SELinux problem at startup

Micha Silver micha at arava.co.il
Mon Nov 19 16:02:00 CET 2007

Previous message: host-check issue
Next message: SELinux problem at startup
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello:

I just finished installing version 2.10 from rpms from the rpmforge 
repository on  a CentOS 5 machine. (I've used nagios for some years now 
both compiled and from binaries).

This time I couldn't get the init.d script to successfully start because 
of some SELinux limitation. Running the string of commands from the 
command line worked fine. i.e.:


[root at gibui ~]# touch /var/run/nagios.pid
[root at gibui ~]# chown nagios:nagios /var/run/nagios.pid
[root at gibui ~]# /usr/bin/nagios -d /etc/nagios/nagios.cfg
[root at gibui ~]# /etc/init.d/nagios status
nagios (pid 25170) is running...


left me with a running nagios daemon. However:


[root at gibui ~]# /etc/init.d/nagios restart

Running configuration check...done
Stopping nagios: done.
Starting nagios: done.


 always failed. In the nagios.log I saw:

[1195481305] Nagios 2.10 starting... (PID=23272)
[1195481305] LOG VERSION: 2.0
[1195481305] You do not have permission to write to /var/run/nagios.pid
[1195481305] Bailing out due to errors encountered while attempting to 
daemonize... (PID=23272)


If I did setenforce=0 (putting selinux into "permissive" mode) then the 
init script worked.


What I did to overcome this was a chcon on the nagios binary, as follows:

[root at gibui ~]# chcon -t bin_t /usr/bin/nagios
[root at gibui ~]# ll -Z /usr/bin/nagios
-rwxrwxr--  root root system_u:object_r:bin_t          /usr/bin/nagios

And now the init script works fine. Not sure this is the best way to 
overcome the problem. If anyone more versed in selinux can help, I'd 
like to hear...


Cheers,

Micha



-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: host-check issue
Next message: SELinux problem at startup
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list