Try something like: grep zabbix /var/log/audit/audit.log | audit2allow -M zabbix semodule -i zabbix.pp
Thanks for your response! However this is what happens when I try to install the module:
[root@monitor2:~] #semodule -i zabbix.pp libsepol.print_missing_requirements: zabbix's global requirements were not met: type/attribute zabbix_t (No such file or directory). libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory). semodule: Failed!
Any other thoughts?
Thanks, Tim
On Wed, Jun 17, 2015 at 5:32 AM, Harold Toms h.toms@qmul.ac.uk wrote:
Try something like:
grep zabbix /var/log/audit/audit.log | audit2allow -M zabbix semodule -i zabbix.pp
On 16/06/15 15:58, Tim Dunphy wrote:
Hey guys,.
I have a centos 7 machine I'm using as a zabbix server. And I noticed that apache won't start, with this complaint in the error log:
(13)Permission denied: AH00091: httpd: could not open error log file /var/log/zabbix_error_log. AH00015: Unable to open logs
I tried having a look at audit2allow and this is the response I get back:
[root@monitor2:/etc/httpd] #grep http /var/log/audit/audit.log | audit2allow
#============= httpd_t ============== allow httpd_t zabbix_log_t:file open;
How can I turn that bit of information into a rule that allows apache access to this zabbix log file?
I notice that if I disable selinux using setenfor 0, apache starts up without complaint. But I would rather not leave it disabled.
Thanks, Tim
-- regards
Harold Toms http://iodine.chem.qmul.ac.uk "Priestley's works... tended to unsettle every thing, and yet settled nothing."
- Samuel Johnson.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos