Hi Erik – this is an HP-UX install, rather than any of the Linux family,
so SEL isn’t hurting me but will pursue the permissions angle to see if I
find anything useful and update the list if so.
-Lynn
*From:* Erik [mailto:user-e641b9cfddd7@xymon.invalid]
*Sent:* Wednesday, February 22, 2017 7:47 AM
*To:* xymon at xymon.com; Lynn Osburn <user-fd907411ed25@xymon.invalid>
*Subject:* Re: [Xymon] New 4.3.28 build collecting no data to RRD
I don't think those messages you're seeing are related to your problem. I
have plenty of those same log entries and mine is working fine.
My first question would be permissions. I see your listing of permissions
for the directory, but not the permissions on /opt/xymon/data, /opt/xymon,
and /opt... what are those. If eXecute permissions aren't set on all
parent directories, I don't think other users can read from there.
Also.. is SELinux getting in your way? SELinux used to bite me a lot when
I first stopped disabling it and actually working with it.
Check SELinux Status:
#> getenforce
If it returns "Enforcing".. you'll have some additional work to do:
Set SELinux to "Permissive" mode.. but do NOT leave it like this:
#> setenforce 0
There are better tools for this in RHEL/Centos 7, but this is what I do to
get by in previous versions..
Make note of NUM_OF_LINES in the log file
#> LINES=$(wc -l /var/log/audit/audit.log | awk '{ print $1 }')
Next, run the Xymon GUI through it's paces.. Look at graphs,
enable/disable monitoring, acknowledge alerts, edit critical systems,
everything you can think of..
Then, generate a custom SELinux policy module using the log entries you
generated by running Xymon in permissive mode:
#> sed -n "$(($LINES + 1)),$ p" /var/log/audit/audit.log | audit2allow -M
xymon
Install the new policy module:
#> semodule -i xymon.pp
Restore SELinux to "Enforcing" mode:
#> setenforce 1