Fedora 19 Selinux policy stops nagios
Vadym Chepkov
vchepkov at gmail.com
Sun Jul 7 04:56:50 UTC 2013
Hi,
I just upgraded to Fedora 19 and found out nagios is incompatible with Selinux policy.
One could blame nagios maintainers to not comply with SELinux, since they use /var/log/nagios location for work files:
# grep /var/log /etc/nagios/nagios.cfg
log_file=/var/log/nagios/nagios.log
object_cache_file=/var/log/nagios/objects.cache
precached_object_file=/var/log/nagios/objects.precache
status_file=/var/log/nagios/status.dat
temp_file=/var/log/nagios/nagios.tmp
log_archive_path=/var/log/nagios/archives
check_result_path=/var/log/nagios/spool/checkresults
state_retention_file=/var/log/nagios/retention.dat
debug_file=/var/log/nagios/nagios.debug
but it used to work in Fedora 18 and now doesn't work at all.
I tried to relocate some of the files to /var/spool/nagios, but it didn't help, SElinux doesn't allow to modify nagios_spool_t either.
audit2allow suggested to allow nagios_t nagios_spool_t:file { rename write getattr read create unlink open };
Is there some other type I overlooked so I can use it properly?
Thanks,
Vadym
More information about the selinux
mailing list