Red Hat Bugzilla – Bug 813585
SELinux is preventing rm from 'unlink' accesses on the lnk_file /var/lib/mysql/mysql.sock.
Last modified: 2012-06-22 09:37:59 EDT
libreport version: 2.0.8 executable: /usr/bin/python hashmarkername: setroubleshoot kernel: 3.3.0-4.fc16.i686 reason: SELinux is preventing rm from 'unlink' accesses on the lnk_file /var/lib/mysql/mysql.sock. time: Ср. 18 апр. 2012 04:43:14 description: :SELinux is preventing rm from 'unlink' accesses on the lnk_file /var/lib/mysql/mysql.sock. : :***** Plugin catchall (100. confidence) suggests *************************** : :If you believe that rm should be allowed unlink access on the mysql.sock lnk_file by default. :Then you should report this as a bug. :You can generate a local policy module to allow this access. :Do :allow this access for now by executing: :# grep rm /var/log/audit/audit.log | audit2allow -M mypol :# semodule -i mypol.pp : :Additional Information: :Source Context system_u:system_r:mysqld_safe_t:s0 :Target Context unconfined_u:object_r:mysqld_db_t:s0 :Target Objects /var/lib/mysql/mysql.sock [ lnk_file ] :Source rm :Source Path rm :Port <Неизвестно> :Host (removed) :Source RPM Packages :Target RPM Packages :Policy RPM selinux-policy-3.10.0-75.fc16 :Selinux Enabled True :Policy Type targeted :Enforcing Mode Enforcing :Host Name (removed) :Platform Linux (removed) 3.3.0-4.fc16.i686 #1 : SMP Tue Mar 20 18:45:14 UTC 2012 i686 i686 :Alert Count 90 :First Seen Ср. 18 апр. 2012 02:09:13 :Last Seen Ср. 18 апр. 2012 04:39:59 :Local ID 85413a16-e96f-4d2a-857a-8dd960829946 : :Raw Audit Messages :type=AVC msg=audit(1334709599.658:522): avc: denied { unlink } for pid=32525 comm="rm" name="mysql.sock" dev="sda2" ino=183350 scontext=system_u:system_r:mysqld_safe_t:s0 tcontext=unconfined_u:object_r:mysqld_db_t:s0 tclass=lnk_file : : :Hash: rm,mysqld_safe_t,mysqld_db_t,lnk_file,unlink : :audit2allow : :#============= mysqld_safe_t ============== :allow mysqld_safe_t mysqld_db_t:lnk_file unlink; : :audit2allow -R : :#============= mysqld_safe_t ============== :allow mysqld_safe_t mysqld_db_t:lnk_file unlink; :
How did you get this? I see $ ls -lZ /var/lib/mysql/ srwxrwxrwx. mysql mysql system_u:object_r:mysqld_var_run_t:s0 mysql.sock
[root@localhost mysql]# ls -lZ /var/lib/mysql -rw-rw----. mysql mysql unconfined_u:object_r:mysqld_db_t:s0 ibdata1 -rw-rw----. mysql mysql unconfined_u:object_r:mysqld_db_t:s0 ib_logfile0 -rw-rw----. mysql mysql unconfined_u:object_r:mysqld_db_t:s0 ib_logfile1 -rw-rw----. mysql mysql system_u:object_r:mysqld_db_t:s0 localhost.localdomain.err -rw-rw----. mysql mysql unconfined_u:object_r:mysqld_db_t:s0 localhost.pid -rw-r--r--. root root unconfined_u:object_r:mysqld_db_t:s0 mypol.mod -rw-r--r--. root root unconfined_u:object_r:mysqld_db_t:s0 mypol.te drwx------. mysql root unconfined_u:object_r:mysqld_db_t:s0 mysql -rw-r--r--. root root unconfined_u:object_r:mysqld_db_t:s0 mysql.sock drwx------. root root unconfined_u:object_r:mysqld_db_t:s0 performance_schema drwx------. mysql root unconfined_u:object_r:mysqld_db_t:s0 test problem is kept! ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111)
Ok, could you try to run $ systemctl stop mysqld.service then the socket should not exist and then run $ systemctl start mysqld.service
Please reopen if this is still issue.