99 Zabbix Agent SeLinux 권한

문제

# cat /etc/centos-release
CentOS Linux release 8.5.2111

# systemctl start zabbix-agent.service
Job for zabbix-agent.service failed because the service did not take the steps required by its unit configuration.
See "systemctl status zabbix-agent.service" and "journalctl -xe" for details.

# tail -f /var/log/zabbix/zabbix_agentd.log
2054669:20250322:064311.552 Starting Zabbix Agent [myhost]. Zabbix 7.2.4 (revision c34078a4563).
2054669:20250322:064311.552 **** Enabled features ****
2054669:20250322:064311.552 IPv6 support:          YES
2054669:20250322:064311.552 TLS support:           YES
2054669:20250322:064311.552 **************************
2054669:20250322:064311.552 using configuration file: /etc/zabbix/zabbix_agentd.conf
2054669:20250322:064311.562 cannot initialize module "zbxpcp.so"
2054669:20250322:064311.562 loading modules failed, exiting...
2054669:20250322:064311.562 Zabbix Agent stopped. Zabbix 7.2.4 (revision c34078a4563).

# journalctl -xe | grep zab
setroubleshoot[2053952]: SELinux is preventing /usr/sbin/zabbix_agentd from name_connect access on the tcp_socket port 44321

1차 시도 - 실패

semanage port -a -t zabbix_agent_port_t -p tcp 44321

2차 시도 - 성공

zabbix_agent_t 컨텍스트 전부 허용

semanage permissive -a zabbix_agent_t