MySQL 4.1.9 avc denied messages

Robert L Cochran cochranb at speakeasy.net
Thu Jan 20 03:35:16 UTC 2005 

The following "avc denied" messages were recorded after upgrading 
MySQL-client-4.1.8 and MySQL-devel-4.1.8 to the corresponding 4.1.9 
versions. After upgrading these, I additionally installed (for the first 
time) MySQL-server-4.1.9 and MySQL-shared-4.1.9. These are all binary 
x86 RPM packages downloaded from MySQL.com. They are running on a Fedora 
Core 3 system fully updated including the 741 kernel.

My question is: can I fix the problems brought up by these avc denied 
messages by following the same advice given earlier to the poster named 
"dragoran" from 11/10/2004 through 11/16/2004, in several messages with 
the subject line "PHP cannot connect to mysql server?" I wish to allow 
MySQL execute permission.

Any help gratefully accepted.

Thanks!

Bob Cochran
Greenbelt, Maryland

And here are the avc messages:

audit(1106189173.580:0): avc:  denied  { append } for  pid=4051 
exe=/usr/sbin/mysqld path=/var/lib/mysql/rachelsp4.lingpgmr.com.err 
dev=dm-0 ino=3260518 scontext=user_u:system_r:mysqld_t 
tcontext=root:object_r:var_lib_t tclass=file
audit(1106189174.329:0): avc:  denied  { write } for  pid=4051 
exe=/usr/sbin/mysqld name=mysql dev=dm-0 ino=3260470 
scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t 
tclass=dir
audit(1106189174.329:0): avc:  denied  { add_name } for  pid=4051 
exe=/usr/sbin/mysqld name=rachelsp4.lower-test 
scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t 
tclass=dir
audit(1106189174.329:0): avc:  denied  { create } for  pid=4051 
exe=/usr/sbin/mysqld name=rachelsp4.lower-test 
scontext=user_u:system_r:mysqld_t tcontext=user_u:object_r:var_lib_t 
tclass=file
audit(1106189174.408:0): avc:  denied  { remove_name } for  pid=4051 
exe=/usr/sbin/mysqld name=rachelsp4.lower-test dev=dm-0 ino=3260519 
scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t 
tclass=dir
audit(1106189174.408:0): avc:  denied  { unlink } for  pid=4051 
exe=/usr/sbin/mysqld name=rachelsp4.lower-test dev=dm-0 ino=3260519 
scontext=user_u:system_r:mysqld_t tcontext=user_u:object_r:var_lib_t 
tclass=file
audit(1106189174.449:0): avc:  denied  { create } for  pid=4051 
exe=/usr/sbin/mysqld name=mysql.sock scontext=user_u:system_r:mysqld_t 
tcontext=user_u:object_r:var_lib_t tclass=sock_file
audit(1106189174.711:0): avc:  denied  { read write } for  pid=4051 
exe=/usr/sbin/mysqld name=ibdata1 dev=dm-0 ino=3260520 
scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t 
tclass=file
audit(1106189174.711:0): avc:  denied  { lock } for  pid=4051 
exe=/usr/sbin/mysqld path=/var/lib/mysql/ibdata1 dev=dm-0 ino=3260520 
scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t 
tclass=file
audit(1106189175.480:0): avc:  denied  { write } for  pid=4109 
exe=/usr/sbin/mysqld path=/var/lib/mysql/rachelsp4.lingpgmr.com.pid 
dev=dm-0 ino=3260523 scontext=user_u:system_r:mysqld_t 
tcontext=user_u:object_r:var_lib_t tclass=file
audit(1106189175.845:0): avc:  denied  { getattr } for  pid=4051 
exe=/usr/sbin/mysqld path=/var/lib/mysql/mysql/host.MYI dev=dm-0 
ino=3260477 scontext=user_u:system_r:mysqld_t 
tcontext=root:object_r:var_lib_t tclass=file

More information about the fedora-selinux-list mailing list