Selinux issue not solved after setting boolean

Support for security such as Firewalls and securing linux

Selinux issue not solved after setting boolean

Postby sikkalgopal » 2011/11/10 11:38:07

Hi All,

I have installed CentOS6 64bit version with selinux enabled (Enforce mode ). I would like to start mysql service with selinux enabled. In earlier versions of Centos if I run the comamnd, "setsebool -P mysqld_disable_trans=1 allow_user_mysql_connect=1", I can start the mysql.

But in CentOS 6 there are two booleans "allow_user_mysql_connect" and "mysql_connect_any" which are made to off, even mysql is not starting, unless I am setting the selinux to Permissive mode.

Is there any specific command to allow mysql to start, when Selinux is in Enforce mode.

Regards
Gopal
sikkalgopal
 
Posts: 7
Joined: 2006/07/13 06:23:14

Re: Selinux issue not solved after setting boolean

Postby TrevorH » 2011/11/14 09:20:16

MySQL should work out of the box on CentOS 6 with SELinux enabled. So the question is: what changes have you made that are stopping it from working?
User avatar
TrevorH
Forum Moderator
 
Posts: 9166
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Selinux issue not solved after setting boolean

Postby pschaff » 2011/11/14 16:48:21

You can see human-readable reasons for denials with
Code: Select all
audit2why -a


To generate new policy modules use
Code: Select all
audit2allow -a -M <policyname>


If you get not found errors
Code: Select all
yum install policycoreutils-python
pschaff
Retired Moderator
 
Posts: 18277
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America


Return to CentOS 6 - Security Support

Who is online

Users browsing this forum: No registered users and 2 guests