On latest Fedora 17 $> rpm -q mysql-server selinux-policy-targeted mysql-server-5.5.21-1.fc17.x86_64 selinux-policy-targeted-3.10.0-95.fc17.noarch $> yum erase mysql-server $> rm -rf /var/lib/mysql $> yum install mysql-server $> systemctl start mysqld.service and in /var/log/messages: Mar 8 08:35:53 zig mysqld-prepare-db-dir[6557]: cd /usr/mysql-test ; perl mysql-test-run.pl Mar 8 08:35:53 zig mysqld-prepare-db-dir[6557]: Please report any problems with the /usr/bin/mysqlbug script! Mar 8 08:35:53 zig kernel: [ 2259.997138] type=1400 audit(1331195753.872:6): avc: denied { read } for pid=6628 comm="mysqld_safe" name="passwd" dev="dm-1" ino=1181848 scontext=system_u:system_r:mysqld_safe_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file Mar 8 08:35:53 zig mysqld_safe[6628]: 120308 08:35:53 mysqld_safe Logging to '/var/log/mysqld.log'. Mar 8 08:35:53 zig mysqld_safe[6628]: 120308 08:35:53 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
$ sesearch -A -s mysqld_safe_t -t passwd_file_t. Found 1 semantic av rules: allow mysqld_safe_t passwd_file_t : file { ioctl read getattr lock open } ; $ rpm -q selinux-policy selinux-policy-3.10.0-97.fc17.noarch
(In reply to comment #0) Possibly unrelated, but --- I don't understand this: > Mar 8 08:35:53 zig mysqld-prepare-db-dir[6557]: cd /usr/mysql-test ; perl mysql-test-run.pl mysqld-prepare-db-dir should not be invoking any such thing.
selinux-policy-3.10.0-103.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/selinux-policy-3.10.0-103.fc17
Package selinux-policy-3.10.0-104.fc17: * should fix your issue, * was pushed to the Fedora 17 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.10.0-104.fc17' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-4248/selinux-policy-3.10.0-104.fc17 then log in and leave karma (feedback).
selinux-policy-3.10.0-104.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.