Re: nagios plugins with state files

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 05/26/2011 01:33 PM, Vadym Chepkov wrote:
> Hi,
>
> There is a series of nagios plugins which have to record previous call's status in a file.
> For example, check_snmp_uptime. It would record the previous uptime of a monitored server into a bdb file and will generate an ERROR state if during a next call uptime was lower then previous.
> Unfortunately, there is no suitable context for files like that. even nagios_system_plugin_tmp_t doesn't fit the bill.
>
> # ausearch -m avc -ts today
> ----
> time->Thu May 26 07:13:23 2011
> type=SYSCALL msg=audit(1306408403.157:422): arch=40000003 syscall=5 success=yes exit=3 a0=90368a8 a1=80c2 a2=1b6 a3=9026770 items=0 ppid=27717 pid=27718 auid=4294967295 uid=498 gid=493 euid=498 suid=498 fsuid=498 egid=493 sgid=493 fsgid=493 tty=(none) ses=4294967295 comm="check_snmp_upti" exe="/usr/bin/perl" subj=system_u:system_r:nagios_services_plugin_t:s0 key=(null)
> type=AVC msg=audit(1306408403.157:422): avc:  denied  { read write open } for  pid=27718 comm="check_snmp_upti" name="__db.t100" dev=dm-2 ino=379 scontext=system_u:system_r:nagios_services_plugin_t:s0 tcontext=system_u:object_r:nagios_system_plugin_tmp_t:s0 tclass=file
> type=AVC msg=audit(1306408403.157:422): avc:  denied  { create } for  pid=27718 comm="check_snmp_upti" name="__db.t100" scontext=system_u:system_r:nagios_services_plugin_t:s0 tcontext=system_u:object_r:nagios_system_plugin_tmp_t:s0 tclass=file
> type=AVC msg=audit(1306408403.157:422): avc:  denied  { add_name } for  pid=27718 comm="check_snmp_upti" name="__db.t100" scontext=system_u:system_r:nagios_services_plugin_t:s0 tcontext=system_u:object_r:nagios_system_plugin_tmp_t:s0 tclass=dir
> type=AVC msg=audit(1306408403.157:422): avc:  denied  { write } for  pid=27718 comm="check_snmp_upti" name="uptime" dev=dm-2 ino=208 scontext=system_u:system_r:nagios_services_plugin_t:s0 tcontext=system_u:object_r:nagios_system_plugin_tmp_t:s0 tclass=dir
> ----
> time->Thu May 26 07:13:23 2011
> type=SYSCALL msg=audit(1306408403.158:423): arch=40000003 syscall=197 success=yes exit=0 a0=3 a1=bfdab0b0 a2=541ff4 a3=64 items=0 ppid=27717 pid=27718 auid=4294967295 uid=498 gid=493 euid=498 suid=498 fsuid=498 egid=493 sgid=493 fsgid=493 tty=(none) ses=4294967295 comm="check_snmp_upti" exe="/usr/bin/perl" subj=system_u:system_r:nagios_services_plugin_t:s0 key=(null)
> type=AVC msg=audit(1306408403.158:423): avc:  denied  { getattr } for  pid=27718 comm="check_snmp_upti" path="/var/spool/nagios/uptime/__db.t100" dev=dm-2 ino=379 scontext=system_u:system_r:nagios_services_plugin_t:s0 tcontext=system_u:object_r:nagios_system_plugin_tmp_t:s0 tclass=file
> ----
> time->Thu May 26 07:13:23 2011
> type=SYSCALL msg=audit(1306408403.168:424): arch=40000003 syscall=38 success=yes exit=0 a0=93ecf70 a1=90368a8 a2=91b048 a3=64 items=0 ppid=27717 pid=27718 auid=4294967295 uid=498 gid=493 euid=498 suid=498 fsuid=498 egid=493 sgid=493 fsgid=493 tty=(none) ses=4294967295 comm="check_snmp_upti" exe="/usr/bin/perl" subj=system_u:system_r:nagios_services_plugin_t:s0 key=(null)
> type=AVC msg=audit(1306408403.168:424): avc:  denied  { rename } for  pid=27718 comm="check_snmp_upti" name="__db.t100" dev=dm-2 ino=379 scontext=system_u:system_r:nagios_services_plugin_t:s0 tcontext=system_u:object_r:nagios_system_plugin_tmp_t:s0 tclass=file
> type=AVC msg=audit(1306408403.168:424): avc:  denied  { remove_name } for  pid=27718 comm="check_snmp_upti" name="__db.t100" dev=dm-2 ino=379 scontext=system_u:system_r:nagios_services_plugin_t:s0 tcontext=system_u:object_r:nagios_system_plugin_tmp_t:s0 tclass=dir
>
> ----
> time->Thu May 26 07:31:48 2011
> type=SYSCALL msg=audit(1306409508.204:434): arch=40000003 syscall=195 success=yes exit=0 a0=8cb7c68 a1=bfdf8030 a2=423ff4 a3=64 items=0 ppid=28479 pid=28480 auid=4294967295 uid=498 gid=493 euid=498 suid=498 fsuid=498 egid=493 sgid=493 fsgid=493 tty=(none) ses=4294967295 comm="check_snmp_upti" exe="/usr/bin/perl" subj=system_u:system_r:nagios_services_plugin_t:s0 key=(null)
> type=AVC msg=audit(1306409508.204:434): avc:  denied  { getattr } for  pid=28480 comm="check_snmp_upti" path="/var/spool/nagios/uptime/t100" dev=dm-2 ino=379 scontext=system_u:system_r:nagios_services_plugin_t:s0 tcontext=system_u:object_r:nagios_system_plugin_tmp_t:s0 tclass=file
> ----
> time->Thu May 26 07:31:48 2011
> type=SYSCALL msg=audit(1306409508.205:435): arch=40000003 syscall=5 success=yes exit=3 a0=8cb7c68 a1=8002 a2=0 a3=88f5770 items=0 ppid=28479 pid=28480 auid=4294967295 uid=498 gid=493 euid=498 suid=498 fsuid=498 egid=493 sgid=493 fsgid=493 tty=(none) ses=4294967295 comm="check_snmp_upti" exe="/usr/bin/perl" subj=system_u:system_r:nagios_services_plugin_t:s0 key=(null)
> type=AVC msg=audit(1306409508.205:435): avc:  denied  { open } for  pid=28480 comm="check_snmp_upti" name="t100" dev=dm-2 ino=379 scontext=system_u:system_r:nagios_services_plugin_t:s0 tcontext=system_u:object_r:nagios_system_plugin_tmp_t:s0 tclass=file
> type=AVC msg=audit(1306409508.205:435): avc:  denied  { read write } for  pid=28480 comm="check_snmp_upti" name="t100" dev=dm-2 ino=379 scontext=system_u:system_r:nagios_services_plugin_t:s0 tcontext=system_u:object_r:nagios_system_plugin_tmp_t:s0 tclass=file
>
>
> Did I miss a proper context or I should create a new type?
Please open a new bug.
> Thanks,
> Vadym
>
> --
> selinux mailing list
> selinux@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/selinux

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux