Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 157500

Summary: avc denied messages for MySQL-5.0.4 beta
Product: [Fedora] Fedora Reporter: Bob Cochran <cochranb>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 3   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: 1.17.30-3.5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-09-05 08:35:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Attachments:
Description Flags
avc denied messages for MySQL-server 5.0.4 none

Description Bob Cochran 2005-05-12 01:52:13 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.7) Gecko/20050417 Fedora/1.7.7-1.3.1

Description of problem:
When MySQL 5.0.4-server (beta) is installed from the Linux x86 RPMs available at mysql.com, the messages shown in the attachment apparently prevent the mysql_install_db script from executing normally. It is unable to generate the 'mysql' database tables. This in turn prevents the MySQL server from starting up normally. 

Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.17.30-2.96

How reproducible:
Always

Steps to Reproduce:
1. Install Fedora Core 3 with SELinux active (that is, accept the default installation option.)
2. Attempt to install the MySQL-server version 5.0.4 (beta) from Linux x86 RPMs available at mysql.com. 

  

Actual Results:  The MySQL server fails to start normally because the mysql_install_db script failed, and this is due to SELinux intervention.

Expected Results:  MySQL-server (any version) should be permitted to operate normally.

Additional info:

Disabling SELinux oversight of MySQL processes allows the server to start up normally.

Comment 1 Bob Cochran 2005-05-12 01:54:18 UTC
Created attachment 114276 [details]
avc denied messages for MySQL-server 5.0.4

Comment 2 John Maguire 2005-05-12 11:51:37 UTC
I am also seeing these errors in /var/log/messages but my situation is slightly
different.  

I am running mysql 4.1.9 and it starts and runs normally (and has been ok for
some time).  I recently did a "yum update" which seems to have installed a new
targeted policy.  Ever since, my logs get flooded (in short bursts of 30
messages or so per second) with the same messages--but mysql seems to be running ok.

System is FC3, selinux-policy-targeted-1.17.30-2.96, and mysql is version 4.1.9.

Any help is appreciated. 

-John



Comment 3 Daniel Walsh 2005-05-12 14:21:44 UTC
I am building an update selinux-policy-targeted-1.17.30-3.5 which will have this
in it. It will be a testupdate.  This update is attempting to backport Rawhide
policy for the targets in FC3/RHEL4.

Dan