> > Try something like: > grep zabbix /var/log/audit/audit.log | audit2allow -M zabbix > semodule -i zabbix.pp Thanks for your response! However this is what happens when I try to install the module: [root at monitor2:~] #semodule -i zabbix.pp libsepol.print_missing_requirements: zabbix's global requirements were not met: type/attribute zabbix_t (No such file or directory). libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory). semodule: Failed! Any other thoughts? Thanks, Tim On Wed, Jun 17, 2015 at 5:32 AM, Harold Toms <h.toms at qmul.ac.uk> wrote: > Try something like: > > grep zabbix /var/log/audit/audit.log | audit2allow -M zabbix > semodule -i zabbix.pp > > > On 16/06/15 15:58, Tim Dunphy wrote: > >> Hey guys,. >> >> I have a centos 7 machine I'm using as a zabbix server. And I noticed >> that >> apache won't start, with this complaint in the error log: >> >> (13)Permission denied: AH00091: httpd: could not open error log file >> /var/log/zabbix_error_log. >> AH00015: Unable to open logs >> >> >> I tried having a look at audit2allow and this is the response I get back: >> >> [root at monitor2:/etc/httpd] #grep http /var/log/audit/audit.log | >> audit2allow >> >> >> #============= httpd_t ============== >> allow httpd_t zabbix_log_t:file open; >> >> How can I turn that bit of information into a rule that allows apache >> access to this zabbix log file? >> >> I notice that if I disable selinux using setenfor 0, apache starts up >> without complaint. But I would rather not leave it disabled. >> >> Thanks, >> Tim >> >> > > -- > regards > > Harold Toms > http://iodine.chem.qmul.ac.uk > "Priestley's works... tended to unsettle every thing, and yet settled > nothing." > - Samuel Johnson. > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B