permission issue with bugzilla
Daniel J Walsh
dwalsh at redhat.com
Mon Dec 3 15:46:23 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ritesh Trivedi wrote:
> Hi,
>
> After accidental reboot of one of our servers, I started getting avc
> denial messages when bugzilla tries to connect to local mysql
> instance.
>
> At first I was seeing httpd_sys_script_ro_t vs httpd_sys_script_t
> denial messages. I fixed that by issuing chcon httpd_sys_script_rw_t
> on the mysql directory. But now I am seeing unix socket denial error
> (see following...)
>
> Any help will be highly appreciated. Also please reply directly to me
> at this email address if possible.
>
> Nov 26 18:05:09 nbprod2 kernel: audit(1196129109.301:3152): avc:
> denied { connectto } for pid=5900 comm="index.cgi" name="mysql.sock"
> scontext=root:system_r:httpd_sys_script_t:s0
> tcontext=root:system_r:unconfined_t:s0-s0:c0.c255
> tclass=unix_stream_socket
You have mysql running ad unconfined_t? It should be running as
mysql_t, if you execute service mysql restart does it fix the problem?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFHVCTPrlYvE4MpobMRAv0EAJ4oO8HfPjfwNEtqRRfzhoEyUtY1eQCguBxw
mlf4XXGOKjIfzHwibvVkbQA=
=HfB/
-----END PGP SIGNATURE-----
More information about the selinux
mailing list