Ad Widget

Collapse

zabbix server - zabbix_server.log - permission denied

Collapse
This topic has been answered.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Singularity
    Member
    • Aug 2020
    • 81
    #1

    zabbix server - zabbix_server.log - permission denied

    Heads-up:
    1. selinux is set to enforcing
    2. Using redhat 9.4 x86
    3. zabbix 6.4

    Required :
    Change the log file path for zabbix server to /zabbix filesystem

    Problem     :
    When I start/restart zabbix-server, it says "cannot open /zabbix/zabbix_log/zabbix_server.log" [13] Permisson denied

    Changes I did :
    1. zabbix server log path from /var/log/zabbix to /zabbix/zabbix_log/
    2. Executed the commands
    a. setsebool -P httpd_can_network_connect_db on
    b. setsebool -P httpd_can_connect_zabbix on
    c. chown -R zabbix:zabbix /zabbix/zabbix_log
    d. semanage fcontext -a -t zabbix_log_t "/zabbix/zabbix_log(/.*)?"
    e. restorecon -Rv /zabbix/zabbix_log


    FYI :
    I did the same with zabbix agent 2 and it is working ! ( changed log file path, owned the log file and assigned semanage fcontext )
    Last edited by Singularity; 22-05-2024, 10:55.
    Tags: logs, permission denied, selinux, server error
    • Answer selected by Singularity at 24-05-2024, 10:11.
      Singularity
      Member
      • Aug 2020
      • 81
      Originally posted by Singularity
      Heads-up:
      1. selinux is set to enforcing
      2. Using redhat 9.4 x86
      3. zabbix 6.4

      Required :
      Change the log file path for zabbix server to /zabbix filesystem

      Problem       :
      When I start/restart zabbix-server, it says "cannot open /zabbix/zabbix_log/zabbix_server.log" [13] Permisson denied

      Changes I did :
      1. zabbix server log path from /var/log/zabbix to /zabbix/zabbix_log/
      2. Executed the commands
      a. setsebool -P httpd_can_network_connect_db on
      b. setsebool -P httpd_can_connect_zabbix on
      c. chown -R zabbix:zabbix /zabbix/zabbix_log
      d. semanage fcontext -a -t zabbix_log_t "/zabbix/zabbix_log(/.*)?"
      e. restorecon -Rv /zabbix/zabbix_log


      FYI :
      I did the same with zabbix agent 2 and it is working ! ( changed log file path, owned the log file and assigned semanage fcontext )
      With some deep dives, figured out the solution. Execute the following commands:
      1. ausearch -c 'zabbix_server' --raw | audit2allow -M my-zabbixserver
      2. semodule -i my-zabbixserver.pp
      3. systemctl restart zabbix-server
        • Selected Answer

        Comment

        • Singularity
          Member
          • Aug 2020
          • 81
          #2
          Originally posted by Singularity
          Heads-up:
          1. selinux is set to enforcing
          2. Using redhat 9.4 x86
          3. zabbix 6.4

          Required :
          Change the log file path for zabbix server to /zabbix filesystem

          Problem           :
          When I start/restart zabbix-server, it says "cannot open /zabbix/zabbix_log/zabbix_server.log" [13] Permisson denied

          Changes I did :
          1. zabbix server log path from /var/log/zabbix to /zabbix/zabbix_log/
          2. Executed the commands
          a. setsebool -P httpd_can_network_connect_db on
          b. setsebool -P httpd_can_connect_zabbix on
          c. chown -R zabbix:zabbix /zabbix/zabbix_log
          d. semanage fcontext -a -t zabbix_log_t "/zabbix/zabbix_log(/.*)?"
          e. restorecon -Rv /zabbix/zabbix_log


          FYI :
          I did the same with zabbix agent 2 and it is working ! ( changed log file path, owned the log file and assigned semanage fcontext )
          With some deep dives, figured out the solution. Execute the following commands:
          1. ausearch -c 'zabbix_server' --raw | audit2allow -M my-zabbixserver
          2. semodule -i my-zabbixserver.pp
          3. systemctl restart zabbix-server
            • Selected Answer

            Comment

            Previous template Next
            Working...