Robert L Cochran wrote:
Daniel J Walsh wrote:
restorecon -R -v /usr/lib/mysql
should fix the problem.
Dan
I'm sorry to have taken so long to respond to this. I ran 'restorecon'
as suggested. Unfortunately, I'm still getting 'avc denied' messages
when I restart the computer (e.g. when it shuts down and again when it
starts up). Any suggestions? Here are the messages:
Jan 21 14:32:58 rachelsp4 kernel: audit(1106335978.786:0): avc:
denied { append } for pid=4049 exe=/usr/sbin/mysqld
path=/var/lib/mysql/rachelsp4.lingpgmr.com.err dev=dm-0 ino=3260518
scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t
tclass=file
Jan 21 14:32:59 rachelsp4 kernel: audit(1106335979.125:0): avc:
denied { write } for pid=4049 exe=/usr/sbin/mysqld name=mysql
dev=dm-0 ino=3260470 scontext=user_u:system_r:mysqld_t
tcontext=root:object_r:var_lib_t tclass=dir
Jan 21 14:32:59 rachelsp4 kernel: audit(1106335979.125:0): avc:
denied { add_name } for pid=4049 exe=/usr/sbin/mysqld
name=rachelsp4.lower-test scontext=user_u:system_r:mysqld_t
tcontext=root:object_r:var_lib_t tclass=dir
Jan 21 14:32:59 rachelsp4 kernel: audit(1106335979.125:0): avc:
denied { create } for pid=4049 exe=/usr/sbin/mysqld
name=rachelsp4.lower-test scontext=user_u:system_r:mysqld_t
tcontext=user_u:object_r:var_lib_t tclass=file
Jan 21 14:32:59 rachelsp4 kernel: audit(1106335979.139:0): avc:
denied { remove_name } for pid=4049 exe=/usr/sbin/mysqld
name=rachelsp4.lower-test dev=dm-0 ino=3260519
scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t
tclass=dir
Jan 21 14:32:59 rachelsp4 kernel: audit(1106335979.139:0): avc:
denied { unlink } for pid=4049 exe=/usr/sbin/mysqld
name=rachelsp4.lower-test dev=dm-0 ino=3260519
scontext=user_u:system_r:mysqld_t tcontext=user_u:object_r:var_lib_t
tclass=file
Jan 21 14:32:59 rachelsp4 kernel: audit(1106335979.159:0): avc:
denied { create } for pid=4049 exe=/usr/sbin/mysqld name=mysql.sock
scontext=user_u:system_r:mysqld_t tcontext=user_u:object_r:var_lib_t
tclass=sock_file
Jan 21 14:32:59 rachelsp4 kernel: audit(1106335979.581:0): avc:
denied { read write } for pid=4049 exe=/usr/sbin/mysqld name=ibdata1
dev=dm-0 ino=3260520 scontext=user_u:system_r:mysqld_t
tcontext=root:object_r:var_lib_t tclass=file
Jan 21 14:32:59 rachelsp4 kernel: audit(1106335979.581:0): avc:
denied { lock } for pid=4049 exe=/usr/sbin/mysqld
path=/var/lib/mysql/ibdata1 dev=dm-0 ino=3260520
scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t
tclass=file
Jan 21 14:33:00 rachelsp4 kernel: audit(1106335980.183:0): avc:
denied { write } for pid=4079 exe=/usr/sbin/mysqld
path=/var/lib/mysql/rachelsp4.lingpgmr.com.pid dev=dm-0 ino=3260523
scontext=user_u:system_r:mysqld_t tcontext=user_u:object_r:var_lib_t
tclass=file
Jan 21 14:33:00 rachelsp4 xfs: xfs startup succeeded
Jan 21 14:33:00 rachelsp4 kernel: audit(1106335980.237:0): avc:
denied { getattr } for pid=4049 exe=/usr/sbin/mysqld
path=/var/lib/mysql/mysql/host.MYI dev=dm-0 ino=3260477
scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t
tclass=file
Bob
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
Are you up 2 date on policy.
The latest version is selinux-policy-targeted-1.17.30-2.
/var/lib/mysql should be labeled mysql_db_t
Dan