mysqld_disable_trans leaves mysqld running as initrc_t?

Stephen Smalley sds at
Thu Dec 8 19:44:37 UTC 2005

On Thu, 2005-12-08 at 14:31 -0500, Chuck Anderson wrote:
> I've disabled SELinux protection of mysqld since it was causing major 
> performance problems.

More information about those performance problems would be of interest.

> This fixed the problem.  However, is mysqld supposed to be running as 
> initrc_t instead of unconfined_t when mysqld_disable_trans is set?

In FC4 and later, yes.  FC4 re-introduced the use of separate initial
domains for system initialization, transitioning later to unconfined_t,
rather than starting the system in unconfined_t as in FC3, which allows
some useful distinctions to be made.  But in targeted policy, initrc.te
contains unconfined_domain(initrc_t), so it still ends up with full

Stephen Smalley
National Security Agency

More information about the fedora-selinux-list mailing list