Ok, the problem is we have "sudo" running in httpd_t. So if I understand correctly you have CGI script which runs
"/usr/bin/sudo /etc/init.d/icinga reload"
right?
What does
# ls -Z PATHTO_YOUR_SCRIPT
For other reasons I¹ve changed to using Nagios on the server now instead of Icinga but the basic problem remains; Running ³/usr/bin/sudo /etc/init.d/nagios reload² fails
# ls -laZ /var/www/nconf/bin/generate_config.pl -rwxr-xr-x. root root unconfined_u:object_r:httpd_sys_script_exec_t:s0 /var/www/nconf/bin/generate_config.pl
-- Mark Watts Infrastructure Engineer, iSolutions University of Southampton Tel: (02380) 595788 Int: 25788