I've disabled SELinux protection of mysqld since it was causing major
performance problems. This broke CGI scripts since httpd_script_t
couldn't connect to the mysql unix domain socket. audit2allow created
these rules which I put into local.te:
allow httpd_sys_script_t var_t:dir getattr;
allow httpd_sys_script_t initrc_t:unix_stream_socket connectto;
allow httpd_t initrc_t:unix_stream_socket connectto;
This fixed the problem. However, is mysqld supposed to be running as
initrc_t instead of unconfined_t when mysqld_disable_trans is set?