Bug 863648
| Summary: | Munin bind9 plugin prevented to save state by selinux | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora EPEL | Reporter: | info | ||||
| Component: | munin | Assignee: | Kevin Fenzi <kevin> | ||||
| Status: | CLOSED INSUFFICIENT_DATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | el6 | CC: | drjohnson1, info, ingvar, kevin | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | i686 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2015-03-07 04:34:39 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Can you verify using munin-2.0.19-1.el6 and selinux-policy-targeted-3.7.19-231.el6.noarch (or newer) ? This may have been resolved long ago, just need to confirm. The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |
Created attachment 622671 [details] audit2allow created .te file Description of problem: Munin bind9 plugin is prevented to save state in /var/lib/munin/plugin-state by selinux. Version-Release number of selected component (if applicable): 2.0.6-2 How reproducible: Always. Steps to Reproduce: 1. yum install munin-node 2. ln -s /usr/share/munin/plugins/bind9 /etc/munin/plugins/bind9 3. service munin-node restart Actual results: # tail /var/log/munin/munin-node.log Error output from bind9: Cannot open state file at /etc/munin/plugins/bind9 line 66. Expected results: No error reported by munin-node. Additional info, installed munin and selinux packages: munin-common-2.0.6-2.el6.noarch munin-node-2.0.6-2.el6.noarch libselinux-utils-2.0.94-5.3.el6.i686 selinux-policy-targeted-3.7.19-155.el6_3.4.noarch libselinux-python-2.0.94-5.3.el6.i686 libselinux-2.0.94-5.3.el6.i686 selinux-policy-3.7.19-155.el6_3.4.noarch I'm attaching a TE file created by audit2allow which seems to fix the issue. As I'm total noob to selinux, I don't know if I should have done something else, because other state files are created okay, only bind9 was denied.