Configure SELinux to allow Nagios publickey auth
Nagios is a tool for monitoring servers. In a security-minded environment, you need to make allowances for nagios. It operates over ssh using a public key, which SELinux doesn't like. One problem that can occur is that the ~nagios/.ssh/authorized_keys file will not have the right selinux context. Fix that with
semanage fcontext -a -t "ssh_home_t" "/var/spool/nagios(/.*)?"
restorecon -RvF /var/spool/nagios
This will make a new rule in selinux for that directory to have a regular ssh- homedir context, so public keys will work properly. If nagios cannot connect passwordlessly, it will throw fits.
Comments