asked on
how to solution problem with SELinux in RHEL 5
hi, i'm trying install mysql5 on RHEL5 from rpm and not start a deamon,
when a look a message log I saw somethings like that.
setroubleshoot: SELinux is preventing the /usr/sbin/
mysqld from using potentially mislabeled files (mysql.sock). For complete S
ELinux messages. run sealert -l eaaa4421-5ba8-45ca-9527-90
I don't know how solve this problem. I thinks the problem is for SELinux.
when I saw this sealert -l eaaa4421-5ba8-45ca-9527-90
sealert -l eaaa4421-5ba8-45ca-9527-90
Summary
SELinux is preventing the /usr/sbin/mysqld from using potentially mislabeled
files (mysql.sock).
Detailed Description
SELinux has denied /usr/sbin/mysqld access to potentially mislabeled file(s)
(mysql.sock). This means that SELinux will not allow /usr/sbin/mysqld to
use these files. It is common for users to edit files in their home
directory or tmp directories and then move (mv) them to system directories.
The problem is that the files end up with the wrong file context which
confined applications are not allowed to access.
Allowing Access
If you want /usr/sbin/mysqld to access this files, you need to relabel them
using restorecon -v mysql.sock. You might want to relabel the entire
directory using restorecon -R -v .
Additional Information
Source Context root:system_r:mysqld_t
Target Context root:object_r:tmp_t
Target Objects mysql.sock [ sock_file ]
Affected RPM Packages MySQL-server-community-5.0
[application]
Policy RPM selinux-policy-2.4.6-104.e
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.home_tmp_bad_label
Host Name
Platform Linux 2.6.18-53.el5 #1 SMP
Wed Oct 10 16:34:02 EDT 2007 i686 i686
Alert Count 6
Line Numbers
Raw Audit Messages
avc: denied { create } for comm="mysqld" egid=500 euid=500
exe="/usr/sbin/mysqld" exit=-13 fsgid=500 fsuid=500 gid=500 items=0
name="mysql.sock" pid=19469 scontext=root:system_r:mys
subj=root:system_r:mysqld_
tcontext=root:object_r:tmp
when I run restorecon -v mysql.sock send me a following message
restorecon -R -v mysql.sock
restorecon: error while labeling files under mysql.sock
someboby tell me how to adding a new rule for this in SELinux
regards
when a look a message log I saw somethings like that.
setroubleshoot: SELinux is preventing the /usr/sbin/
mysqld from using potentially mislabeled files (mysql.sock). For complete S
ELinux messages. run sealert -l eaaa4421-5ba8-45ca-9527-90
I don't know how solve this problem. I thinks the problem is for SELinux.
when I saw this sealert -l eaaa4421-5ba8-45ca-9527-90
sealert -l eaaa4421-5ba8-45ca-9527-90
Summary
SELinux is preventing the /usr/sbin/mysqld from using potentially mislabeled
files (mysql.sock).
Detailed Description
SELinux has denied /usr/sbin/mysqld access to potentially mislabeled file(s)
(mysql.sock). This means that SELinux will not allow /usr/sbin/mysqld to
use these files. It is common for users to edit files in their home
directory or tmp directories and then move (mv) them to system directories.
The problem is that the files end up with the wrong file context which
confined applications are not allowed to access.
Allowing Access
If you want /usr/sbin/mysqld to access this files, you need to relabel them
using restorecon -v mysql.sock. You might want to relabel the entire
directory using restorecon -R -v .
Additional Information
Source Context root:system_r:mysqld_t
Target Context root:object_r:tmp_t
Target Objects mysql.sock [ sock_file ]
Affected RPM Packages MySQL-server-community-5.0
[application]
Policy RPM selinux-policy-2.4.6-104.e
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.home_tmp_bad_label
Host Name
Platform Linux 2.6.18-53.el5 #1 SMP
Wed Oct 10 16:34:02 EDT 2007 i686 i686
Alert Count 6
Line Numbers
Raw Audit Messages
avc: denied { create } for comm="mysqld" egid=500 euid=500
exe="/usr/sbin/mysqld" exit=-13 fsgid=500 fsuid=500 gid=500 items=0
name="mysql.sock" pid=19469 scontext=root:system_r:mys
subj=root:system_r:mysqld_
tcontext=root:object_r:tmp
when I run restorecon -v mysql.sock send me a following message
restorecon -R -v mysql.sock
restorecon: error while labeling files under mysql.sock
someboby tell me how to adding a new rule for this in SELinux
regards
Linux DistributionsInstallationMySQL Server
Last Comment
crossfonearg