Hi all,
I'm load balancing 4 mysql databases using HAProxy. The setup seems to be
working pretty well. Except I keep seeing these messages turning up in
syslog:
Mar 12 22:11:31 db1 kernel: [6058125.959624] type=1400
audit(1457820691.824:3029129): avc: denied { name_connect } for pid=801
comm="haproxy" dest=7778 scontext=system_u:system_r:haproxy_t:s0
tcontext=system_u:object_r:interwise_port_t:s0 tclass=tcp_socket
It looks like SELinux is denying haproxy the ability to connect to the
database. I haven't seen any real problems on the site that uses the
database. But I was just wondering if this message looks familiar to
anyone. Or if it looks like something I should try to correct.
I tried grepping through audit.log for haproxy and piping it to audit2why,
but I don't get any useful response back:
[root@db1:~] #grep haproxy /var/log/audit/audit.log | audit2why -M haproxy
Nothing to do
I'm open to your thoughts and opinions!
Thanks,
Tim
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
