Description of problem: rsyslog-mysql can not access mysql databases with
selinux set to enforcing.


Version-Release number of selected component (if applicable):
rsyslog-mysql-2.0.2-1.fc8

How reproducible:
always


Steps to Reproduce:
1. install rsyslog-mysql
2. follow included instructions to configure
3. reload rsyslogd.
  
Actual results:
3 avc denials:
type=AVC msg=audit(1205009327.282:1560): avc:  denied  { name_connect } for 
pid=20518 comm="rsyslogd" dest=3306 scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket

type=AVC msg=audit(1205009327.283:1561): avc:  denied  { getattr } for 
pid=20518 comm="rsyslogd" path="/usr/share/mysql/charsets/Index.xml" dev=dm-0
ino=11534337 scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:usr_t:s0 tclass=file

type=AVC msg=audit(1205009327.283:1562): avc:  denied  { read } for  pid=20518
comm="rsyslogd" name="Index.xml" dev=dm-0 ino=11534337
scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:usr_t:s0
tclass=file


Expected results:
rsyslog would use mysql as a datastore.

Additional info:
problem can be resolved using the following method:
1) set selinux to permissive mod (/usr/sbin/setenforce 0)
2) reload rsyslogds configuration (service rsyslog reload)
3) use audit2allow to generate the right rules (cat /var/log/audit/audit.log |
grep rsyslogd | audit2allow -M MYmod2; /usr/sbin/semodule -i MYmod2.pp)
4) set selinux back to enforcing (/usr/sbin/setenforce 1)