selinux ping problems

Yong Lee ylee at eqo.com
Wed Sep 20 19:12:13 CEST 2006

Previous message: selinux ping problems
Next message: URL Monitoring
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thanks for the feedback Ian.  This seems to be working now.

-----Original Message-----
From: Ian Marks [mailto:imarks at comcast.net] 
Sent: September 20, 2006 6:35 AM
To: Yong Lee
Cc: nagios-users at lists.sourceforge.net
Subject: Re: [Nagios-users] selinux ping problems

I have my nagios.cmd file set with "root:object_r:usr_t".  Try setting 
it to that and see if it works.  Otherwise, you can install the 
"selinux-policy-targeted-sources" package, assuming you are using a 
targeted policy, and do the following.

cd /etc/selinux/$SELINUXTYPE/src/policy 
echo "allow ping_t httpd_var_run_t:fifo_file read;" >>
/domains/misc/local.te
make load


This may not be the most secure way of doing it but it should allow you 
what you need.

Ian

Yong Lee wrote:
>
> sorry, I forgot to mention that I am using a redhat enterprise 4 system.
>
>  
>
> ------------------------------------------------------------------------
>
> *From:* nagios-users-bounces at lists.sourceforge.net 
> [mailto:nagios-users-bounces at lists.sourceforge.net] *On Behalf Of 
> *Yong Lee
> *Sent:* September 18, 2006 12:01 PM
> *To:* nagios-users at lists.sourceforge.net
> *Subject:* [Nagios-users] selinux ping problems
>
>  
>
> Does anyone know what selinux contexts I need to get rid of the 
> following ping related problem:
>
>  
>
>  
>
> Sep 18 11:51:16 snmp kernel: audit(1158605476.132:153480): avc:  
> denied  { read } for  pid=21022 comm="ping" name="nagios.cmd" dev=sda1 
> ino=38798253 scontext=user_u:system_r:ping_t 
> tcontext=system_u:object_r:httpd_var_run_t tclass=fifo_file
>
>  
>
>  
>
> my nagios.cmd file currently has context settings of :
>
>  
>
> system_u:object_r:httpd_var_run_t nagios.cmd
>
>  
>
> Many thanks for any light you can shed on this.
>
>  
>
> Yong.
>
>  
>
>  
>
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share
your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> ------------------------------------------------------------------------
>
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue. 
> ::: Messages without supporting info will risk being sent to /dev/null


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: selinux ping problems
Next message: URL Monitoring
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list