|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] centos mysql problem (fwd)
|
Tom Diehl wrote:
> On Thu, 17 Sep 2009, Sean C. Sheridan wrote:
>
>> Yes Tom,
>>
>>
>> That fixed it:
>>
>>> Are you running with selinux in enforcing?
>> Yes
>>
>> setenforce 0
>>
>> allows the service to start as expected.
>
> Good!!
>
>>
>>
>> Audit log says:
>>
>> type=AVC msg=audit(1253203770.505:128): avc: denied { read } for
>> pid=10483 comm="mysqld" name="librt-2.5.so" dev=dm-0 ino=4846519
>> scontext=user_u:system_r:mysqld_t:s0
>> tcontext=system_u:object_r:file_t:s0 tclass=file
>
> Sorry, I do not know enough about selinux to understand the above.
>
> I would suggest you enable setroubleshoot and run the log entry through
> sealert.
>
> You should see an entry in /var/log/messages that looks something like:
> setroubleshoot: SELinux is preventing the httpd from using potentially mislabeled files /var/cache/samba/gencache.tdb (samba_var_t). For complete SELinux messages. run sealert -l 005bf6fe-17d4-44cf-b9de-5d1643cba5f6
>
> If you run the sealert command the log file gives you, you might get a clue
> what is going on.
>
> Hope this helps,
>
> Regards,
>
Just as a funny aside here but I remember plainly the day in RedHat Cert
class when my instructor went over SELinux. The conversation went
something like "Most places that use SELinux have a dedicated
administrator to make it work. The rest just shut it off."
--
-Linc Fessenden
In the Beginning there was nothing, which exploded - Yeah right...
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|