New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[dev.icinga.com #11648] Reload permission error with SELinux #4147
Comments
Updated by mfriedrich on 2016-04-22 08:07:12 +00:00
Sounds like an SELinux issue. @dirk please have look into that, thanks. |
Updated by mfriedrich on 2016-08-09 07:59:39 +00:00
|
Updated by dgoetz on 2016-08-09 10:53:34 +00:00 I need some more input. Can you tell me the operating system version? Your output looks like a none systemd version, so it is not a RHEL 7 derivate or Fedora. For now I think it is RHEL6 with SELinux enabled but we do not provide a policy, so chcon -t icinga2_tmp_t $OUTPUTFILE from safe-reload fails, but except from the output it does not cause any problems. |
Updated by mzac on 2016-08-09 16:17:46 +00:00 You were good on your guess, RHEL 6. Anything else you need? Red Hat Enterprise Linux Server release 6.8 (Santiago)
dirk wrote:
|
Updated by dgoetz on 2016-08-10 07:23:37 +00:00 Ok, so then this is no real issue as it does not cause any problems except from the error message, we should simply silence the command. I will create a patch later. Thanks! |
Updated by dgoetz on 2016-08-15 11:22:52 +00:00
Patch is in a separate branch fix/chcon-11648. @dnsmichi: Can you please review and merge this small fix to 2.5.0? |
Updated by mfriedrich on 2016-08-15 11:32:13 +00:00
|
Updated by mfriedrich on 2016-08-15 11:36:07 +00:00 Thanks merged. |
Updated by dgoetz on 2016-08-15 11:36:11 +00:00
Applied in changeset bc06ff1. |
This issue has been migrated from Redmine: https://dev.icinga.com/issues/11648
Created by mzac on 2016-04-21 13:04:38 +00:00
Assignee: dgoetz
Status: Resolved (closed on 2016-08-15 11:36:11 +00:00)
Target Version: 2.5.0
Last Update: 2016-08-15 11:36:11 +00:00 (in Redmine)
I've noticed that if Icinga2 is started by the root user, then the icinga user tries a reload, there is a permission error thrown:
Changesets
2016-08-15 11:15:56 +00:00 by dgoetz 5e628f0
2016-08-15 11:33:47 +00:00 by dgoetz bc06ff1
The text was updated successfully, but these errors were encountered: