LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices



Reply
 
Search this Thread
Old 09-26-2007, 03:05 PM   #1
davethemackem
LQ Newbie
 
Registered: Jul 2007
Distribution: Suse 10.2
Posts: 5

Rep: Reputation: 0
Nagios - SELinux AVC Denial


Hi all (apologies if I shouldn't post this here, please tell me and Ill move the question elsewhere)

I'm a noob as they say at Linux but trying to learn. I'm trying to run a program called Nagios on Fedora. A slight niggle is that when I fist start the PC I cannot logon to the browser localhost to access the nagios control console. I always get a star in the top right corner of the screen saying (see below)

I have found if I run a terminal as root and type "service httpd restart" it starts ok and works fine. Is there a way (dummy's guide if possible) to do this automatically when I start the pc?

Thanks in advance

Dave

SummarySELinux is preventing /bin/ping (ping_t) "read write" to /usr/local/nagios/var/rw/nagios.cmd (usr_t).Detailed DescriptionSELinux denied access requested by /bin/ping. It is not expected that this access is required by /bin/ping and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.Allowing AccessSometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /usr/local/nagios/var/rw/nagios.cmd, restorecon -v /usr/local/nagios/var/rw/nagios.cmd If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report against this package.
 
Old 09-26-2007, 04:30 PM   #2
marozsas
Senior Member
 
Registered: Dec 2005
Location: Campinas/SP - Brazil
Distribution: SuSE, RHEL, Fedora, Ubuntu
Posts: 1,393
Blog Entries: 1

Rep: Reputation: 64
If you could, put SELinux in permissive mode. It should work, but you loose the SELinux protection.
I have Nagios running on a F7 too, and SELinux in permissive mode was the only way to get it running. Not only the web interface itself, but you will found problems in running some check_commands, nrpe checks and receiving nsca asynchronous data.

Until someone create a SE policy or whatever to nagios, I think this is the only way...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Nagios Daemon, PID not found but rc.nagios runs agentc0re Slackware 1 07-03-2007 03:47 PM
Iptables, avc, SElinux erika_Dec2004 Fedora 1 01-15-2007 05:27 AM
What's AVC? Tux-O-Matic Linux - General 6 12-11-2006 06:55 AM
LXer: Nagios 2.5 and Oreon 1.3 (Nagios web front end) installation with screenshots LXer Syndicated Linux News 0 08-11-2006 06:33 PM
LXer: Nagios and Oreon (Nagios web front end) installation and Configuration LXer Syndicated Linux News 0 07-18-2006 09:33 PM


All times are GMT -5. The time now is 04:09 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration