On Thu, 2011-05-26 at 07:33 -0400, Vadym Chepkov wrote:
Hi,
There is a series of nagios plugins which have to record previous call's status in a file. For example, check_snmp_uptime. It would record the previous uptime of a monitored server into a bdb file and will generate an ERROR state if during a next call uptime was lower then previous. Unfortunately, there is no suitable context for files like that. even nagios_system_plugin_tmp_t doesn't fit the bill.
I guess all (or at least the system and services) plugins should be able to manage nagios_spool_t content:
mkdir ~/mytest; cd ~/mytest; echo "policy_module(mytest, 1.0.0) gen_require(` type nagios_spool_t, nagios_services_plugin_t, nagios_system_plugin_t; ') manage_dirs_pattern({nagios_services_plugin_t nagios_services_plugin_t }, nagios_spool_t, nagios_spool_t) manage_dirs_pattern({nagios_services_plugin_t nagios_services_plugin_t }, nagios_spool_t, nagios_spool_t)" > mytest.te; make -f /usr/share/selinux/devel/Makefile mytest.pp sudo semodule -i mytest.pp sudo restorecon -R -v /var/spool/nagios
See where that gets you.