Summary: SELinux is preventing /bin/mkdir "write" access on /usr/local. Detailed Description: SELinux denied access requested by mkdir. It is not expected that this access is required by mkdir and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context unconfined_u:system_r:mysqld_safe_t:s0 Target Context system_u:object_r:usr_t:s0 Target Objects /usr/local [ dir ] Source mkdir Source Path /bin/mkdir Port <Unknown> Host (removed) Source RPM Packages coreutils-8.4-6.fc13 Target RPM Packages filesystem-2.4.31-1.fc13 Policy RPM selinux-policy-3.7.19-21.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.33.5-112.fc13.x86_64 #1 SMP Thu May 27 02:28:31 UTC 2010 x86_64 x86_64 Alert Count 9 First Seen Fri 04 Jun 2010 06:42:33 BST Last Seen Fri 04 Jun 2010 17:00:34 BST Local ID c30458c0-5c96-4a38-8da9-da1ee5d6944b Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1275667234.593:128): avc: denied { write } for pid=31105 comm="mkdir" name="local" dev=sda2 ino=23068724 scontext=unconfined_u:system_r:mysqld_safe_t:s0 tcontext=system_u:object_r:usr_t:s0 tclass=dir node=(removed) type=SYSCALL msg=audit(1275667234.593:128): arch=c000003e syscall=83 success=no exit=-13 a0=7fff036bbf72 a1=1ff a2=7fff036bbf72 a3=a items=0 ppid=31047 pid=31105 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="mkdir" exe="/bin/mkdir" subj=unconfined_u:system_r:mysqld_safe_t:s0 key=(null) Hash String generated from catchall,mkdir,mysqld_safe_t,usr_t,dir,write audit2allow suggests: #============= mysqld_safe_t ============== #!!!! The source type 'mysqld_safe_t' can write to a 'dir' of the following types: # var_log_t, mysqld_var_run_t, mysqld_db_t, root_t allow mysqld_safe_t usr_t:dir write;
This looks like local customization. Any idea what directory mysql startup script is attempting to make?