Mysql Alert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Guys,
Sorry to keep emailing the group but im determined to crack selinux and not just switch it off :)
I have moved my mysql root to /db01/mysql and have sym linked /var/lib/mysql to there as well just in case any apps still have mysql hard coded to the original location. 

The alert im getting is this:

Summary:

SELinux is preventing /bin/bash "read" access on /var/lib/mysql.

Detailed Description:

SELinux denied access requested by mysqld_safe. It is not expected that this
access is required by mysqld_safe and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                unconfined_u:system_r:mysqld_safe_t:s0
Target Context                system_u:object_r:mysqld_db_t:s0
Target Objects                /var/lib/mysql [ lnk_file ]
Source                        mysqld_safe
Source Path                   /bin/bash
Port                          <Unknown>
Host                          vm-lin-wb01
Source RPM Packages           bash-4.0.35-2.fc12
Target RPM Packages           mysql-server-5.1.41-2.fc12
Policy RPM                    selinux-policy-3.6.32-63.fc12
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     vm-lin-wb01
Platform                      Linux vm-lin-wb01 2.6.31.9-174.fc12.i686.PAE #1
                              SMP Mon Dec 21 06:04:56 UTC 2009 i686 i686
Alert Count                   1
First Seen                    Fri Jan  8 10:06:33 2010
Last Seen                     Fri Jan  8 10:06:33 2010
Local ID                      f35cf4f8-9714-4d41-8f88-310f8cef5425
Line Numbers

Raw Audit Messages
node=vm-lin-wb01 type=AVC msg=audit(1262945193.369:25): avc: denied { read } for pid=1267 comm="mysqld_safe" name="mysql" dev=dm-2 ino=21498 scontext=unconfined_u:system_r:mysqld_safe_t:s0 tcontext=system_u:object_r:mysqld_db_t:s0 tclass=lnk_file
node=vm-lin-wb01 type=SYSCALL msg=audit(1262945193.369:25): arch=40000003 syscall=195 success=no exit=-13 a0=9e04f88 a1=bff7924c a2=b5cff4 a3=9e04f88 items=0 ppid=1227 pid=1267 auid=501 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=2 comm="mysqld_safe" exe="/bin/bash" subj=unconfined_u:system_r:mysqld_safe_t:s0 key=(null)
All the contexts look correct to me, but have i missed something? would be grateful if anyone could point me in the right direction. 

Thanks in advance :)

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux