search for: mysqld_db_t

...d mounted the LV on /var/lib/mysql. I then copied with "cp -prZ" all mysql files in /var/lib/mysql.old to /var/lib/mysql. But then I got a selinux problem: # ls -ldZ mysql.old/ mysql drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 mysql drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 mysql.old/ I tried to changed the context on mysql with the following commands: # semanage fcontext -a -t mysqld_db_t "/var/lib/mysql(/.*)?" # restorecon -R -v /var/lib/mysql But the /var/lib/mysql directory didn't take the change as you can see below: # ls -ldZ mysql.old/ mysql...

...en restorecon -R /var/lib/mysql # semanage fcontext -lC SELinux fcontext type Context /home/users(/.*)? all files system_u:object_r:user_home_dir_t:s0 /var/lib/mysql all files system_u:object_r:mysqld_db_t:s0 /var/lib/mysql(/.*)? all files system_u:object_r:mysqld_db_t:s0 SELinux Local fcontext Equivalence ./mysql = ./mysql.old /var/lib/mysql = /var/lib/mysql.old mysql = ./mysql.old On Mon, Oct 23, 2017 at 10:27 AM, James Hogarth <james.hogarth at gmail.com>...

...en restorecon -R /var/lib/mysql # semanage fcontext -lC SELinux fcontext type Context /home/users(/.*)? all files system_u:object_r:user_home_dir_t:s0 /var/lib/mysql all files system_u:object_r:mysqld_db_t:s0 /var/lib/mysql(/.*)? all files system_u:object_r:mysqld_db_t:s0 SELinux Local fcontext Equivalence ./mysql = ./mysql.old /var/lib/mysql = /var/lib/mysql.old mysql = ./mysql.old On Mon, Oct 23, 2017 at 10:27 AM, James Hogarth <james.hogarth at gmail.com>...

...mysql. I then copied with "cp -prZ" all mysql files in > /var/lib/mysql.old to /var/lib/mysql. > > But then I got a selinux problem: > # ls -ldZ mysql.old/ mysql > drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 mysql > drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 mysql.old/ > > I tried to changed the context on mysql with the following commands: > > # semanage fcontext -a -t mysqld_db_t "/var/lib/mysql(/.*)?" > # restorecon -R -v /var/lib/mysql > > But the /var/lib/mysql directory didn't take the change as you can see &...

...sock #!!!! This avc can be allowed using the boolean 'daemons_enable_cluster_mode' allow dovecot_t mysqld_t:unix_stream_socket connectto; What do these 3 comments mean? I don't think I want to restorecon for a socket: # ls -Z /var/lib/mysql -rw-rw----. mysql mysql system_u:object_r:mysqld_db_t:s0 aria_log.00000001 -rw-rw----. mysql mysql system_u:object_r:mysqld_db_t:s0 aria_log_control -rw-rw----. mysql mysql system_u:object_r:mysqld_db_t:s0 ibdata1 -rw-rw----. mysql mysql system_u:object_r:mysqld_db_t:s0 ib_logfile0 -rw-rw----. mysql mysql system_u:object_r:mysqld_db_t:s0 ib_logfile1 d...

Le mardi 25 avril 2017 ? 10:39 +0200, Robert Moskowitz a ?crit : > Thanks Laurent. You obviously know a LOT more about SELinux than I. I > pretty much just use commands and not build policies. So I need some > more information here. > > From what you provided below, how do I determine what is currently in > place and how do I add your stuff (changing postgresql with

Thanks, I managed to fix /var/lib/mysql # ls -ldZ /var/lib/mysql drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 /var/lib/mysql To fix it, I tried: semanage fcontext -d -e /var/lib/mysql this command returned: KeyError: /var/lib/mysql I tried restorecon anyway: restorecon -Rv /var/lib/mysql But not better: ls -ldZ /var/lib/mysql drwxr-xr-x. mysql mysql system_u:object_r:var_lib_t:s0 /var/lib/mysql So I...

On 23 October 2017 at 19:18, Bernard Fay <bernard.fay at gmail.com> wrote: > Thanks, I managed to fix /var/lib/mysql > > # ls -ldZ /var/lib/mysql > drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 /var/lib/mysql > > To fix it, I tried: > semanage fcontext -d -e /var/lib/mysql > this command returned: > KeyError: /var/lib/mysql > I tried restorecon anyway: > restorecon -Rv /var/lib/mysql > But not better: > ls -ldZ /var/lib/mysql > drwxr-xr-x. mysql mysql syst...

...is what they should be when checking matchpathcon: The thing is, because the service is started as unconfined_u, any databases/tables that are created are going to inherit that, and puppet is going to be resetting them. For some more detail, I''ve written something which will set the mysqld_db_t selinux file_context on my data directories which are in /home, and I have a notify which will go and check and re-set the selinux file_context if there are any changes in these directories. They''re set to recurse, so to stop Puppet changing things from unconfined_u to system_u on a r...

...="/" dev=dm-1 ino=2 scontext=user_u:system_r:mysqld_t tcontext=system_u:object_r:home_root_t tclass=dir WHY is mysqld trying to read / when I told it to use /home/mysql ? BTW, here is the security contexts on /home/mysql # ls -laZ /home/ drwxr-xr-x mysql mysql system_u:object_r:mysqld_db_t mysql Can anyone please shed some light on this for me? What exactly is the avc message telling me and how do I fix it? -- Regards, Peter Kiem Zordah IT - IT Consultancy and Internet Services Ph: (0414) 724-766 Fax: (07) 3344-5827 Web: www.zordah.net Email: zordah at zordah.net

Hi, I'm confused, why can root not change context of a directory ? I've moved a mysql dir from /var/lib to another drive. But running sudo chcon -R -t mysqld_t ./mysql Yields a screen full of messages such as chcon: failed to change context of ?schema_table_lock_waits.frm? to ?system_u:object_r:mysqld_t:s0?: Permission denied (and yes, mysql was shut down before the move and is till

...ges such as > > chcon: failed to change context of ?schema_table_lock_waits.frm? to > ?system_u:object_r:mysqld_t:s0?: Permission denied > > (and yes, mysql was shut down before the move and is till shut down). Because mysqld_t is a process type and the proper file context would be mysqld_db_t? Alexander