Try something like:
grep zabbix /var/log/audit/audit.log | audit2allow -M zabbix
semodule -i zabbix.pp
On 16/06/15 15:58, Tim Dunphy wrote:
Hey guys,.
I have a centos 7 machine I'm using as a zabbix server. And I noticed that
apache won't start, with this complaint in the error log:
(13)Permission denied: AH00091: httpd: could not open error log file
/var/log/zabbix_error_log.
AH00015: Unable to open logs
I tried having a look at audit2allow and this is the response I get back:
[root@monitor2:/etc/httpd] #grep http /var/log/audit/audit.log | audit2allow
#============= httpd_t ==============
allow httpd_t zabbix_log_t:file open;
How can I turn that bit of information into a rule that allows apache
access to this zabbix log file?
I notice that if I disable selinux using setenfor 0, apache starts up
without complaint. But I would rather not leave it disabled.
Thanks,
Tim
--
regards
Harold Toms
http://iodine.chem.qmul.ac.uk
"Priestley's works... tended to unsettle every thing, and yet settled
nothing."
- Samuel Johnson.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
