Ack, my WordPress suffers connectile dysfunction on a fresh install of RedHat 5! Not only did I get the above message, but dmesg was filling up with errors like this:
audit(1179258445.529:38): avc: denied { name_connect } for pid=3332 comm=“httpd” dest=3306 scontext=user_u:system_r:httpd_t:s0 tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
It turns out that I was getting stung by SELinux, which is enabled by default in RedHat 5. All the extra security is probably a good idea, if I knew how to configure it, but for the moment it was breaking a live site.
So I (well, Cliffy, Al, and I), took the short cut and set SELINUX=permissive in /etc/sysconfig/selinux (we could have gone with SELINUX=disabled, but this will help us learn…while we watch it fill our log files).
None of this would be a problem, likely, if I wasn’t using a remote MySQL server, but….
SELinux, RedHat 5, mysql blocked, connection problem, disable selinux
Posted May 21, 2007 by Casey Bisson
Categories: Technology. Tags: connection problem, disable selinux, mysql blocked, RedHat 5, SELinux.
3 Comments
Comments RSS
TrackBack Identifier URI
Leave a comment
User contributed tags for this post:
selinux centos (218) - deactivate selinux (101) - remove selinux (90) - selinux redhat 5 (83) - redhat 5 selinux (62) - redhat 5 firewall (61) - disable selinux redhat 5 (57) - uninstall selinux (55) - centos selinux (54) - rhel5 disable selinux (50) - redhat 5 disable selinux (47) - www.89.com (43) - RedHat SELinux (39) - selinux deactivate (36) - rhel5 firewall (34) - how to disable selinux in redhat 5 (33) - SELinux (32) - SElinux RHEL5 (32) - RHEL 5 firewall (26) - disable selinux redhat (26) - selinux httpd (26) - centos remove selinux (25) - RedHat 5 (24) - rhel5 selinux (24) - selinux uninstall (23) - how to deactivate selinux (23) - disable selinux rhel5 (23) - rhel5 disable firewall (23) - selinux mysqld (22) - deactivating SELinux (20) - red hat 5 firewall (20) - www.sex.com (19) - red hat 5 disable SELinux (18) - selinux mysql (18) - centos disable audit (17) - uninstall selinux centos (16) - 89.com (15) - selinux redhat (15) - centos disable firewall (15) - selinux remove (15) - disable selinux (14) - disable SELinux firewall (14) - red hat 5 selinux (14) - CentOS 5 selinux (14) - redhat 5 selinux disable (14) - sexi movise (14) - شهوت سرا (13) - selinux firewall (13) - centos deactivate selinux (13) - wordpress Selinux (12) - F (12) - disable sealert (11) - centos 5 disable selinux (11) - remove selinux centos (11) - rhel 5 selinux (11) - firewall rhel5 (11) - disable selinux in rhel5 (11) - RHEL5 turn off firewall (11) - redhat disable selinux (10) - RHEL 5 disable SELinux (10) - 89 com (9) - how to firewall red hat 5 (9) - disable selinux for mysql (9) - redhat remove selinux (9) - centos uninstall selinux (9) - selinux centos 5 (9) - selinux rhel (9) - disable selinux red hat 5 (8) - WWW 89 COM (8) - mysql selinux redhat (8) - centos 5 firewall (8) - firewall redhat 5 (8) - centos 5 turn off firewall (8) - RHEL5 SElinux disable (8) - RHEL 5 disable firewall (8) - redhat selinux firewall (7) - disabel selinux (7) - centos 5 SELinux httpd (7) - disable selinux on redhat 5 (7) - how to disable SElinux redhat 5 (7) - setroubleshoot centos (7) - disable firewall rhel5 (7) - disable selinux mysql (7) - selinux wordpress (6) - sexy giral (6) - cache zb13W 9bWjkJ maisonbisson com blog post 10248 sex (6) - httpd mysql selinux (6) - selinux disable redhat (6) - mysql selinux (6) - avc: denied { search } (6) - selinux httpd mysql (6) - deactivate selinux centos (6) - mysqld selinux (6) - selinux ports (6) - disable selinux centos (6) - how disable selinux (6) - ?????? ???? (5) - داستان (5) - mysql redhat 5 (5) - turn off selinux (5) - red hat 5 setroubleshoot package (5) - deactivate selinux redhat (5) - how to disable selinux in rhel5 (5) - centos setroubleshoot (5) - disable selinux mysqld (5) - firewall red hat 5 (5) - centos 5 selinux disable (5) - how to uninstall selinux (5) - rhel disable selinux (5) - rhel5 uninstall selinux (5) - disable firewall and SElinux (5) - RHEL 5 turn off firewall (5) - disable rhel5 firewall (5) - time passing quote (4) - ???? ?? (4) - شهوت (4) - sexy teacher com (4) - cache Jf0O1b4BVFUJ maisonbisson com blog post 10849 IVI (4) - red hat disable selinux (4) - how to disable SELinux on redhat 5 (4) - selinux httpd 3306 (4) - SELINUX tcontext system u object r mysqld port t s0 tcl (4) - redhat 5 audit (4) - selinux redhat 5 disable (4) - selinux httpd mysql connection problem (4) - IN (4) - redhat selinux httpd (4) - redhat 5 turn off selinux (4) - redhat 5 turn off firewall (4) - turn off selinux rhel5 (4) - redhat 5 firewall disable (4) - centos turn off selinux (4) - redhat setroubleshoot (4) - selinux in centos (4) - rhel5 turn off selinux (4) - RHEL5 SELinux Permissive (4) - avc: denied { name_connect } for comm=httpd dest=3306 (4) - selinux httpd redhat (4) - SELinux in RHEL5 (4) - disable selinux rhel (4) - how to disable selinux rhel5 (4) - centos 5 disable firewall (4) - how to disable firewall in rhel5 (4) - disable audit CentOS (4) - denied { name_connect } (4) - disabling SeLinux and firewall (4) - redhat selinux disable (4) - how to remove selinux from centos (4) - redhat deactivate selinux (4) - selinux on centos (4) -
Would still potentially pose the same problems. At least if I am understanding you correctly. SELinux is more like a system firewall rather than a network firewall, so processes are restricted to their permissions, regardless of where the process is being executed. So, httpd was trying to operate outside the boundaries set within SELinux.
At least if I remember correctly. It has been a few years since I have messed with it at all.
sealert is your friend. It goes through the error logs, and tells you what all the selinux alerts and denials mean, and how to fix them.
it’s part of the setroubleshoot package, which should be installed by default.
Simon
[...] » RedHat 5 SELinux Gets In My Way So I (well, Cliffy, Al, and I), took the short cut and set SELINUX=permissive in /etc/sysconfig/selinux (we could have gone with SELINUX=disabled, but this will help us learn…while we watch it fill our log files). (tags: selinux security redhat) [...]