I wonder why I started to get tons of this kind of *warnings*:
SELinux is preventing /usr/lib/nagios/plugins/check_http "create" access.
Detailed Description [check_imap has a permissive type (nagios_system_plugin_t). This access was not denied.]
SELinux denied access requested by check_http. It is not expected that this access is required by check_http and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
If I remember correctly this started when I did #restorecon /usr/lib/nagios/plugins
BR,
Jouni
#rpm -qi selinux-policy Name : selinux-policy Version : 3.6.32 Release : 66.fc12 ...
On 01/10/2010 12:32 PM, Jouni Viikari wrote:
I wonder why I started to get tons of this kind of *warnings*:
Can you attach the actual AVC denial line. It is on the bottom of the report.
Thank you
SELinux is preventing /usr/lib/nagios/plugins/check_http "create" access.
Detailed Description [check_imap has a permissive type (nagios_system_plugin_t). This access was not denied.]
SELinux denied access requested by check_http. It is not expected that this access is required by check_http and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
If I remember correctly this started when I did #restorecon /usr/lib/nagios/plugins
BR,
Jouni
#rpm -qi selinux-policy Name : selinux-policy Version : 3.6.32 Release : 66.fc12 ...
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
On 01/10/2010 12:32 PM, Jouni Viikari wrote:
I wonder why I started to get tons of this kind of *warnings*:
We have added a new policy for nagios plugins. All domains created by this policy are "permissive domains". So AVC messages are reported, but access is allowed.
SELinux is preventing /usr/lib/nagios/plugins/check_http "create" access.
Detailed Description [check_imap has a permissive type (nagios_system_plugin_t). This access was not denied.]
SELinux denied access requested by check_http. It is not expected that this access is required by check_http and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
If I remember correctly this started when I did #restorecon /usr/lib/nagios/plugins
BR,
Jouni
#rpm -qi selinux-policy Name : selinux-policy Version : 3.6.32 Release : 66.fc12 ...
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Could you send me your '/var/log/audit/audit.log' at mgrepl@redhat.com
Regards, Miroslav
selinux@lists.fedoraproject.org