Jan-Frode Myklebust wrote:
It seems you're moving /var/lib/mysql to /db/mysql, and the following
new labeling rule should set the right labels for the db:
# Add new labeling rule:
/usr/sbin/semanage fcontext -a -t mysqld_db_t "/db/mysql(/.*)?"
Which files are modified by this command, and will the changes persist
after updates will be released (and applied) for the selinux RPMs?
But, I'm quite uncertain on how to map your tmpdir and basedir. What
Yeah, I'd like to keep tmpdir (originally on /tmp) together with the
datadir, so I'd like to move it, say, to /db/tmp
I guess I should run semanage for /db/tmp as well?
basedir will probably be /db (originally /var/lib) so I'm not sure what
to do. I guess I could actually move /var/lib/mysql to /db/lib/mysql and
change basedir from /var/lib to /db/lib - this might make it simpler to
adapt existing labeling rules to the customized system?
By the way, I figured out the fstab thing. The correct way to do it is:
# grep /db /etc/fstab
LABEL=/db /db ext3 defcontext=system_u:object_r:var_t:s0 1 2
The trailing :s0 appears to be important in this context. But after the
system boots up, I can manually do a "mount /db" even if :s0 is not
appended and it works.
--
Florin Andrei
http://florin.myip.org/
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
