Hello! On 09/04/2015 02:04 AM, Michael Friedrich wrote: > Did it work without the policies being applied in the first place? If > so, remove the policy for now and file a bug.
Not yet tested, I got fresh install and I applied selinux policy from the instruction [1]. Bad news, the policy can't be remove/disabled. :( $ semodule -ricinga2 libsepol.context_from_record: type icinga2_port_t is not defined (No such file or directory). libsepol.context_from_record: could not create context structure (Invalid argument). libsepol.port_from_record: could not create port structure for range 5665:5665 (tcp) (Invalid argument). libsepol.sepol_port_modify: could not load port range 5665 - 5665 (tcp) (Invalid argument). libsemanage.dbase_policydb_modify: could not modify record value (Invalid argument). libsemanage.semanage_base_merge_components: could not merge local modifications into policy (Invalid argument). semodule: Failed! Should I file a bug? > > Hm. Try to copy those scripts into a different location, and execute > them from over there, e.g. PluginDir. Done, and got scripts execution. I move to /opt/sandbox/<scripts-there> $ ls -ldZ /opt/sandbox/ drwxr-xr-x. icinga icinga unconfined_u:object_r:usr_t:s0 /opt/sandbox/ File conf.d/commands.conf .. [truncated] .. command = [ "/opt/sandbox/mail-service-notification.sh" ] .. [truncated] .. Complete backtrace http://fpaste.org/263308/31029414/raw mail-{service,host}-notification successfully executed on /opt/sandbox. For sure, I leave whatsapp-{service,host}-notification.sh on `/etc/scripts/`. > > Other than that, please show 'ls -lah /etc/icinga2/scripts' just to be > sure. $ ls -ldZ scripts/ drwxr-x---. icinga icinga system_u:object_r:nagios_notification_plugin_exec_t:s0 scripts/ $ ls -lahZ /etc/icinga2/scripts/ | fpaste Uploading (1.0KiB)... http://ur1.ca/nnvg5 -> http://paste.fedoraproject.org/263312/44131053 > > Kind regards, > Michael > [1] https://github.com/Icinga/icinga2/blob/master/doc/99-selinux.md _______________________________________________ icinga-users mailing list icinga-users@lists.icinga.org https://lists.icinga.org/mailman/listinfo/icinga-users
