Read/wright error


#1

Hello Nagios :slight_smile:

I have finished my first instaltion two days back and I thought every thing is normal . In the morning I checked the message log and found ton of read/wright permision errors like this and this was only for ping check commands.

Jul 21 22:03:08 nagios kernel: audit(1216702988.048:263963): avc: denied { read write } for pid=13027 comm=“ping” path="/usr/local/nagios/var/spool/checkresults/checkehZYV1" dev=hda3 ino=5201483 scontext=root:system_r:Ping_t:s0 tcontext=root:object_r:usr_t:s0 tclass=file

Jul 21 22:03:32 nagios kernel: audit(1216703012.212:263964): avc: denied { read write } for pid=13031 comm=“ping” path="/usr/local/nagios/var/spool/checkresults/checkaJbTU8" dev=hda3 ino=5201483 scontext=root:system_r:Ping_t:s0 tcontext=root:object_r:usr_t:s0 tclass=file

Folder permission
drwxr-xr-x 2 nagios nagios 20480 Jul 21 22:13 checkresults

My ping Check command:
$USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5

Aruguments

check_ping!1000.0,40%!3000.0,80%


#2

Should be
drwxrwxr-x 2 nagios nagios 12288 Jul 22 11:55 checkresults


#3

Strides ,

I changed the permission again , but getting the same error when ever ping command execute and not for others commands . Refer the bottom you will find the temp files on the same folder.

drwxrwxr-x 2 nagios nagios 20480 Jul 22 03:48 checkresults
[root@nagios /]# echo ‘’> /var/log/messages
[root@nagios /]# tail -f /var/log/messages

Jul 22 03:50:22 nagios kernel: audit(1216723822.147:264100): avc: denied { read write } for pid=15772 comm=“ping” path="/usr/local/nagios/var/spool/checkresults/checkt6K1Kh" dev=hda3 ino=5201484 scontext=root:system_r:Ping_t:s0 tcontext=root:object_r:usr_t:s0 tclass=file

Note this ,

[root@nagios checkresults]# pwd
/usr/local/nagios/var/spool/checkresults
[root@nagios checkresults]# ls
ceMh2XN check6EaP1C checkAz3xSI checkMBqPpD checkoburbq checkrg0zxk checkxZOrIf cWSSWDD.ok
ceMh2XN.ok check7XEei4 checkg8f0oE checkN6diSb checkpxfnbk checku0orKP cWSSWDD


#4

Check the permissions on /usr/local/nagios/var/spool

drwxrwxr-x 3 nagios nagios 4096 Feb 5 16:43 spool


#5

It is set already as you referred and I am still getting the same error.

drwxrwxr-x 3 nagios nagios 4096 Jul 12 10:15 spool

Thanks


#6

well the only other one to check is /usr/local/nagios/var/ and that should be the same. It’s odd that permissions were wrong only on /usr/local/nagios/var/spool/checkresults though. Have you SELinux and if so is it in permissive mode?


#7

It also have the same permission .
drwxrwxr-x 5 nagios nagios 4096 Jul 22 06:15 var

As I told you early , nagios able to create a temp file on that folder for other commands and only check_ping have this problem.

I am using
[root@nagios nagios]# cat /etc/redhat-release
CentOS release 5 (Final)

Really I am tired on this :frowning:


#8

Have you SELinux and if so is it in permissive mode?


#9

Thank you very much !!

It fixed the problem once I have disabled SElinux.