Bug 157500

Summary: avc denied messages for MySQL-5.0.4 beta
Product: [Fedora] Fedora Reporter: Bob Cochran <cochranb>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 3   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: 1.17.30-3.5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-09-05 08:35:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
avc denied messages for MySQL-server 5.0.4 none

Description Bob Cochran 2005-05-12 01:52:13 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.7) Gecko/20050417 Fedora/1.7.7-1.3.1

Description of problem:
When MySQL 5.0.4-server (beta) is installed from the Linux x86 RPMs available at mysql.com, the messages shown in the attachment apparently prevent the mysql_install_db script from executing normally. It is unable to generate the 'mysql' database tables. This in turn prevents the MySQL server from starting up normally. 

Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.17.30-2.96

How reproducible:
Always

Steps to Reproduce:
1. Install Fedora Core 3 with SELinux active (that is, accept the default installation option.)
2. Attempt to install the MySQL-server version 5.0.4 (beta) from Linux x86 RPMs available at mysql.com. 

  

Actual Results:  The MySQL server fails to start normally because the mysql_install_db script failed, and this is due to SELinux intervention.

Expected Results:  MySQL-server (any version) should be permitted to operate normally.

Additional info:

Disabling SELinux oversight of MySQL processes allows the server to start up normally.
Comment 1 Bob Cochran 2005-05-12 01:54:18 UTC 
Created attachment 114276 [details]
avc denied messages for MySQL-server 5.0.4
Comment 2 John Maguire 2005-05-12 11:51:37 UTC 
I am also seeing these errors in /var/log/messages but my situation is slightly
different.  

I am running mysql 4.1.9 and it starts and runs normally (and has been ok for
some time).  I recently did a "yum update" which seems to have installed a new
targeted policy.  Ever since, my logs get flooded (in short bursts of 30
messages or so per second) with the same messages--but mysql seems to be running ok.

System is FC3, selinux-policy-targeted-1.17.30-2.96, and mysql is version 4.1.9.

Any help is appreciated. 

-John
Comment 3 Daniel Walsh 2005-05-12 14:21:44 UTC 
I am building an update selinux-policy-targeted-1.17.30-3.5 which will have this
in it. It will be a testupdate.  This update is attempting to backport Rawhide
policy for the targets in FC3/RHEL4.

Dan