FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 06-10-2011, 09:12 AM
Hiisi
 
Default SELinux is furious about different mysql db location

Hi, list!
I would like to change default location for MySQL databases. So I
copied /var/lib/mysql to /srv/lib/ and changed datadir variable in
/etc/my.cnf from default /var/lib/mysql to /srv/lib/mysql. Since that
I'm unable to start mysqld service. With every effort I got AVC denial
messages suggesting me to do the following:
# semanage fcontext -a -t FILE_TYPE 'mysql'
where FILE_TYPE is one of the following: mysqld_var_run_t,
mysqld_db_t, tmp_t, mysqld_tmp_t, user_home_t, var_lib_t, var_run_t,
var_log_t, root_t.
Then execute:
restorecon -v 'mysql'
I tried all types of FILE_TYPE without success. I even tried to execute:
grep mysqld /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
With no luck either. What should I do to make this configuration
works? Please do not suggest me to shut down selinux. This machine
runs ssh+ftp+httpd services and has static IP.
TIA
--
Hiisi.
Registered Linux User #487982. Be counted at: http://counter.li.org/
--
Spandex is a privilege, not a right.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 06-10-2011, 09:51 AM
Dave Quigley
 
Default SELinux is furious about different mysql db location

On 6/10/2011 5:12 AM, Hiisi wrote:
> Hi, list!
> I would like to change default location for MySQL databases. So I
> copied /var/lib/mysql to /srv/lib/ and changed datadir variable in
> /etc/my.cnf from default /var/lib/mysql to /srv/lib/mysql. Since that
> I'm unable to start mysqld service. With every effort I got AVC denial
> messages suggesting me to do the following:
> # semanage fcontext -a -t FILE_TYPE 'mysql'
> where FILE_TYPE is one of the following: mysqld_var_run_t,
> mysqld_db_t, tmp_t, mysqld_tmp_t, user_home_t, var_lib_t, var_run_t,
> var_log_t, root_t.
> Then execute:
> restorecon -v 'mysql'
> I tried all types of FILE_TYPE without success. I even tried to execute:
> grep mysqld /var/log/audit/audit.log | audit2allow -M mypol
> # semodule -i mypol.pp
> With no luck either. What should I do to make this configuration
> works? Please do not suggest me to shut down selinux. This machine
> runs ssh+ftp+httpd services and has static IP.
> TIA

Instead of doing the individual semanage commands on each file try this
instead.

semanage fcontext -ae /var/lib/mysql /srv/lib/mysql
restorecon -Rv /srv/lib/mysql

That should tell selinux that /var/lib/mysql and /srv/lib/mysql are to
be treated the same and the restorecon should fix up the labels.

Dave
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 06-10-2011, 10:51 AM
Hiisi
 
Default SELinux is furious about different mysql db location

On 10 June 2011 13:51, Dave Quigley <selinux@davequigley.com> wrote:
> On 6/10/2011 5:12 AM, Hiisi wrote:
<--SNIP-->
>
> Instead of doing the individual semanage commands on each file try this
> instead.
>
> semanage fcontext -ae /var/lib/mysql /srv/lib/mysql
> restorecon -Rv /srv/lib/mysql
>
> That should tell selinux that /var/lib/mysql and /srv/lib/mysql are to
> be treated the same and the restorecon should fix up the labels.
>
> Dave

Thank you, Dave! That did the trick.
--
Hiisi
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 01:53 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org