| 1 |
Nagios is not exactly installed, just nrpe is. |
| 2 |
Several audit messages indicate that the checkdisk_plugin has problems, |
| 3 |
from these reports the following settings are derived... |
| 4 |
|
| 5 |
|
| 6 |
---8<--- |
| 7 |
module nagios_nb 1.0; |
| 8 |
|
| 9 |
require { |
| 10 |
type devpts_t; |
| 11 |
type nagios_checkdisk_plugin_t; |
| 12 |
type usbfs_t; |
| 13 |
type boot_t; |
| 14 |
type default_t; |
| 15 |
type sysfs_t; |
| 16 |
type fusefs_t; |
| 17 |
type sysctl_fs_t; |
| 18 |
type samba_share_t; |
| 19 |
type var_t; |
| 20 |
type binfmt_misc_fs_t; |
| 21 |
class dir { getattr search }; |
| 22 |
} |
| 23 |
|
| 24 |
#============= nagios_checkdisk_plugin_t ============== |
| 25 |
allow nagios_checkdisk_plugin_t binfmt_misc_fs_t:dir getattr; |
| 26 |
allow nagios_checkdisk_plugin_t boot_t:dir getattr; |
| 27 |
allow nagios_checkdisk_plugin_t default_t:dir getattr; |
| 28 |
allow nagios_checkdisk_plugin_t devpts_t:dir getattr; |
| 29 |
allow nagios_checkdisk_plugin_t fusefs_t:dir getattr; |
| 30 |
allow nagios_checkdisk_plugin_t samba_share_t:dir getattr; |
| 31 |
allow nagios_checkdisk_plugin_t sysctl_fs_t:dir search; |
| 32 |
allow nagios_checkdisk_plugin_t sysfs_t:dir { getattr search }; |
| 33 |
allow nagios_checkdisk_plugin_t usbfs_t:dir getattr; |
| 34 |
allow nagios_checkdisk_plugin_t var_t:dir getattr; |
Archives