selinux ping problems
Yong Lee
ylee at eqo.com
Wed Sep 20 19:12:13 CEST 2006
Thanks for the feedback Ian. This seems to be working now.
-----Original Message-----
From: Ian Marks [mailto:imarks at comcast.net]
Sent: September 20, 2006 6:35 AM
To: Yong Lee
Cc: nagios-users at lists.sourceforge.net
Subject: Re: [Nagios-users] selinux ping problems
I have my nagios.cmd file set with "root:object_r:usr_t". Try setting
it to that and see if it works. Otherwise, you can install the
"selinux-policy-targeted-sources" package, assuming you are using a
targeted policy, and do the following.
cd /etc/selinux/$SELINUXTYPE/src/policy
echo "allow ping_t httpd_var_run_t:fifo_file read;" >>
/domains/misc/local.te
make load
This may not be the most secure way of doing it but it should allow you
what you need.
Ian
Yong Lee wrote:
>
> sorry, I forgot to mention that I am using a redhat enterprise 4 system.
>
>
>
> ------------------------------------------------------------------------
>
> *From:* nagios-users-bounces at lists.sourceforge.net
> [mailto:nagios-users-bounces at lists.sourceforge.net] *On Behalf Of
> *Yong Lee
> *Sent:* September 18, 2006 12:01 PM
> *To:* nagios-users at lists.sourceforge.net
> *Subject:* [Nagios-users] selinux ping problems
>
>
>
> Does anyone know what selinux contexts I need to get rid of the
> following ping related problem:
>
>
>
>
>
> Sep 18 11:51:16 snmp kernel: audit(1158605476.132:153480): avc:
> denied { read } for pid=21022 comm="ping" name="nagios.cmd" dev=sda1
> ino=38798253 scontext=user_u:system_r:ping_t
> tcontext=system_u:object_r:httpd_var_run_t tclass=fifo_file
>
>
>
>
>
> my nagios.cmd file currently has context settings of :
>
>
>
> system_u:object_r:httpd_var_run_t nagios.cmd
>
>
>
> Many thanks for any light you can shed on this.
>
>
>
> Yong.
>
>
>
>
>
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share
your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> ------------------------------------------------------------------------
>
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list