Nagios 4 + Nagvis SELinux issue

[dlr]

Hi,

I am running Nagios 4.0.2 and using http://support.nagios.com/forum/viewtop ... 44&p=86780 I have got the fork of livestatus up and running and Nagvis

My problem is with selinux. With it disabled with setenforce 0 it all works ok, automap etc, if I have it enabled then I get permission denied in the nagvis interface

Unable to connect to the /usr/local/nagios/var/rw/live in backend live_1: Permission denied

I have tried all I can find in Google such as,

chcon -R -t httpd_sys_script_rw_t /usr/local/nagios/var/rw

but it still fails with the following in my audit log

type=AVC msg=audit(1395403198.613:226546): avc: denied { connectto } for pid=15504 comm="httpd" path="/usr/local/nagios/var/rw/live" scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:initrc_t:s0 tclass=unix_stream_socket

Any suggestions? I would like to keep selinux enabled if possible. Thought I would try here first before posting to the nagvis people

thanks

Darren

[slansing]

Well, seeing as this is an issue with how selinux handles nagvis, and livestatus that is not something that we can be of much help with here, we can try to walk through some information gathering steps but they will likely ask the same of you. I'd recommend getting in contact with their support user groups for this problem. If you have further questions on this feel free to ask!

[dlr]

ok will do, I will post back here if I find a solution

[tmcdonald]

We'll keep this open for you.

[dlr]

Solved thanks to the centos forums, I had to create a new policy for selinux and load it in to allow the socket connection, now to continue making fancy nagvis screens

https://www.centos.org/forums/viewtopic ... 45ad69e8c4

[slansing]

Sweet! Thank you for following up.