Thanks, that did it. I had thought I had disabled SELinux earlier for another issue, but apparently I hadn't done it correctly. At any rate, it's working now. Thanks.
Israel On Jul 12, 2006, at 9:02 AM, Marc Powell wrote: > > >> -----Original Message----- >> From: Israel Brewster [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, July 12, 2006 11:12 AM >> To: Tom Brown; Marc Powell >> Cc: nagios-users@lists.sourceforge.net >> Subject: Re: [Nagios-users] Command File error >> > > [chop] > >> >> On Jul 11, 2006 at 8:39 PM, Marc Powell wrote: >> >>> And restarted the web server presumably. That leaves 2 likely >>> possibilities: >>> - one or more of the directories above rw/ are not accessible by >>> your web server user or >>> - you have SELinux enabled and have not allowed http permissions >>> by policy. You can use 'audit2allow -l -i /var/log/messages' to see > if >>> that's the case. >>> >>> I don't use SELinux so I can't provide you with a specific policy. >> >> All directories in the path have read and execute permissions set for >> everybody. Most don't have write permissions, but I wouldn't think >> that would be an issue. Issuing the command you give returns the >> following result: >> >> allow httpd_sys_script_t usr_t:fifo_file getattr; >> allow httpd_sys_script_t usr_t:file write; >> allow unlabeled_t netif_eth0_t:netif rawip_recv; >> >> I don't know anything about SELinux though, so I have no clue if this >> is good, bad, or indifferent. Any thoughts? > > Bad. The first two lines indicate that SELinux is preventing httpd > from > accessing a fifo file (nagios.cmd almost certainly). Grep for > nagios.cmd > in /var/log/messages. You'll certainly see 'avc: denied' messages. > audit2allow presents policy rules that would allow access to things > that > were blocked. Note that they are overly permissive though. You can > either disable SELinux or modify your policy/permissions for > nagios.cmd > to allow access for httpd. There are numerous messages in the archive > about SELinux. > >> >> I also tried changing the permissions on the command file and >> enclosing folder so that anyone could read and write to them, just to >> see if that would fix the issue, but no change. So apparently it >> isn't a permissions issue, at least not directly with the file and >> enclosed folder. > > SELinux permissions are above and beyond normal file system > permissions. > > > -- > Marc > > > ---------------------------------------------------------------------- > --- > Using Tomcat but need to do more? Need to support web services, > security? > Get stuff done quickly with pre-integrated technology to make your > job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache > Geronimo > http://sel.as-us.falkag.net/sel? > cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > Nagios-users mailing list > Nagios-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null