Hi,
I am running Nagios 4.0.2 and using http://support.nagios.com/forum/viewtop ... 44&p=86780 I have got the fork of livestatus up and running and Nagvis
My problem is with selinux. With it disabled with setenforce 0 it all works ok, automap etc, if I have it enabled then I get permission denied in the nagvis interface
Unable to connect to the /usr/local/nagios/var/rw/live in backend live_1: Permission denied
I have tried all I can find in Google such as,
chcon -R -t httpd_sys_script_rw_t /usr/local/nagios/var/rw
but it still fails with the following in my audit log
type=AVC msg=audit(1395403198.613:226546): avc: denied { connectto } for pid=15504 comm="httpd" path="/usr/local/nagios/var/rw/live" scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:initrc_t:s0 tclass=unix_stream_socket
Any suggestions? I would like to keep selinux enabled if possible. Thought I would try here first before posting to the nagvis people
thanks
Darren
Nagios 4 + Nagvis SELinux issue
-
- Posts: 7698
- Joined: Mon Apr 23, 2012 4:28 pm
- Location: Travelling through time and space...
Re: Nagios 4 + Nagvis SELinux issue
Well, seeing as this is an issue with how selinux handles nagvis, and livestatus that is not something that we can be of much help with here, we can try to walk through some information gathering steps but they will likely ask the same of you. I'd recommend getting in contact with their support user groups for this problem. If you have further questions on this feel free to ask!
Re: Nagios 4 + Nagvis SELinux issue
ok will do, I will post back here if I find a solution
Re: Nagios 4 + Nagvis SELinux issue
Solved thanks to the centos forums, I had to create a new policy for selinux and load it in to allow the socket connection, now to continue making fancy nagvis screens
https://www.centos.org/forums/viewtopic ... 45ad69e8c4
https://www.centos.org/forums/viewtopic ... 45ad69e8c4
-
- Posts: 7698
- Joined: Mon Apr 23, 2012 4:28 pm
- Location: Travelling through time and space...
Re: Nagios 4 + Nagvis SELinux issue
Sweet! Thank you for following up.