Larry, You are welcome.
If you want to create the selinux policy from your audit.log, you can check the instruction from this post: http://www.lefred.be/?q=node/129 Cheers, On Mon, 2012-02-06 at 14:54 -0700, Larry Martell wrote: > 2012/2/6 Frédéric Descamps <lef...@percona.com>: > > Hi, > > > > check your audit.log if you have selinux enabled > > Ah, thanks for mentioning this. I didn't even think of that. Sure > enough, if I disabled selinux, it worked. Now I have to figure out why > it's failing under selinux. In the audit log I see these messages when > I try and start it: > > type=AVC msg=audit(1328563688.649:3999): avc: denied { write } for > pid=25344 comm="touch" name="mysql.err" dev=dm-0 ino=1709317 > scontext=unconfined_u:system_r:mysqld_safe_t:s0 > tcontext=unconfined_u:object_r:usr_t:s0 tclass=file > type=AVC msg=audit(1328563688.649:4000): avc: denied { write } for > pid=25344 comm="touch" name="mysql.err" dev=dm-0 ino=1709317 > scontext=unconfined_u:system_r:mysqld_safe_t:s0 > tcontext=unconfined_u:object_r:usr_t:s0 tclass=file > type=AVC msg=audit(1328563688.651:4001): avc: denied { setattr } for > pid=25345 comm="chown" name="mysql.err" dev=dm-0 ino=1709317 > scontext=unconfined_u:system_r:mysqld_safe_t:s0 > tcontext=unconfined_u:object_r:usr_t:s0 tclass=file > type=AVC msg=audit(1328563688.688:4002): avc: denied { append } for > pid=25238 comm="mysqld_safe" name="mysql.err" dev=dm-0 ino=1709317 > scontext=unconfined_u:system_r:mysqld_safe_t:s0 > tcontext=unconfined_u:object_r:usr_t:s0 tclass=file > type=AVC msg=audit(1328563688.688:4003): avc: denied { append } for > pid=25238 comm="mysqld_safe" name="mysql.err" dev=dm-0 ino=1709317 > scontext=unconfined_u:system_r:mysqld_safe_t:s0 > tcontext=unconfined_u:object_r:usr_t:s0 tclass=file > type=AVC msg=audit(1328563688.694:4004): avc: denied { append } for > pid=25381 comm="mysqld_safe" name="mysql.err" dev=dm-0 ino=1709317 > scontext=unconfined_u:system_r:mysqld_safe_t:s0 > tcontext=unconfined_u:object_r:usr_t:s0 tclass=file > type=AVC msg=audit(1328563688.694:4005): avc: denied { append } for > pid=25381 comm="mysqld_safe" name="mysql.err" dev=dm-0 ino=1709317 > scontext=unconfined_u:system_r:mysqld_safe_t:s0 > tcontext=unconfined_u:object_r:usr_t:s0 tclass=file > type=AVC msg=audit(1328563688.697:4006): avc: denied { append } for > pid=25238 comm="mysqld_safe" name="mysql.err" dev=dm-0 ino=1709317 > scontext=unconfined_u:system_r:mysqld_safe_t:s0 > tcontext=unconfined_u:object_r:usr_t:s0 tclass=file > type=AVC msg=audit(1328563688.697:4007): avc: denied { append } for > pid=25238 comm="mysqld_safe" name="mysql.err" dev=dm-0 ino=1709317 > scontext=unconfined_u:system_r:mysqld_safe_t:s0 > tcontext=unconfined_u:object_r:usr_t:s0 tclass=file > > mysql.err was 660 owned by mysql.mysql and the dir it's in was 755, > also owned by mysql.mysql. I tried changing the file to 666 and the > dir to 777, but I got the same errors. I also tried moving the log > file to /tmp, but I still got the same errors. So it's not > permissions. I don't know too much about selinux - I"ll have to > research that more. > > Thanks again! > -larry > > > > > > > > > On Sat, 2012-02-04 at 17:57 -0700, Larry Martell wrote: > >> Just installed mysql on centos 6.2. When I try to start it with service I > >> get: > >> > >> #service mysqld start > >> MySQL Daemon failed to start. > >> Starting mysqld: [FAILED] > >> > >> Nothing at all is written to the error log. > >> > >> But if I start it with mysqld_safe it comes up and works fine. > >> > >> Anyone know what could be going on here? > >> > >> -larry > >> > > > > -- > > Frédéric Descamps, Consultant, Percona Inc. > > Mob: +32 495698668 (CET) > > Skype: lefred.descamps > > Jabber: lefred.desca...@gmail.com > > > > 24/7 Emergency Line +1 888 401 3401 ext 911 > > > > Our Services: http://www.percona.com/services.html > > Our Blog: http://www.mysqlperformanceblog.com/ > > > > Percona Training Workshops: http://www.percona.com/training/ > > > > Percona Live MySQL Conference April 10-12 Santa Clara > > http://www.percona.com/live/mysql-conference-2012/ > -- Frédéric Descamps, Consultant, Percona Inc. Mob: +32 495698668 (CET) Skype: lefred.descamps Jabber: lefred.desca...@gmail.com 24/7 Emergency Line +1 888 401 3401 ext 911 Our Services: http://www.percona.com/services.html Our Blog: http://www.mysqlperformanceblog.com/ Percona Training Workshops: http://www.percona.com/training/ Percona Live MySQL Conference April 10-12 Santa Clara http://www.percona.com/live/mysql-conference-2012/
signature.asc
Description: This is a digitally signed message part
