Custom Notification (Slack) Gives curl Exit Code 7

Icinga 2
1

I’m stumped with this one. I thought I would post it here rather than the Modules forum as I actually think it’s Icinga2 / Linux that is the issue and not the module.

I have setup slack notifications (from https://github.com/nisabek/icinga2-slack-notifications) and it looks to be configured fine. However when it goes to send a notification I get the curl terminated with exit code 7, output: curl: (7) Failed to connect to 99.84.183.165: Permission denied error.

When I looked at the logs I can see the notification it is generating which is (obvious bits removed):

 Notification command for object 'example.com website!Certificate' (PID: 11186, arguments: 'sh' '-c' 'curl --fail --connect-timeout 30 --max-time 60 --silent --show-error -X POST --data-urlencode 'payload={"attachments":[{"color":"danger","fallback":"PROBLEM: Service Certificate transitioned from state WARNING to state CRITICAL on host example.com website. Plugin output: ```SSL CRITICAL - Certificate '\''*.example.com'\'' expires in 717 day(s) (2021-05-03 17:25 +0000/UTC).```","fields":[{"short":true,"title":"Host","value":"<https://example.com/icingaweb2/monitoring/host/show?host=example.com website|example.com website>"},{"short":true,"title":"Service","value":"<https://example.com/icingaweb2/monitoring/service/show?host=example.com website&service=Certificate|Certificate>"}],"footer":"Icinga Alerts","text":"```SSL CRITICAL - Certificate '\''*.example.com'\'' expires in 717 day(s) (2021-05-03 17:25 +0000/UTC).```","title":":red_circle: PROBLEM: Service <https://example.com/icingaweb2/monitoring/service/show?host=example.com website&service=Certificate|Certificate> transitioned from state WARNING to state CRITICAL","ts":1558116888.0}],"channel":"@me","username":"Icinga2"}' 'https://hooks.slack.com/services/ABC/123/456789'') terminated with exit code 7, output: curl: (7) Failed to connect to 99.84.183.165: Permission denied

If I take that curl command (note I’m not using the ‘sh -c’ in front of it) and run it on the command line it actually works fine. So the issue is not with Slack but curl somewhere. I knwo exit code 7 is ‘failed to connect with host’ so I’m really a bit stumped. I’m running it on CentOS - could it be something to do with SELinux?

Has anybody got any ideas on this or come across it before?

2

Highly likely, you should also run the command as icinga user, not as root.

Cheers,
Michael

3

Hi Michael,

Thanks for your comment. I have done this running ‘sudo -u icinga’ and it works fine. It appears to only have issues when run from Icinga2.

As an update to this I also tried to setup Pushbullet notifications (which also uses curl) and I get the same error curl: (7) Failed to connect to 172.217.15.115: Permission denied.

Running the notification script as sudo -u icinga works fine.

Further update. Disable SELinux fixes the issue so I’m going to need to find out how to resolve that (as I know little about SELinux). I did apply the Icinga2 SELinux policy when building the box.