MySQL and SELinux
Henry Hartley
henryhartley at westat.com
Wed Dec 29 14:04:59 UTC 2004
I've just upgraded a machine to FC3 (actually, it's a clean install on a new
hard drive because the old drive was dying). I thought I had asked for
MySQL during the install but apparently not. I installed it with yum,
however, with no problems. The problem is that SELinux and MySQL don't seem
to be playing nice with each other. If I turn enforcing off (setenforce 0)
then mysql works fine but if it's on, I get the following:
[root at blackforest ~]# service mysqld start
Timeout error occurred trying to start MySQL Daemon.
Starting MySQL: [FAILED]
and in /var/log/messages:
Dec 29 10:06:33 blackforest kernel: audit(1104332793.451:0): avc: denied {
append } for pid=9353 exe=/usr/libexec/mysqld path=/var/log/mysqld.log
dev=hda3 ino=81983 scontext=root:system_r:mysqld_t
tcontext=root:object_r:var_log_t tclass=file
Dec 29 10:06:33 blackforest kernel: audit(1104332793.452:0): avc: denied {
append } for pid=9353 exe=/usr/libexec/mysqld path=/var/log/mysqld.log
dev=hda3 ino=81983 scontext=root:system_r:mysqld_t
tcontext=root:object_r:var_log_t tclass=file
Dec 29 10:06:33 blackforest kernel: audit(1104332793.593:0): avc: denied {
read } for pid=9353 exe=/usr/libexec/mysqld name=mysql dev=hda3 ino=66398
scontext=root:system_r:mysqld_t tcontext=root:object_r:var_lib_t
tclass=lnk_file
Dec 29 10:06:43 blackforest mysqld: Starting MySQL: failed
Is there a good tutorial on setting up linux with SELinux enabled?
Something with real-world examples would be great. I know it's a little
early for a useful physical book to have been published but if one exists,
I'd be interested in that, too. But I'm afraid I need more than just
theory. Real, specific examples are what I need. Thanks for any pointers
or suggestions.
--
Henry
More information about the fedora-list
mailing list