Re: docker-compose & selinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 10/30/2016 02:54 PM, Nikos Roussos wrote:
> On 10/28/2016 02:58 PM, Daniel J Walsh wrote:
>> What AVC's are you seeing?
> Plenty of AVC messages in the form:
>
> type=AVC msg=audit(1477853452.023:1338): avc:  denied  { setattr } for
> pid=23456 comm="chown" name="app_model.MYD" dev="dm-0" ino=10879938
> scontext=system_u:system_r:container_t:s0:c140,c877
> tcontext=system_u:object_r:container_var_lib_t:s0 tclass=file permissive=0
>
> Where app_model is a specific database table. So by plenty I mean I get
> one AVC for each database table of my application (for .MYD|.MYI|.frm)
>
>
> Or similarly:
> sudo docker-compose logs db
>
> db_1 | chown: changing ownership of
> `/var/lib/mysql/project/app_name.MYD': Permission denied
> _______________________________________________
> devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
>
>
Is the mysql directory automatically created via a volume? The problem
is this does not have a private label
associated with the database.  Do you know where on disk the directory
mounted into /var/lib/mysql exists?
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux