nagios and SELinux
Paul Howarth
paul at city-fan.org
Wed Sep 27 20:15:34 UTC 2006
On Wed, 2006-09-27 at 21:42 +0200, Dan Horák wrote:
> Rahul Sundaram píše v Čt 28. 09. 2006 v 00:23 +0530:
> > Dan Horák wrote:
> > > Hello,
> > >
> > > I have troubles with running Nagios on a CentOS 4 machine with SELinux
> > > enabled. Can be run Nagios from Extras on Fedora Core with SELinux in
> > > enforcing mode?
> >
> >
> > Yes it does. I havent used it extensively though. So there might be
> > policy issues.
>
> I forgot to write that the problems are with the web interface (cgi
> scripts trying to read the logs from /var/log or even to be started).
> The monitoring part runs well.
>
> And yes, they are policy issues with httpd. The starting of the cgi is
> quite easy to fix (set the context to httpd_sys_script_exec_t), but the
> read access for /var/log/nagios looks bad. At least for me :-)
You might try changing the CGI's context type to
httpd_unconfined_script_exec_t as a simple workaround, until a more
constrained policy is written.
Paul.
More information about the fedora-extras-list
mailing list