Why do I still get AVC access denied for nrpe when nagios_run_sudo boolean is set active?

Solution Verified - Updated -

Issue

  • Nagios executing as "nrpe_t" cannot execute sudo even after enabling "nagios_run_sudo" boolean

  • SELINUX in enforcing mode denies nrpe account from executing iptables as sudo.

  • Audit logs show AVC denials for scontext : nrpe_t -> tcontext: nrpe_t access using sudo.

    type=PROCTITLE msg=audit(11/10/2024 22:08:08.916:7112) : proctitle=/usr/bin/sudo -n <Path of script file>
type=AVC msg=audit(11/10/2024 22:08:08.916:7112) : avc:  denied  { create } for  pid=102824 comm=sudo scontext=system_u:system_r:nrpe_t:s0 tcontext=system_u:system_r:nrpe_t:s0 tclass=netlink_audit_socket permissive=1

Environment

  • Red Hat Enterprise Linux 8.10

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content