Re: selinux problem with httpd and mysql

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ankush Grover wrote:
.We are developing a web based application for our client.Now the
problem we are am facing is that,if the SELinux is on means
SELINUX=enforcing and SELINUXTYPE=targeted then
we are not able to run our application whereas If we disable the
SELinux ,we are able to run our application.

We are running our application on Apache with mysql & php.

The logs from /var/log/messages are below:

Logs when SELinux is on

Jul  7 18:01:21 work kernel: audit(1120739481.281:0): avc:  denied  {
write } for  pid=3905 exe=/usr/sbin/httpd name=mysql.sock dev=hda5
ino=96038 scontext=user_u:system_r:httpd_t
tcontext=user_u:object_r:var_lib_t tclass=sock_file
Jul  7 18:01:22 work kernel: audit(1120739482.959:0): avc:  denied  {
write } for  pid=3906 exe=/usr/sbin/httpd name=mysql.sock dev=hda5
ino=96038 scontext=user_u:system_r:httpd_t
tcontext=user_u:object_r:var_lib_t tclass=sock_file

Your mysql socket appears to have the wrong context.

On my system, I get:

# ls -lZ /var/lib/mysql/mysql.sock
srwxrwxrwx mysql mysql system_u:object_r:mysqld_var_run_t /var/lib/mysql/mysql.sock

You seem to have a context of user_u:object_r:var_lib_t for this.

Or is your mysql.sock not in the /var/lib/mysql directory? If so, why?

Paul.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux