I spent a good 2 weeks trying to get icinga to work completely under SELinux,
and I reached the following conclusion: don’t bother.
Every time I thought I had everything working, I found something else that
didn’t. After the Nth time that happened, I turned off SELinux and haven’t
looked back. My monitoring system is limited to access by a couple of people
anyway, so it’s a low risk for me. I do have NRPE and some checks running on 2
boxes with SELinux enabled, but not that particular plugin, and I’m using the
RPM packages from either EPEL or RPMforge (can’t remember which offhand) so
it’s got the SELinux stuff sorted anyway…
Josh
Joshua Megerman
Sr. Systems Engineer
IWCO Direct
Phone: 267-960-3048
www.iwco.com<http://www.iwco.com>
From: Alexander Vierschilling [mailto:alex.vierschill...@web.de]
Sent: Tuesday, October 29, 2013 11:08 AM
To: icinga-users@lists.sourceforge.net
Subject: [icinga-users] icinga and SELinux
Hello together,
I´ve got a question and I hope you can help me to handle the problem. It´s
about a mysql_health_check called via nrpe.
I want to check "slow-queries" in our mysql-database. Therefore I call my
NRPE-Check which calls the mysql check on the remote-machine. So far so good.
Now, the mysql_check needs a dir called check_mysql_health in /var/tmp.
ls -Z displays :
drwxr-xr-x. nrpe nrpe
unconfined_u:object_r:nagios_services_plugin_exec_t:s0 check_mysql_health
my plugin's context is
-rwxrwxrwx. nagios nrpe unconfined_u:object_r:nagios_services_plugin_exec_t:s0
check_mysql_health
when I turn off selinux, everything works fine and nrpe shows the results in my
monitoring-system.
Does someone have a good hint for me? :)
Greets,
Alex
______________________________________________ CONFIDENTIALITY NOTICE: This
e-mail, and any files/attachments transmitted, may include confidential and/or
proprietary information from IWCO Direct, intended solely for the use of the
individual or entity to whom they are addressed. If you are not the intended
recipient, you are hereby notified that disclosure, printing, copying,
distribution, or the taking of any action in reliance on the contents of this
electronic information is strictly prohibited. If you have received this e-mail
message in error, please immediately notify the sender by reply message and
then delete the electronic message and any files/attachments.
______________________________________________
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
icinga-users mailing list
icinga-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/icinga-users