0

I downloaded nrpe-3.2.0.tar.gz and nagios-plugins-2.2.1.tar.gz, extracted, compiled and installed in a RHEL 6.8 64-bit box.

It runs fine when SELinux status is Permissive, but it does not work in Enforcing mode.

I have run a lot of times

grep -e nrpe -e nagios /var/log/audit/audit.log | audit2allow -M nrpe
semodule -i nrpe.pp

but I always get the same error message from the Nagios server:

check_nrpe  -H 10.252.1.212
CHECK_NRPE: Error - Could not complete SSL handshake.

and in the nrpe.log of the node:

[1505198565] is_an_allowed_host (AF_INET): host is in allowed host list!
[1505198565] Host address is in allowed_hosts
[1505198565] Error: (!log_opts) Could not complete SSL handshake with 10.252.1.134: 5
[1505198565] Connection from 10.252.1.134 closed.

I'm aware of the RHEL errata mentioned in this other question but the selinux release installed in my box are:

selinux-policy-targeted-3.7.19-292.el6.noarch
selinux-policy-3.7.19-292.el6.noarch

Can you help me?

P.D: I'm a novice in the use of SELinux.

Jdamian
  • 285
  • 3
  • 19
  • is there anything in the audit.log now? – Tux_DEV_NULL Sep 12 '17 at 07:23
  • @Tux_DEV_NULL, No. There is no new message in audit.log, otherwise the `audit2allow -m` command would report any difference between the current module and the `denied` found in audit.log. – Jdamian Sep 12 '17 at 09:44
  • Then this might not be selinux. When it works in permissive mode, what do you see in check_nrpe output? Did you try with -n option in both cases (with and without selinux)? – Tux_DEV_NULL Sep 12 '17 at 10:37

0 Answers0