On 01/10/2010 12:32 PM, Jouni Viikari wrote: > I wonder why I started to get tons of this kind of *warnings*: > > We have added a new policy for nagios plugins. All domains created by this policy are "permissive domains". So AVC messages are reported, but access is allowed. > SELinux is preventing /usr/lib/nagios/plugins/check_http "create" > access. > > Detailed Description > [check_imap has a permissive type (nagios_system_plugin_t). This access > was not denied.] > > SELinux denied access requested by check_http. It is not expected that > this access is required by check_http and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional > access. > > If I remember correctly this started when I did > #restorecon /usr/lib/nagios/plugins > > BR, > > Jouni > > #rpm -qi selinux-policy > Name : selinux-policy > Version : 3.6.32 > Release : 66.fc12 > ... > > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux Could you send me your '/var/log/audit/audit.log' at mgrepl@xxxxxxxxxx Regards, Miroslav -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
