mysqld_disable_trans leaves mysqld running as initrc_t?
Chuck Anderson
cra at WPI.EDU
Thu Dec 8 19:31:59 UTC 2005
I've disabled SELinux protection of mysqld since it was causing major
performance problems. This broke CGI scripts since httpd_script_t
couldn't connect to the mysql unix domain socket. audit2allow created
these rules which I put into local.te:
allow httpd_sys_script_t var_t:dir getattr;
allow httpd_sys_script_t initrc_t:unix_stream_socket connectto;
allow httpd_t initrc_t:unix_stream_socket connectto;
This fixed the problem. However, is mysqld supposed to be running as
initrc_t instead of unconfined_t when mysqld_disable_trans is set?
More information about the fedora-selinux-list
mailing list