentd from getattr access on the sock_file /run/systemd/journal/dev-log. Source Context system_u:system_r:zabbix_agent_t:s0 Target Context system_u:object_r:devlog_t:s0 Target Objects /run/systemd/journal/dev-log [ sock_file ] Source zabbix_agentd Source Path zabbix_agentd
SELinux is preventing zabbix_agentd from getattr access on the file /proc/kcore Source Context system_u:system_r:zabbix_agent_t:s0 Target Context system_u:object_r:proc_kcore_t:s0 Target Objects /proc/kcore [ file ] Source zabbix_agentd Source Path zabbix_agentd
SELinux is preventing sh from execute_no_trans access on the file /usr/bin/rpm Source Context system_u:system_r:zabbix_agent_t:s0 Target Context system_u:object_r:rpm_exec_t:s0 Target Objects /usr/bin/rpm [ file ] Source sh Source Path sh
Here are the installed packages
zabbix.x86_64 1:5.0.10-1.fc34 @updates zabbix-agent.x86_64 1:5.0.10-1.fc34 @updates zabbix-dbfiles-mysql.noarch 1:5.0.10-1.fc34 @updates zabbix-selinux.noarch 1:5.0.10-1.fc34 @updates zabbix-server.noarch 1:5.0.10-1.fc34 @updates zabbix-server-mysql.x86_64 1:5.0.10-1.fc34 @updates zabbix-web.noarch 1:5.0.10-1.fc34 @updates zabbix-web-mysql.noarch 1:5.0.10-1.fc34 @updates selinux-policy-targeted.noarch 34.3-1.fc34 @updates selinux-policy.noarch 34.3-1.fc34 @updates
So is this a bug in the zabbix-selinux package or the zabbix_agentd package?
Any help is appreciated.
Paolo