diff -up ./watchdog.8.rhseldoc ./watchdog.8 --- ./watchdog.8.rhseldoc 2013-02-01 12:15:44.000000000 +0100 +++ ./watchdog.8 2013-11-07 14:22:13.048209132 +0100 @@ -216,6 +216,15 @@ a given interface for traffic. If no tra considered unreachable causing a soft reboot or action from the repair binary. .PP +To start the watchdog when network is available: +.PP +.br +systemctl disable watchdog +.br +systemctl enable NetworkManager-wait-online +.br +systemctl enable watchdog-ping +.PP .B watchdog can run an external command for user-defined tests. A return code not equal 0 means an error occured and watchdog should react. If the external command is killed by an uncaught signal this is considered an error by watchdog @@ -317,6 +326,9 @@ Child process did not return in time. .TP \-10 Free for personal use. +.PP +With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ +for your test-binary configuration. .SH "REPAIR BINARY" The repair binary is started with one parameter: the error number that caused @@ -333,6 +345,9 @@ are using the real-time properties since .B watchdog will wait for the return of this binary before proceeding. +.PP +With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ +for your repair-binary configuration. .SH "TEST DIRECTORY" Executables placed in the test directory are discovered by watchdog on startup and are automatically executed. They are bounded time-wise by @@ -365,6 +380,9 @@ return a non-zero value so the machine w Note that the watchdog daemon may interpret and act upon any of the reserved return codes noted in the Check Binary section prior to calling a given command in "repair" mode. +.SH SELINUX +The directories /etc/watchdog.d/ and /usr/libexec/watchdog/scripts/ are +recognized locations for custom executables. .SH BUGS None known so far. .SH AUTHORS diff -up ./watchdog.conf.5.rhseldoc ./watchdog.conf.5 --- ./watchdog.conf.5.rhseldoc 2013-02-01 12:15:44.000000000 +0100 +++ ./watchdog.conf.5 2013-11-07 14:20:42.027278353 +0100 @@ -97,6 +97,8 @@ interfaces. .TP test-binary = Execute the given binary to do some user defined tests. +With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ +for your test-binary configuration. .TP test-timeout = User defined tests may only run for seconds. Set to 0 for unlimited. @@ -104,6 +106,8 @@ User defined tests may only run for Execute the given binary in case of a problem instead of shutting down the system. +With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ +for your repair-binary configuration. .TP repair-timeout = repair command may only run for seconds. Set to 0 for unlimited. @@ -122,6 +126,7 @@ Set the schedule priority for realtime m .TP test-directory = Set the directory to run user test/repair scripts. Default is '/etc/watchdog.d' +The /etc/watchdog.d/ is recognized by SELinux policy. See the Test Directory section in watchdog(8) for more information. .TP log-dir = diff -up ./watchdog.conf.rhseldoc ./watchdog.conf --- ./watchdog.conf.rhseldoc 2013-02-01 12:15:44.000000000 +0100 +++ ./watchdog.conf 2013-11-07 14:35:49.997934254 +0100 @@ -15,6 +15,8 @@ # To get the real size, check how large the pagesize is on your machine. #min-memory = 1 +# With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ +# or /etc/watchdog.d/ for your test-binary and repair-binary configuration. #repair-binary = /usr/sbin/repair #repair-timeout = #test-binary = @@ -37,6 +39,13 @@ realtime = yes priority = 1 +# When using custom service pid check with custom service +# systemd unit file please be aware the "Requires=" +# does dependent service deactivation. +# Using "Before=watchdog.service" or "Before=watchdog-ping.service" +# in the custom service unit file may be the desired operation instead. +# See man 5 systemd.unit for more details. +# # Check if rsyslogd is still running by enabling the following line #pidfile = /var/run/rsyslogd.pid