mysqld_disable_trans leaves mysqld running as initrc_t?

Chuck Anderson cra at WPI.EDU
Thu Dec 8 19:31:59 UTC 2005


I've disabled SELinux protection of mysqld since it was causing major 
performance problems.  This broke CGI scripts since httpd_script_t 
couldn't connect to the mysql unix domain socket.  audit2allow created 
these rules which I put into local.te:

allow httpd_sys_script_t var_t:dir getattr;
allow httpd_sys_script_t initrc_t:unix_stream_socket connectto;
allow httpd_t initrc_t:unix_stream_socket connectto;

This fixed the problem.  However, is mysqld supposed to be running as 
initrc_t instead of unconfined_t when mysqld_disable_trans is set?




More information about the fedora-selinux-list mailing list