Hey guys, Thanks! That worked. [root at monitor2:~] #grep zabbix /var/log/audit/audit.log | audit2allow -M myzabbix ******************** IMPORTANT *********************** To make this policy package active, execute: semodule -i myzabbix.pp [root at monitor2:~] #semodule -i myzabbix.pp [root at monitor2:~] #lsof -i :80 [root at monitor2:~] #systemctl start httpd [root at monitor2:~] #lsof -i :80 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME httpd 18664 root 4u IPv6 12477027 0t0 TCP *:http (LISTEN) httpd 18665 apache 4u IPv6 12477027 0t0 TCP *:http (LISTEN) httpd 18666 apache 4u IPv6 12477027 0t0 TCP *:http (LISTEN) httpd 18667 apache 4u IPv6 12477027 0t0 TCP *:http (LISTEN) httpd 18668 apache 4u IPv6 12477027 0t0 TCP *:http (LISTEN) httpd 18669 apache 4u IPv6 12477027 0t0 TCP *:http (LISTEN) [root at monitor2:~] #getenforce Enforcing Definitely appreciate the help and sorry if there was any confusion on my part. All set at this point! Best, Tim On Wed, Jun 17, 2015 at 4:11 PM, Daniel J Walsh <dwalsh at redhat.com> wrote: > > > On 06/17/2015 04:03 PM, Jonathan Billings wrote: > > On Wed, Jun 17, 2015 at 03:30:51PM -0400, Tim Dunphy wrote: > >> No prob! Thanks for all the help! But in searching my system I don't > find > >> anything of the sort. > >> > >> [root at monitor2:~] #updatedb > >> [root at monitor2:~] #locate myzabbix.te > >> [root at monitor2:~] #find / -name "myzabbix.*" > >> > >> I also did search using 'yum provides' to find something similar. But > >> wasn't' able to find anything. > > What we're asking for is the contents of the .te file that is created > > when you run audit2allow. > > > Go back to the original email and do what you were told > > # grep zabbix /var/log/audit/audit.log | audit2allow -M myzabbix > # semodule -i myzabbix.pp > > You did audit2allow -M zabbix > > Which created zabbix.te and zabbix.pp, which is bad. It will attempt to > replace the system module. > > If you use myzappix, it will add the allow rules. > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B