MySQL's LOAD DATA INFILE statement

Hi, I'm incurring some problems with MySQL and SELinux, and I need help. Running a 64-bit Fedora 12 with mysql-server-5.1.47-2.fc12.x86_64. $ ps -eZ | grep mysqld system_u:system_r:mysqld_safe_t:s0 1321 ? 00:00:00 mysqld_safe system_u:system_r:mysqld_t:s0 1410 ? 00:00:01 mysqld My problem is: it is only possible to use "LOAD DATA INFILE" statement if SELinux is in its permissive state. Strangely, logs below show no avc denial (all I can tell from them is Chinese tried to break into, and last line probably refers to when I added mysql user to some group I created). But statement won't work in enforcing state. Nothing gives me any tip concerning the referred MySQL statement issue. # cat /var/log/audit/audit.log | grep mysql type=USER_LOGIN msg=audit(1305401554.802:34): user pid=2229 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="mysql" exe="/usr/sbin/sshd" hostname=? addr=218.241.236.69 terminal=sshd res=failed' type=USER_LOGIN msg=audit(1305401556.759:36): user pid=2229 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="mysql" exe="/usr/sbin/sshd" hostname=? addr=218.241.236.69 terminal=sshd res=failed' type=USER_LOGIN msg=audit(1305404558.850:1653): user pid=3709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="mysql" exe="/usr/sbin/sshd" hostname=? addr=218.241.236.69 terminal=sshd res=failed' type=USER_LOGIN msg=audit(1305404560.536:1655): user pid=3709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="mysql" exe="/usr/sbin/sshd" hostname=? addr=218.241.236.69 terminal=sshd res=failed' type=USER_LOGIN msg=audit(1305404563.834:1656): user pid=3711 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="mysql" exe="/usr/sbin/sshd" hostname=? addr=218.241.236.69 terminal=sshd res=failed' type=USER_LOGIN msg=audit(1305404566.207:1658): user pid=3711 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="mysql" exe="/usr/sbin/sshd" hostname=? addr=218.241.236.69 terminal=sshd res=failed' type=ADD_GROUP msg=audit(1322849937.081:18): user pid=1989 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:useradd_t:s0-s0:c0.c1023 msg='op=adding group acct="mysql" exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success' Firstly, where could that avc denial be in? And, well, I want to keep SELinux enforcing its policies, except for what is needed in order to make "LOAD DATA INFILE" work. So, what would be the proper way to achieve that? Marcio Barbado, Jr.