Selinux prevents the execution of "Zabbix" custom script via sudo
Issue
- Zabbix agent is running a custom script via
sudo. - Selinux prevents the script from running.
- This problem was reflecting on all
Red Hat Enterprise Linux 7systems with Selinux set toenforcingstate & targeted type.
Zabbix configuration folder /etc/zabbix/
drwxr-xr-x. root root system_u:object_r:etc_t:s0 .
drwxr-xr-x. root root system_u:object_r:etc_t:s0 ..
drwx------. zabbix zabbix unconfined_u:object_r:etc_t:s0 scripts
-rw-r--r--. zabbix zabbix system_u:object_r:etc_t:s0 zabbix_agentd.conf
drwxr-xr-x. zabbix zabbix system_u:object_r:etc_t:s0 zabbix_agentd.d
Zabbix scripts /etc/zabbix/scripts/
drwx------. zabbix zabbix unconfined_u:object_r:etc_t:s0 .
-rwxr--r--. zabbix zabbix system_u:object_r:zabbix_script_exec_t:s0 passexp.sh
- It occurs everytime when the script is running.
- Need to know the correct labeling of Zabbix files and creating new selinux module for Zabbix
Environment
Red Hat Enterprise Linux 7.2
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
