mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add SELinux instructions for systemd monitoring (#14806)

Browse Source
This commit is contained in:
Félix Bouynot
2023-01-25 20:19:46 +01:00
committed by GitHub
parent 08b025c1b8
commit 8d49e72f22
1 changed files with 25 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
doc/Extensions/Applications.md
View File

@@ -2581,7 +2581,31 @@ extend systemd /etc/snmp/systemd.py
}
```
5. Restart snmpd.
5. (Optional) If you have SELinux in Enforcing mode, you must add a module so the script can access systemd state:
```
cat << EOF > snmpd_systemctl.te
module snmpd_systemctl 1.0;
require {
type snmpd_t;
type systemd_systemctl_exec_t;
type init_t;
class file { execute execute_no_trans map open read };
class unix_stream_socket connectto;
class system status;
}
#============= snmpd_t ==============
allow snmpd_t init_t:system status;
allow snmpd_t init_t:unix_stream_socket connectto;
allow snmpd_t systemd_systemctl_exec_t:file { execute execute_no_trans map open read };
EOF
checkmodule -M -m -o snmpd_systemctl.mod snmpd_systemctl.te
semodule_package -o snmpd_systemctl.pp -m snmpd_systemctl.mod
semodule -i snmpd_systemctl.pp
```
6. Restart snmpd.
## TinyDNS aka djbdns