External Commands not working

Marc Powell marc at ena.com
Thu Mar 17 19:36:12 CET 2005

Previous message: External Commands not working
Next message: External Commands not working
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


> -----Original Message-----
> From: nagios-users-admin at lists.sourceforge.net [mailto:nagios-users-
> admin at lists.sourceforge.net] On Behalf Of Scott Gwartney
> Sent: Thursday, March 17, 2005 11:49 AM
> To: nagios-users at lists.sourceforge.net
> Subject: [Nagios-users] External Commands not working
> 
> I'm running Nagios v.2.0b1 on Fedora 3.0 Apache 2.0.52. When trying to
> execute external commands from the web interface I get this error:
> 
> Error: Could not stat() command file
> '/usr/local/nagios/var/rw/nagios.cmd'!
> 
> The external command file may be missing, Nagios may not be running,
> and/or
> Nagios may not be checking external commands.
> 
> An error occurred while attempting to commit your command for
processing.
> 
> I've followed the directions exactly (several times!). Apache is a
member
> of
> Nagiocmd group, in fact I've tried giving full permissions to everyone
on
> the '/usr/local/nagios/var/rw/ folder and all its files with no
success.
> 
> Nothing shows up in the httpd logs. The system message log shows this:
> 
> avc:  denied  { getattr } for  pid=5446
exe=/usr/local/nagios/sbin/cmd.cgi
> path=/usr/local/nagios/var/rw/nagios.cmd dev=dm-0 ino=3591465
> scontext=root:system_r:httpd_sys_script_t tcontext=root:object_r:usr_t
> tclass=fifo_file

This is an SELinux restriction, above and beyond normal file systems
permissions. I have no personal experience with SELinux but I believe
the following command will provide you with the SELinux policy change
you need to make --

audit2allow -l -i /var/log/messages

If anyone can come up with a valid, secure SELinux policy change to
allow access to cmd.cgi it should probably go in the FAQ at the least. I
think there was one other email in the past week that is likely an
SELinux issue as well. 

--
Marc


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: External Commands not working
Next message: External Commands not working
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list