Summary: SELinux is preventing rm (mysqld_safe_t) "write" mysqld_var_run_t. Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux denied access requested by rm. It is not expected that this access is required by rm and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:mysqld_safe_t:s0 Target Context system_u:object_r:mysqld_var_run_t:s0 Target Objects /var/run/mysqld [ dir ] Source rm Source Path /bin/rm Port <Unknown> Host (removed) Source RPM Packages coreutils-7.2-1.fc11 Target RPM Packages mysql-server-5.1.35-1.fc11 Policy RPM selinux-policy-3.6.12-53.fc11 Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.29.5-191.fc11.x86_64 #1 SMP Tue Jun 16 23:23:21 EDT 2009 x86_64 x86_64 Alert Count 3 First Seen Mon 06 Jul 2009 04:46:34 PM MDT Last Seen Mon 06 Jul 2009 04:46:34 PM MDT Local ID 57fc226d-9ed3-4ae5-b3e7-e961fc6be198 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1246920394.822:29539): avc: denied { write } for pid=2432 comm="rm" name="mysqld" dev=dm-1 ino=130826 scontext=system_u:system_r:mysqld_safe_t:s0 tcontext=system_u:object_r:mysqld_var_run_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1246920394.822:29539): avc: denied { remove_name } for pid=2432 comm="rm" name="mysqld.pid" dev=dm-1 ino=223015 scontext=system_u:system_r:mysqld_safe_t:s0 tcontext=system_u:object_r:mysqld_var_run_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1246920394.822:29539): avc: denied { unlink } for pid=2432 comm="rm" name="mysqld.pid" dev=dm-1 ino=223015 scontext=system_u:system_r:mysqld_safe_t:s0 tcontext=system_u:object_r:mysqld_var_run_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1246920394.822:29539): arch=c000003e syscall=263 success=yes exit=0 a0=ffffffffffffff9c a1=7fff820dcf6f a2=0 a3=7fff820db280 items=0 ppid=31945 pid=2432 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="rm" exe="/bin/rm" subj=system_u:system_r:mysqld_safe_t:s0 key=(null) Hash String generated from selinux-policy-3.6.12-53.fc11,catchall,rm,mysqld_safe_t,mysqld_var_run_t,dir,write audit2allow suggests: #============= mysqld_safe_t ============== allow mysqld_safe_t mysqld_var_run_t:dir { write remove_name }; allow mysqld_safe_t mysqld_var_run_t:file unlink;
*** This bug has been marked as a duplicate of bug 545426 ***