On Thu, 2012-07-12 at 10:35 +0100, John Horne wrote: Hello,
Sorry, but this turned out to be an SELinux problem. 'fping' is denied write access to files in the ~/server/tmp directory on the Xymon server. However, fping records its results in that directory, and Xymon looks at them to see if a client is alive or not. Since there were no results, because of SELinux, Xymon figured that all the clients were down.
I have created a local SELinux policy to allow writes for fping and that seems to work. (I have rebooted the Xymon server and it didn't show any red ping/conn tests.)
The clients don't use 'fping' so they don't have this problem.
Why did restarting the Xymon service (not the server) allow the tests to turn green? Not sure.
SELinux policies distinguish between appending, writing, and seeking in many cases. I don't recall the details, but I remember needing to futz with different policies to figure out what was going on as well. Was anything interesting going on in the audit logs at the time?
-jc