Yesterday I was doing some operations with the SELinux in the development server and from that moment the MySQL throws an error that couldn't write in /tmp dir, then I restarted the mysql server and check its log with:
# tail -f /var/log/mysqld.log /usr/libexec/mysqld: error while loading shared libraries: librt.so.1: cannot open shared object file: Permission denied
I then inspected the log messages
# tail -f /var/log/messages
...
avc: denied { search } for pid=1860 comm="mcstransd" name="/"
dev=sda2 ino=2 scontext=system_u:system_r:setrans_t:s0-s0:c0.c1023
tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir
...
From above message I realized that I had changed the context to the root dir (/) to httpd_sys_content_t therefore the solution was to reset the context:
# chcon -t root_t /
Then:
# service mysqld start
and everything worked Ok.
Conclusion
The SELinux increases the level of security of GNU/Linux servers but we must be careful when working with it because it can cause that our services become inoperable for minutes or hours.
Recommendation
Have a test server where you You can run all the necessary operations with the SELinux before deploy them on a production server.
Administering MySQL from the command line, 15 (15)
- How to install MySQL 5.7 on CentOS 7
- How to install MySQL 8.0 in Ubuntu 20.04
- How to install MySQL 8.0 in Debian
- How to install MariaDB on Alpine Linux
- How to install MariaDB on NetBSD?
- MySQL 8.0, change root password
- MySQL server administration – Basic
- Create / modify / delete tables in MySQL
- MySQL user administration
- MySQL – Execute SQL script
- Disable innodb engine in MySQL
- Show MySQL storage engines
- Character set available in MySQL
- Connect to a MySQL server from the LAN
- MySQL can not write in the /tmp dir