PHP cannot connect to mysql server
Stephen Smalley
sds at epoch.ncsc.mil
Wed Nov 10 16:29:57 UTC 2004
On Wed, 2004-11-10 at 11:25, dragoran wrote:
> and how can I add a separte doiman for mysqld ? Sorry I am new to
> selinux....
That was the first option suggested in Dan's initial reply, i.e. add the
mysqld.te file he included in his reply to your policy, reload it, apply
the file labels, and restart mysql. Then mysqld should run in its own
domain (mysqld_t), the socket file should have a distinct type
(mysqld_var_run_t), and you should be able to selectively allow httpd_t
to connect to it without exposing the rest of your system.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list