On Wed, 5 Jan 2011, Scott Reese wrote: > Since the files aren't where the SELinux policy expects them to be, it > generates denials and Nagios doesn't work.
Denials are caused by incorrect contexts. And contexts are not initialized correctly because files and directories are not at expected places. Missing file context rules can be added with "semanage fcontext" and existing files and directories relabeled with "fixfiles restore". Anyway, the easiest solution would probably be to change the package layout to follow FHS, as expected by the standard policy and its file context rules. > Yury had previously asked if the SELinux policy could be packaged and > shipped with the Nagios RPMs. This is probably something that should be avoided because the policy module needs to be installed separately. RPM does no label new objects correctly if a new policy is installed together with affected packages (this happened several times during the lifetime of RHEL 5). -- Pavel Kankovsky aka Peak / Jeremiah 9:21 \ "For death is come up into our MS Windows(tm)..." \ 21st century edition / _______________________________________________ users mailing list [email protected] http://lists.rpmforge.net/mailman/listinfo/users
