[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: MySQL custom datadir location - other daemons too

From: Florin Andrei <florin andrei myip org>
To: fedora-selinux-list redhat com
Subject: Re: MySQL custom datadir location - other daemons too
Date: Sun, 22 Apr 2007 13:43:06 -0700

Jan-Frode Myklebust wrote:

On 2007-04-21, Florin Andrei <florin andrei myip org> wrote:
# grep /db /etc/fstab
LABEL=/db /db ext3 defcontext=system_u:object_r:var_t:s0 1 2
That doesn't look right to me.. I think you should label it mysqld_db_t,not var_t. mysqld_db_t should mean only mysql will have access to thesefiles and directories, while var_t is much more open. Lots of appsprobably have access to var_t.


# grep /db /etc/fstab
LABEL=/db /db ext3 defcontext=system_u:object_r:mysql_db_t:s0 1 2

# tail -n 1 /var/log/messages

Apr 22 13:38:34 reports kernel: SELinux:security_context_to_sid(system_u:object_r:mysql_db_t:s0) failed for (devsdb1, type ext3) errno=-22


--
Florin Andrei

http://florin.myip.org/

Follow-Ups:
- Re: MySQL custom datadir location - other daemons too
  - From: Jan-Frode Myklebust

References:
- MySQL custom datadir location - other daemons too
  - From: Florin Andrei
- Re: MySQL custom datadir location - other daemons too
  - From: Jan-Frode Myklebust
- Re: MySQL custom datadir location - other daemons too
  - From: Florin Andrei
- Re: MySQL custom datadir location - other daemons too
  - From: Jan-Frode Myklebust

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]