[CentOS-devel] Nagios + selinux

Christoph Maser cmr at financial.com
Thu Mar 1 07:47:44 UTC 2007


Hi lists

it seems the rpmforge nagios package does not work out of the box if
selinux is turned on. A log from someone complaining about it (the
nagios cgis) not working:

---
[Thu Mar 01 15:58:30 2007] [notice] suEXEC mechanism enabled
(wrapper: /usr/sbin/suexec)
[Thu Mar 01 15:58:30 2007] [notice] Digest: generating secret for digest authentication ...
[Thu Mar 01 15:58:30 2007] [notice] Digest: done
[Thu Mar 01 15:58:30 2007] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Thu Mar 01 15:58:30 2007] [notice] LDAP: SSL support unavailable
[Thu Mar 01 15:58:30 2007] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Mar 01 15:58:30 2007] [notice] Apache/2.0.52 (CentOS) configured -- resuming normal operations
[Thu Mar 01 15:58:38 2007] [error] [client 127.0.0.1] (13)Permission denied: exec of '/usr/lib/nagios/cgi/status.cgi' failed, referer: http://127.0.0.1/nagios/side.html
[Thu Mar 01 15:58:38 2007] [error] [client 127.0.0.1] Premature end of script headers: status.cgi, referer: http://127.0.0.1/nagios/side.html
[Thu Mar 01 15:58:39 2007] [error] [client 127.0.0.1] (13)Permission denied: exec of '/usr/lib/nagios/cgi/tac.cgi' failed, referer: http://127.0.0.1/nagios/side.html
---

I would like to make proper rules for this rpm but i have absolutely no clue about selinux and policies. Any hints what to read, where to start?

Chris

-- 
financial.com AG            Tel. +49 (0) 89 / 31 85 28 - 44
Maria-Probst-Strasse 19     Fax. +49 (0) 89 / 31 85 28 - 28
D-80939 München             http://www.financial.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.centos.org/pipermail/centos-devel/attachments/20070301/908d3ae5/attachment.bin


More information about the CentOS-devel mailing list