Contribution to wiki: nagios incompatibility with centos 5.2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2009-09-14 at 16:24 +0200, Christoph Maser wrote:
> Am Montag, den 14.09.2009, 16:15 +0200 schrieb Ralph Angenendt:
> > On Mon, 2009-09-14 at 16:11 +0200, Martin Boel, Silverbullet wrote:
> > > workaround is to execute the command: chcon -R httpd_sys_content_t
> > > /var/nagios
> >
> > Is that still the case in 5.3?
> 
> And also does that solve all problems with nagios? What about plugin
> execution or external command files? I rather think you should use the
> contexts
>  - system_u:object_r:nagios_log_t:s0
>  - system_u:object_r:nagios_spool_t:s0
>  - system_u:object_r:nagios_exec_t:s0
>  - system_u:object_r:nrpe_etc_t:s0
>  - system_u:object_r:httpd_nagios_script_exec_t:s0
> 
> Actually it would be propably up to me to set these correctly in the
> rpmforge package....
> Maybe some selinux guru can help me out?

I'd say take a sneak peak into Fedoraland, but their SELinux is a tad
more advanced than what we have.

You know that you'd have to write a *complete* policy for containing
Nagios that way? Can nagios even be seen as its own application
deserving its own domain or isn't much of nagios run from apache anyway
which would mean that you'd need the apache policies in place?

Ralph



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Users]     [CentOS Virtualization]     [Linux Media]     [Asterisk]     [Netdev]     [X.org]     [Xfree86]     [Linux USB]     [Project Hail Cloud Computing]

  Powered by Linux