Nagios Support Forum

I am a new user of CentOS. I've configured a server with CentOs 6.5. I've compiled and installed Nagios 4.0.2. It works, but when I load the nagios webserver I cannot do anything. In fact on the screen there is the error:
"Error: Could not read object configuration data!"
and in the audit.log I find the error:
"type=AVC msg=audit(1386346725.545:708): avc: denied { read } for pid=20616 comm="showlog.cgi" name="objects.cache" dev=dm-0 ino=2884918 scontext=unconfined_u:system_r:httpd_sys_script_t:s0 tcontext=unconfined_u:object_r:var_log_t:s0 tclass=file
type=SYSCALL msg=audit(1386346725.545:708): arch=c000003e syscall=2 success=no exit=-13 a0=183a180 a1=0 a2=181 a3=30 items=0 ppid=20390 pid=20616 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4 comm="showlog.cgi" exe="/usr/lib64/nagios/cgi-bin/showlog.cgi" subj=unconfined_u:system_r:httpd_sys_script_t:s0 key=(null)"
How can I solve this problem?
Thank you in advance

well the normal suggestion is to disable selinux, however if that or putting it into permissive mode is not an option, there are several guides out there. I know that all of them are for 3.5 or older and with some of the new worker logic, it may not correctly apply with 4.0.x.

sreinhardt wrote:well the normal suggestion is to disable selinux, however if that or putting it into permissive mode is not an option, there are several guides out there. I know that all of them are for 3.5 or older and with some of the new worker logic, it may not correctly apply with 4.0.x.

I have also tried these guides, even creating new policies for the specfic problem. But it doesn't solve

What is the output of:

If you can get to the nagios page but have error or you see the hosts, services, maps, home, host groups and other buttons from the left ( the left panel ) and when you go to one of them you get the error .. rather than leave SELinux off permanently, it’s better to correct the SELinux settings, and you can do this with the following commands:

chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/
chcon -R -t httpd_sys_content_t /usr/local/nagios/share/

PS – You can also see in the httpd error log “ [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0” which is also a bit of a giveaway

I have found this here and for me it works ...

thanks for the hint Ivan, hopefully that helps james!

I found you need to run the following selinux commands. The second is different from most other posts I have seen:

chcon -R -t httpd_sys_content_t /usr/local/nagios/share/
chcon -R -t httpd_sys_script_exec_t /usr/local/nagios/sbin/

Since .../nagios/sbin contains scripts, it needs script permissionts

Thanks for the post, but this thread is over a year old. I will be closing it now.