Your agent stops reporting data when using New Relic's PHP agent. The operating system either includes SELinux by default or has been added to the environment for security purposes.
To resolve this issue, use any of these options:
- Configure SELinux to allow New Relic to communicate
With SELinux, you can follow your own security policies to configure a custom policy to allow for communication. This process is outside the scope of New Relic Support, and we cannot make specific recommendations regarding your security configuration. However, the following links provide helpful starting points for learning about SELinux policy creation and modification:
- Set SELinux to permissive mode
This may be used as a temporary measure to verify that SELinux is responsible for data not being reported.
Setting SELinux to permissive mode allows your services to operate without restrictions. The default setting is restored if you restart the server.
To set to permissive mode, use the command:
- Disable SELinux
New Relic does not actively encourage you to disable security software. However, for best results, configure SELinux to allow New Relic to function fully.
If you decide that disabling SELinux is the right decision for your server, use the following steps to permanently disable SELinux:
Edit the SELinux
sysconfigfile using this command:
SELINUX=setting and change it to:
Restart your server in order for the setting to take effect.
The agent's PHP extension and daemon communicate by default through
/tmp/.newrelic.sock (Unix socket). If SELinux is not configured to allow the PHP extension and daemon to communicate, this will prevent these two agent components from communicating with each other when SELinux is set to
In some cases, SELinux can prevent the daemon from starting altogether. Verifying the PHP daemon may be a necessary troubleshooting step when diagnosing SELinux issues.
SELinux is a security software designed to limit the communication of processes on your environment. SELinux is a powerful tool in server security. As such, you should implement and configure it to suit your own server environment.
New Relic does not influence decisions on how to configure your server security or processes you allow to run. We are not responsible for security decisions for your software. You should review your configuration settings to make sure they comply with your own security policies before implementing.