I'm trying to install MySQL 5.6 on Cent OS 7 with SELinux enabled and am trying to get past the error (in /var/log/audit/audit.log):
type=AVC msg=audit(1424111345.853:558): avc: denied { execmem } for pid=1795 comm="mysqld" scontext=system_u:system_r:mysqld_t:s0 tcontext=system_u:system_r:mysqld_t:s0 tclass=process
My install process is fairly simple, in a virutalbox vm I use a CentOS7 iso to install the OS with minimal selected as the installation type.
I then add the mysql yum repository by running: yum install http://ift.tt/1vsxkQ4
Then installing MySQL using: yum install mysql-community-server
Don't see any errors with the install but when trying to run systemctl start mysqld I ultimately get to the SElinux message above.
I took a quick online class on SELinux and came across the audit2allow troubleshooting tool and it tells me that I'm missing a type a type enforcement allow rule. Running audit2allow -a gives me:
#============= mysqld_t ==============
allow mysqld_t self:process execmem;
What's keeping me from moving on to actually creating the module as it's suggesting is simply that I finding it hard to believe that SELinux doesn't have the policy down by now for MySQL to run without having to modify it's config. Have other's had to do this or what have you done to get MySQL running on CentOS 7?
same problem but my error is
RépondreSupprimerype=AVC msg=audit(1446395896.829:12): avc: denied { create } for pid=2491 comm="mysqld" name="mysql-instance-1.sock" scontext=system_u:system_r:mysqld_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=sock_file
type=AVC msg=audit(1446395896.865:13): avc: denied { create } for pid=2487 comm="mysqld" name="mysql-instance-2.sock" scontext=system_u:system_r:mysqld_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=sock_file
how to change /tmp context to solve this problem while the currrent context of
/tmp
ls -ldZ /tmp/
drwxrwxrwt. root root system_u:object_r:tmp_t:s0 /tmp/