Closed
Description
SUMMARY
The zabbix_agent role sets permissions that are not default to the rpm being installed. This causes the rpm --verify command to fail. This triggers audit failures in our environment.
ISSUE TYPE
- Bug Report
COMPONENT NAME
community.zabbix.zabbix_agent
OS / ENVIRONMENT / Zabbix Version
Redhat 7&8
Zabbix 7
STEPS TO REPRODUCE
Perform a deploy/update on zabbix_agent with the role. We have an additional task at the end to revert these permissions so we dont fail an audit check.
I can see here that the group is set to zabbix.
EXPECTED RESULTS
I expect rpm --verify to return no results. This only happens when the group of the include folder is root.
ACTUAL RESULTS
ll /etc/zabbix/ | grep zabbix_agent2.d
drwxr-xr-x. 3 root zabbix 4096 Dec 4 12:11 zabbix_agent2.d
rpm --verify --noconfig zabbix-agent2.x86_64
......G.. /etc/zabbix/zabbix_agent2.d