Selinux issue not solved after setting boolean

Support for security such as Firewalls and securing linux
Post Reply
sikkalgopal
Posts: 7
Joined: 2006/07/13 06:23:14
Contact:

Selinux issue not solved after setting boolean

Post by sikkalgopal » 2011/11/10 11:38:07

Hi All,

I have installed CentOS6 64bit version with selinux enabled (Enforce mode ). I would like to start mysql service with selinux enabled. In earlier versions of Centos if I run the comamnd, "setsebool -P mysqld_disable_trans=1 allow_user_mysql_connect=1", I can start the mysql.

But in CentOS 6 there are two booleans "allow_user_mysql_connect" and "mysql_connect_any" which are made to off, even mysql is not starting, unless I am setting the selinux to Permissive mode.

Is there any specific command to allow mysql to start, when Selinux is in Enforce mode.

Regards
Gopal

User avatar
TrevorH
Forum Moderator
Posts: 23871
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Selinux issue not solved after setting boolean

Post by TrevorH » 2011/11/14 09:20:16

MySQL should work out of the box on CentOS 6 with SELinux enabled. So the question is: what changes have you made that are stopping it from working?

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

Re: Selinux issue not solved after setting boolean

Post by pschaff » 2011/11/14 16:48:21

You can see human-readable reasons for denials with[code]audit2why -a[/code]

To generate new policy modules use[code]audit2allow -a -M <policyname>[/code]

If you get not found errors[code]yum install policycoreutils-python[/code]

Post Reply