1259693 – Daemon has bad selinux context

Bug 1259693 - Daemon has bad selinux context

Summary: Daemon has bad selinux context

Keywords:
Status:	CLOSED EOL
Alias:	None
Product:	Red Hat Software Collections
Classification:	Red Hat
Component:	mariadb
Sub Component:
Version:	mariadb55
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Michal Schorm
QA Contact:	qe-baseos-daemons
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-09-03 11:34 UTC by Branislav Blaškovič
Modified:	2017-03-31 15:02 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-03-31 15:02:02 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Branislav Blaškovič 2015-09-03 11:34:53 UTC

Description of problem:
mariadb55 daemon has bad selinux context

Version-Release number of selected component (if applicable):
mariadb55-mariadb-server-5.5.44-1.el7.x86_64

How reproducible:


Steps to Reproduce:
1. Run /CoreOS/mariadb/Sanity/daemon-selinux-context

:: [  BEGIN   ] :: Running 'ps -Z 16793'
LABEL                             PID TTY      STAT   TIME COMMAND
system_u:system_r:unconfined_service_t:s0 16793 ? Sl   0:00 /opt/rh/mariadb55/root/usr/libexec/mysqld --basedir=/opt/rh/mariadb55/root/usr --datadir=/opt/rh/mariadb55/root/var/lib/mysql --plugin-dir=/opt/rh/mariadb55/root/usr/lib64/mysql/plugin --log-error=/var/log/mariadb55-mariadb/mariadb55-mariadb.log --pid-file=/opt/rh/mariadb55/root/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock
:: [   PASS   ] :: Command 'ps -Z 16793' (Expected 0, got 0)
:: [   FAIL   ] :: File '/var/tmp/tmp.qT0G7nAxR8' should contain '(system_u|unconfined_u):system_r:mysqld_t:s0' 

Actual results:
system_u:system_r:unconfined_service_t:s0

Expected results:
(system_u|unconfined_u):system_r:mysqld_t:s0

Additional info:
http://lab-02.rhts.eng.brq.redhat.com/beaker/logs/tasks/33920+/33920521/TESTOUT.log

Comment 2 Honza Horak 2015-09-18 08:02:12 UTC

Fix for this is already applied for rh-mariadb100, for more information see https://bugzilla.redhat.com/show_bug.cgi?id=1172683 and https://bugzilla.redhat.com/show_bug.cgi?id=1202011 or we can try whether SELinuxContext= wouldn't be enough:
http://0pointer.de/public/systemd-man/systemd.exec.html#SELinuxContext=

Comment 4 Joe Orton 2016-10-12 12:52:33 UTC

Red Hat does not currently plan to provide any further changes to this collection in a Red Hat Software Collections update release.

This software collection is nearing the retirement date (October 2016) after which customers are encouraged either to upgrade to a later release or continue on as self-supported without official Red Hat Support.

Please contact Red Hat Support if you have further questions, or refer to the support lifecycle page for more information. https://access.redhat.com/support/policy/updates/rhscl/

Comment 6 Joe Orton 2017-03-31 15:02:02 UTC

In accordance with the Red Hat Software Collections Product Life Cycle, the support period for this collection has ended.

New bug fix, enhancement, and security errata updates, as well as technical support services will no longer be made available for this collection.

Customers are encouraged to upgrade to a later release.

Please contact Red Hat Support if you have further questions, or refer to the support lifecycle page for more information. https://access.redhat.com/support/policy/updates/rhscl/

Note You need to log in before you can comment on or make changes to this bug.