hey friends, .We are developing a web based application for our client.Now the problem we are am facing is that,if the SELinux is on means SELINUX=enforcing and SELINUXTYPE=targeted then we are not able to run our application whereas If we disable the SELinux ,we are able to run our application. We are running our application on Apache with mysql & php. The logs from /var/log/messages are below: Logs when SELinux is on Jul 7 18:01:21 work kernel: audit(1120739481.281:0): avc: denied { write } for pid=3905 exe=/usr/sbin/httpd name=mysql.sock dev=hda5 ino=96038 scontext=user_u:system_r:httpd_t tcontext=user_u:object_r:var_lib_t tclass=sock_file Jul 7 18:01:22 work kernel: audit(1120739482.959:0): avc: denied { write } for pid=3906 exe=/usr/sbin/httpd name=mysql.sock dev=hda5 ino=96038 scontext=user_u:system_r:httpd_t tcontext=user_u:object_r:var_lib_t tclass=sock_file Logs when SELinux is turned off Jul 7 18:01:33 work kernel: audit(1120739493.871:0): avc: granted { setenforce } for pid=4106 exe=/usr/bin/setenforce scontext=root:system_r:unconfined_t tcontext=system_u:object_r:security_t tclass=security Jul 7 18:01:34 work iptables: succeeded Jul 7 18:01:34 work last message repeated 2 times Jul 7 18:01:34 work kernel: ip_tables: (C) 2000-2002 Netfilter core team Jul 7 18:01:34 work kernel: ip_conntrack version 2.1 (4031 buckets, 32248 max) - 356 bytes per conntrack Jul 7 18:01:35 work iptables: succeeded Jul 7 18:01:37 work kernel: audit(1120739497.255:0): avc: denied { write } for pid=2393 exe=/usr/sbin/httpd name=mysql.sock dev=hda5 ino=96038 scontext=user_u:system_r:httpd_t tcontext=user_u:object_r:var_lib_t tclass=sock_file Logs again switching SELinux to on state Jul 7 18:01:37 work kernel: audit(1120739497.255:0): avc: denied { connectto } for pid=2393 exe=/usr/sbin/httpd path=/var/lib/mysql/mysql.sock scontext=user_u:system_r:httpd_t tcontext=user_u:system_r:unconfined_t tclass=unix_stream_socket Can anybody help me in solving this SELinux problem. Thanks & Regards Ankush Grover