[Xymon] xymon server "could not load hostdata" issue
Iain M. Conochie
iain at shihad.org
Fri Jun 27 16:56:54 CEST 2014
Looks like selinux is denying the request.
On June 27, 2014 2:22:35 PM GMT+01:00, mania bogdan <bogymel at yahoo.com> wrote:
>Hi,
>
>Thank you for the quick response.
>
>@Paul: nothing seems to be wrong with Apache, I played with the
>configuration to no avail. I'm attaching it for reference.
>
>@JC: It seems xymon daemon is running ok, no errors in xymond.log. I
>can connect to the server on port 1984 both locally and remote. xymon
>10.106.50.129 ping command returns the server version.
>
>In audit.log I have this:
>
>type=SYSCALL msg=audit(1403874936.111:817): arch=c000003e syscall=42
>success=no exit=-13 a0=3 a1=7fff0a176f60 a2=10 a3=1999999999999999
>items=0 ppid=18345 pid=18518 auid=500 uid=48 gid=48 euid=48 suid=48
>fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=1 comm="svcstatus.cgi"
>exe="/usr/libexec/xymon/svcstatus.cgi"
>subj=unconfined_u:system_r:httpd_sys_script_t:s0 key=(null)
>type=AVC msg=audit(1403874966.329:820): avc: denied { name_connect }
>for pid=18645 comm="svcstatus.cgi" dest=1984
>scontext=unconfined_u:system_r:httpd_sys_script_t:s0
>tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket
>
>I need to mention however that I installed xymon from a custom repo
>found online because, well, I was lazy to build from source :)
>
>Thanks.
>
>
>
>
>On Friday, June 27, 2014 1:09 PM, J.C. Cleaver <cleaver at terabithia.org>
>wrote:
>
>
>
>It seems like both xymonnet and the svcstatus.sh CGI are having
>problems
>communicating back with xymond.
>
>First step, can you verify that xymond is in fact up and running OK? Is
>there any error output in xymond.log?
>
>Based on the logs below, it seems 10.106.50.129 the server's own
>XYMONSERVER IP address? If so, can you connect locally on port 1984 to
>it?
>Or run 'xymon 10.106.50.129 ping' from the command line?
>
>For svcstatus.sh, do you see any possible SELinux errors in
>/var/log/audit/audit.log indicated blocks?
>
>
>HTH,
>
>-jc
>
>
>
>On Fri, June 27, 2014 2:06 am, mania bogdan wrote:
>> Hi,
>>
>> I'm facing an issue with the xymon server.
>>
>> I have setup a fresh installation of xymon 4.3.17 on a RHEL 6 box. I
>have
>> only the server defined in hosts.cfg. The main page displays ok, but
>when
>> I click on a "smiley" it just shows "Cannot load host configuration".
>In
>> the xymonnet.log I get the following:
>>
>> 2014-06-27 04:24:51 -> Could not connect to Xymon
>> daemon at 10.106.50.129:1984 (Connection refused)
>> 2014-06-27 04:24:51 -> Recipient '10.106.50.129', timeout 15
>> 2014-06-27 04:24:51 -> 1st line: 'extcombo 2000 2291 2617'
>>
>> I also get this in the Apache error_log:
>>
>> [Fri Jun 27 05:01:01 2014] [error] [client 10.106.0.214] 2014-06-27
>> 05:01:01 , referer:
>>
>http://watchdog.stage.ppaws.net/xymon-cgi/svcstatus.sh?HOST=watchdog.stage.ppaws.net&SERVICE=conn
>> [Fri Jun 27 05:01:01 2014] [error] [client 10.106.0.214] -> connect
>to
>> Xymon daemon at 10.106.50.129:1984 failed (Permission denied), referer:
>>
>http://watchdog.stage.ppaws.net/xymon-cgi/svcstatus.sh?HOST=watchdog.stage.ppaws.net&SERVICE=conn
>>
>> [Fri Jun 27 05:03:31 2014] [error] [client 10.106.0.214] 2014-06-27
>> 05:03:31 , referer:
>>
>http://watchdog.stage.ppaws.net/xymon-cgi/svcstatus.sh?HOST=watchdog.stage.ppaws.net&SERVICE=conn
>> [Fri Jun 27 05:03:31 2014] [error] [client 10.106.0.214] ->
> Recipient
>> '10.106.50.129', timeout 15, referer:
>>
>http://watchdog.stage.ppaws.net/xymon-cgi/svcstatus.sh?HOST=watchdog.stage.ppaws.net&SERVICE=conn
>> [Fri Jun 27 05:03:31 2014] [error] [client 10.106.0.214] 2014-06-27
>> 05:03:31 , referer:
>>
>http://watchdog.stage.ppaws.net/xymon-cgi/svcstatus.sh?HOST=watchdog.stage.ppaws.net&SERVICE=conn
>> [Fri Jun 27 05:03:31 2014] [error] [client 10.106.0.214] -> 1st
>line:
>> 'hostinfo clone=watchdog.stage.ppaws.net', referer:
>>
>http://watchdog.stage.ppaws.net/xymon-cgi/svcstatus.sh?HOST=watchdog.stage.ppaws.net&SERVICE=conn
>> [Fri Jun 27 05:03:31 2014] [error] [client 10.106.0.214] 2014-06-27
>> 05:03:31 , referer:
>>
>http://watchdog.stage.ppaws.net/xymon-cgi/svcstatus.sh?HOST=watchdog.stage.ppaws.net&SERVICE=conn
>>
>>
>> I have setup the host in /etc/hosts file, the name is resolvable, the
>1984
>> port is opened and accepting connections. The only solution I could
>find
>> online was to restart the server but that didn't help.
>>
>> I'm fairly new to xymon, so if I missed something and if any
>additional
>> info is required I'll be happy to provide.
>>
>> Thanks._______________________________________________
>> Xymon mailing list
>> Xymon at xymon.com
>> http://lists.xymon.com/mailman/listinfo/xymon
>
>>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Xymon mailing list
>Xymon at xymon.com
>http://lists.xymon.com/mailman/listinfo/xymon
--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20140627/5aa29692/attachment.html>
More information about the Xymon
mailing list