Florian Apolloner apollo13

## gist:f7befdd8d0a53acb4d4e4f844bc03349
type=AVC msg=audit(1584721279.094:16607): avc:  denied  { getattr } for  pid=23999 comm="mailq" path="pipe:[1306241]" dev="pipefs" ino=1306241 scontext=system_u:system_r:system_mail_t:s0 tcontext=system_u:system_r:icinga2_t:s0 tclass=fifo_file permissive=1
type=SYSCALL msg=audit(1584721279.094:16607): arch=c000003e syscall=5 success=yes exit=0 a0=2 a1=7ffc3df53dd0 a2=7ffc3df53dd0 a3=55763bda4010 items=0 ppid=23998 pid=23999 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="mailq" exe="/usr/sbin/sendmail.postfix" subj=system_u:system_r:system_mail_t:s0 key=(null)ARCH=x86_64 SYSCALL=fstat AUID="unset" UID="icinga" GID="icinga" EUID="icinga" SUID="icinga" FSUID="icinga" EGID="icinga" SGID="icinga" FSGID="icinga"
type=PROCTITLE msg=audit(1584721279.094:16607): proctitle="/usr/bin/mailq"
type=AVC msg=audit(1584721279.111:16608): avc:  denied  { write } for  pid=23999 comm="postqueue" path="pipe:[1306241]" dev="pipefs" ino=1306241 scontext=system

## gist:2e27c6a73b6a451db283d34786605830

type=AVC msg=audit(1584721374.725:16610): avc:  denied  { map } for  pid=24058 comm="check_mailq" path="/usr/bin/perl" dev="dm-0" ino=778301 scontext=system_u:system_r:nagios_mail_plugin_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1
type=AVC msg=audit(1584721374.725:16610): avc:  denied  { execute } for  pid=24058 comm="check_mailq" path="/usr/bin/perl" dev="dm-0" ino=778301 scontext=system_u:system_r:nagios_mail_plugin_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1
type=SYSCALL msg=audit(1584721374.725:16610): arch=c000003e syscall=59 success=yes exit=0 a0=2dabe50 a1=2dac4e0 a2=2dabc90 a3=fffffffffffffa86 items=0 ppid=18028 pid=24058 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="check_mailq" exe="/usr/bin/perl" subj=system_u:system_r:nagios_mail_plugin_t:s0 key=(null)ARCH=x86_64 SYSCALL=execve AUID="unset" UID="icinga" GID="icinga" EUID="icinga" SUID="icinga" FSUID="icinga" EGID="icinga" SGID="ic

## gist:0b949b3a12f36f6d8107a77462c769d0
type=AVC msg=audit(1584721512.261:16623): avc:  denied  { map } for  pid=24196 comm="check_mailq" path="/usr/bin/perl" dev="dm-0" ino=778301 scontext=system_u:system_r:nagios_mail_plugin_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1
type=AVC msg=audit(1584721512.261:16623): avc:  denied  { execute } for  pid=24196 comm="check_mailq" path="/usr/bin/perl" dev="dm-0" ino=778301 scontext=system_u:system_r:nagios_mail_plugin_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1
type=SYSCALL msg=audit(1584721512.261:16623): arch=c000003e syscall=59 success=yes exit=0 a0=2dac4b0 a1=2dac4e0 a2=2dabc90 a3=fffffffffffffa86 items=0 ppid=18028 pid=24196 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="check_mailq" exe="/usr/bin/perl" subj=system_u:system_r:nagios_mail_plugin_t:s0 key=(null)ARCH=x86_64 SYSCALL=execve AUID="unset" UID="icinga" GID="icinga" EUID="icinga" SUID="icinga" FSUID="icinga" EGID="icinga" SGID="ici

## gist:458a7515bba9d474e2cc0279912f2946
job "countdash" {
  datacenters = ["dc1"]

  group "api" {
    network {
      mode = "bridge"
    }

    service {
      name = "count-api"

## traefik.nomad
# Simple example to deploy traefik with consul connect enabled.
# For simplicity the job includes traefik as well as the backend service.
# Please note that traefik currently only supports connect for HTTP.
job "traefik-consul-connect-demo" {
  datacenters = ["dc1"]

  group "edge" {

    network {
      mode = "bridge"
	type=AVC msg=audit(1584721279.094:16607): avc: denied { getattr } for pid=23999 comm="mailq" path="pipe:[1306241]" dev="pipefs" ino=1306241 scontext=system_u:system_r:system_mail_t:s0 tcontext=system_u:system_r:icinga2_t:s0 tclass=fifo_file permissive=1
	type=SYSCALL msg=audit(1584721279.094:16607): arch=c000003e syscall=5 success=yes exit=0 a0=2 a1=7ffc3df53dd0 a2=7ffc3df53dd0 a3=55763bda4010 items=0 ppid=23998 pid=23999 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="mailq" exe="/usr/sbin/sendmail.postfix" subj=system_u:system_r:system_mail_t:s0 key=(null)ARCH=x86_64 SYSCALL=fstat AUID="unset" UID="icinga" GID="icinga" EUID="icinga" SUID="icinga" FSUID="icinga" EGID="icinga" SGID="icinga" FSGID="icinga"
	type=PROCTITLE msg=audit(1584721279.094:16607): proctitle="/usr/bin/mailq"
	type=AVC msg=audit(1584721279.111:16608): avc: denied { write } for pid=23999 comm="postqueue" path="pipe:[1306241]" dev="pipefs" ino=1306241 scontext=system

	type=AVC msg=audit(1584721374.725:16610): avc: denied { map } for pid=24058 comm="check_mailq" path="/usr/bin/perl" dev="dm-0" ino=778301 scontext=system_u:system_r:nagios_mail_plugin_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1
	type=AVC msg=audit(1584721374.725:16610): avc: denied { execute } for pid=24058 comm="check_mailq" path="/usr/bin/perl" dev="dm-0" ino=778301 scontext=system_u:system_r:nagios_mail_plugin_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1
	type=SYSCALL msg=audit(1584721374.725:16610): arch=c000003e syscall=59 success=yes exit=0 a0=2dabe50 a1=2dac4e0 a2=2dabc90 a3=fffffffffffffa86 items=0 ppid=18028 pid=24058 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="check_mailq" exe="/usr/bin/perl" subj=system_u:system_r:nagios_mail_plugin_t:s0 key=(null)ARCH=x86_64 SYSCALL=execve AUID="unset" UID="icinga" GID="icinga" EUID="icinga" SUID="icinga" FSUID="icinga" EGID="icinga" SGID="ic
	type=AVC msg=audit(1584721512.261:16623): avc: denied { map } for pid=24196 comm="check_mailq" path="/usr/bin/perl" dev="dm-0" ino=778301 scontext=system_u:system_r:nagios_mail_plugin_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1
	type=AVC msg=audit(1584721512.261:16623): avc: denied { execute } for pid=24196 comm="check_mailq" path="/usr/bin/perl" dev="dm-0" ino=778301 scontext=system_u:system_r:nagios_mail_plugin_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1
	type=SYSCALL msg=audit(1584721512.261:16623): arch=c000003e syscall=59 success=yes exit=0 a0=2dac4b0 a1=2dac4e0 a2=2dabc90 a3=fffffffffffffa86 items=0 ppid=18028 pid=24196 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="check_mailq" exe="/usr/bin/perl" subj=system_u:system_r:nagios_mail_plugin_t:s0 key=(null)ARCH=x86_64 SYSCALL=execve AUID="unset" UID="icinga" GID="icinga" EUID="icinga" SUID="icinga" FSUID="icinga" EGID="icinga" SGID="ici
	job "countdash" {
	datacenters = ["dc1"]

	group "api" {
	network {
	mode = "bridge"
	}

	service {
	name = "count-api"
	# Simple example to deploy traefik with consul connect enabled.
	# For simplicity the job includes traefik as well as the backend service.
	# Please note that traefik currently only supports connect for HTTP.
	job "traefik-consul-connect-demo" {
	datacenters = ["dc1"]

	group "edge" {

	network {
	mode = "bridge"