On 26/04/17 17:29, Robert Moskowitz wrote:
On 04/26/2017 04:22 AM, Gordon Messmer wrote:
On 04/25/2017 03:25 PM, Robert Moskowitz wrote:
This made the same content as before that caused problems:
I still don't understand, exactly. Are you seeing *new* problems
after installing a policy? What are the problems?
#!!!! The file '/var/lib/mysql/mysql.sock' is mislabeled on your
system.
#!!!! Fix with $ restorecon -R -v /var/lib/mysql/mysql.sock
#!!!! This avc can be allowed using the boolean
'daemons_enable_cluster_mode'
allow dovecot_t mysqld_t:unix_stream_socket connectto;
What do these 3 comments mean?
I'm not sure about the first two. The context you see is the same I
see on the one system where I run mysqld. Running restorecon doesn't
change that context.
As for the latter, it sounds like you should be able to remove your
custom policy and "setsebool -P daemons_enable_cluster_mode 1" to
allow dovecot to connect to mysql.
did not work. it was set off, so I turned it on and tried it out. Got
the same errors:
Apr 26 01:25:45 z9m9z dovecot: dict: Error:
mysql(/var/lib/mysql/mysql.sock): Connect failed to database
(postfix): Can't connect to local MySQL server through socket
'/var/lib/mysql/mysql.sock' (13) - waiting for 1 seconds before retry
Apr 26 01:25:45 z9m9z dovecot: dict: Error: dict sql lookup failed:
Not connected to database
how have you specified your mysql server host? as localhost, 127.0.0.1
or as the hosts IP address? In my experience it needs to be localhost or
127.0.0.1 and these are also defined in /etc/hosts
hth
You would think that the mysql people would have a boolean to allow
specific apps to access the socket.
And document it.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
