SPAM Possible: Re: SELinux blocking nagios' cgis on FC5

Miguel Fernandes esmiguelfc at gmail.com
Fri Jun 23 17:29:35 CEST 2006

Previous message: SELinux blocking nagios' cgis on FC5
Next message: Further differentiating between Acknowledged and Un-acknowledged problems
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thank you Yong Lee, That's exactly the command that solved the problem.

MFC

On 6/23/06, Yong Lee <ylee at eqo.com> wrote:
>
> Use the command :
>
> ls -laZ to check on the context of the file (probably
> /var/log/nagios/objects.cache
>
> I've got mine set to : user_u:object_r:httpd_sys_content_t
>
> you can set it using :
>
> chcon user_u:object_r:httpd_sys_content_t <file path>
>
>
> -----Original Message-----
> From: nagios-users-bounces at lists.sourceforge.net
> [mailto:nagios-users-bounces at lists.sourceforge.net] On Behalf Of Chris
> Stankaitis
> Sent: June 23, 2006 7:58 AM
> To: Miguel Fernandes
> Cc: nagios-users at lists.sourceforge.net
> Subject: SPAM Possible: Re: [Nagios-users] SELinux blocking nagios' cgis
> on
> FC5
>
> SPAM: --------------------  Anti-Spam Report ----------------------
> SPAM:
> SPAM: YES, score=8.8 threshold=7.2
> SPAM:
> SPAM: Hit! DCC             (  0.0 pts) [Distributed Checksum Score]
> SPAM: Hit! REFERENCES      ( -0.2 pts)['References' matched '/.+/']
> SPAM: Hit! SPFFAIL         (  9.0 pts)['Received-SPF' matched '/^fail /']
> SPAM: ----------------- End of Anti-Spam Report -------------------
>
>
> >     audit(1151073510.912:1650): avc:  denied  { read } for  pid=7942
> >     comm="status.cgi" name="objects.cache" dev=dm-0 ino=98630
> >     scontext=root:system_r:httpd_sys_script_t:s0
> >     tcontext=root:object_r:var_log_t:s0 tclass=file
> >     audit(1151073601.054:1651): avc:  denied  { read } for  pid=7999
> >     comm="status.cgi" name="objects.cache" dev=dm-0 ino=98630
> >     scontext=root:system_r:httpd_sys_script_t:s0
> >     tcontext=root:object_r:var_log_t:s0 tclass=file
> >     audit(1151073696.660:1652): avc:  denied  { read } for  pid=8037
> >     comm="status.cgi" name="objects.cache" dev=dm-0 ino=98630
> >     scontext=root:system_r:httpd_sys_script_t:s0
> >     tcontext=root:object_r:var_log_t:s0 tclass=file
> >     audit(1151073787.393:1653): avc:  denied  { read } for  pid=8067
> >     comm="status.cgi" name="objects.cache" dev=dm-0 ino=98630
> >     scontext=root:system_r:httpd_sys_script_t:s0
> >     tcontext=root:object_r:var_log_t:s0 tclass=file
> >     audit(1151073877.523:1654): avc:  denied  { read } for  pid=8108
> >     comm="status.cgi" name="objects.cache" dev=dm-0 ino=98630
> >     scontext=root:system_r:httpd_sys_script_t:s0
> >     tcontext=root:object_r:var_log_t:s0 tclass=file
> >     audit(1151073967.653:1655): avc:  denied  { read } for  pid=8203
> >     comm="status.cgi" name="objects.cache" dev=dm-0 ino=98630
> >     scontext=root:system_r:httpd_sys_script_t:s0
> >     tcontext=root:object_r:var_log_t:s0 tclass=file
> >
> >
>
> what's the context on /var/log/nagios... I am no expert but it looks
> like status.cgi is not allowed (by SELinux) to read the objects.cache
>
> --Chris
>
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job
> easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting
> any issue.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20060623/1fc21829/attachment.html>
-------------- next part --------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: SELinux blocking nagios' cgis on FC5
Next message: Further differentiating between Acknowledged and Un-acknowledged problems
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list