service mysql start on Red Hat Enterprise Linux ES release 4 (Nahant)
Michael Halcrow
mike at halcrow.us
Mon Oct 2 12:31:33 MDT 2006
On Mon, Oct 02, 2006 at 06:51:05AM -0600, C. Ed Felt wrote:
> * If I just "reboot" the server, mysql does not start (though it is
> set to start on boot):
> tail /var/log/messages
> Oct 2 07:25:42 mt11 kernel: audit(1159788342.728:0): avc:
> denied { append } for pid=4756 exe=/usr/sbin/mysqld
> path=/var/lib/mysql/mt11.caflo.com.err dev=dm-3 ino=1687799
> scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t
> tclass=file
> Oct 2 07:25:42 mt11 kernel: audit(1159788342.728:0): avc:
> denied { append } for pid=4756 exe=/usr/sbin/mysqld
> path=/var/lib/mysql/mt11.caflo.com.err dev=dm-3 ino=1687799
> scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t
> tclass=file
> Oct 2 07:25:42 mt11 kernel: audit(1159788342.735:0): avc:
> denied { write } for pid=4756 exe=/usr/sbin/mysqld name=mysql
> dev=dm-3 ino=1687745 scontext=user_u:system_r:mysqld_t
> tcontext=root:object_r:var_lib_t tclass=dir
> Oct 2 07:25:42 mt11 kernel: audit(1159788342.766:0): avc:
> denied { read write } for pid=4756 exe=/usr/sbin/mysqld
> name=ibdata1 dev=dm-3 ino=1687800
> scontext=user_u:system_r:mysqld_t tcontext=root:object_r:var_lib_t
> tclass=file
> Oct 2 07:26:17 mt11 lsb_log_message: failed
This really is not a complicated issue to resolve. Just pipe this
through ``audit2allow'' to get allow rules for this failure.
Mike
.___________________________________________________________________.
Michael A. Halcrow
Security Software Engineer, IBM Linux Technology Center
GnuPG Fingerprint: 419C 5B1E 948A FA73 A54C 20F5 DB40 8531 6DCA 8769
The world will end in 5 minutes. Please log out.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
Url : http://plug.org/pipermail/plug/attachments/20061002/c2f9d29b/attachment.bin
More information about the PLUG
mailing list