MySQL and SELinux
Alexander Dalloz
ad+lists at uni-x.org
Wed Dec 29 14:15:22 UTC 2004
Am Mi, den 29.12.2004 schrieb Henry Hartley um 15:04:
> I've just upgraded a machine to FC3 (actually, it's a clean install on a new
> hard drive because the old drive was dying). I thought I had asked for
> MySQL during the install but apparently not. I installed it with yum,
> however, with no problems. The problem is that SELinux and MySQL don't seem
> to be playing nice with each other. If I turn enforcing off (setenforce 0)
> then mysql works fine but if it's on, I get the following:
>
> [root at blackforest ~]# service mysqld start
> Timeout error occurred trying to start MySQL Daemon.
> Starting MySQL: [FAILED]
>
> and in /var/log/messages:
>
> Dec 29 10:06:33 blackforest kernel: audit(1104332793.451:0): avc: denied {
> append } for pid=9353 exe=/usr/libexec/mysqld path=/var/log/mysqld.log
> dev=hda3 ino=81983 scontext=root:system_r:mysqld_t
> tcontext=root:object_r:var_log_t tclass=file
>
> Dec 29 10:06:33 blackforest kernel: audit(1104332793.452:0): avc: denied {
> append } for pid=9353 exe=/usr/libexec/mysqld path=/var/log/mysqld.log
> dev=hda3 ino=81983 scontext=root:system_r:mysqld_t
> tcontext=root:object_r:var_log_t tclass=file
>
> Dec 29 10:06:33 blackforest kernel: audit(1104332793.593:0): avc: denied {
> read } for pid=9353 exe=/usr/libexec/mysqld name=mysql dev=hda3 ino=66398
> scontext=root:system_r:mysqld_t tcontext=root:object_r:var_lib_t
> tclass=lnk_file
>
> Dec 29 10:06:43 blackforest mysqld: Starting MySQL: failed
>
> Is there a good tutorial on setting up linux with SELinux enabled?
> Something with real-world examples would be great. I know it's a little
> early for a useful physical book to have been published but if one exists,
> I'd be interested in that, too. But I'm afraid I need more than just
> theory. Real, specific examples are what I need. Thanks for any pointers
> or suggestions.
> Henry
http://fedora.redhat.com/docs/selinux-faq-fc3/
See bugzilla.redhat.com too. As far as I remember there is a bug report
regarding MySQL + SELinux. Be sure to have all the updates for FC3
installed.
Alexander
--
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.9-1.6_FC2smp
Serendipity 15:12:30 up 6 days, 16:56, load average: 0.46, 0.46, 0.45
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041229/8f9965a3/attachment-0001.sig>
More information about the fedora-list
mailing list