mysql with selinux
Daniel J Walsh
dwalsh at redhat.com
Wed Dec 6 21:02:59 UTC 2006
olga at urbantimes.net wrote:
> Hi,
>
> Does anyone know how to configure mysql to work with selinux? I am trying
> to start the server but it fails.
>
> kernel: audit(1165435380.294:368): avc: denied { search } for pid=24423
> comm="mysqld" name="/" dev=cciss/c0d0p1 ino=2
> scontext=user_u:system_r:mysqld_t
> tcontext=system_u:object_r:httpd_sys_content_t tclass=dir
> Dec 6 14:03:30 host1 mysqld: Starting MySQL: failed
>
> Any ideas?
>
> Thank you.
>
> Olga
>
>
This looks like some kind of labeling problem. mysqld should not be
search / which is labeled httpd_sys_content_t.
ls -lZd /
If you need to relabel you should
touch /.autorelabel; reboot
The only thing you should need to do to get apache and mysql working
together is turn on the
httpd_can_network_connect_db boolean.
setsebool -P httpd_can_network_connect_db=1
More information about the fedora-list
mailing list