Bug#22559624 KEYRING_FILE INITIALIZATION FAILURE WHEN SELINUX ENABLED…

… FROM DISABLED STATE Fix to initialize /var/lib/mysql-keyring when SELinux is enabled. Add /var/lib/mysql-keyring directory to file-contexts
hex42 · Jan 18, 2016 · 39feb38 · 39feb38
1 parent 77fef83
commit 39feb38
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 5 deletions.
diff --git a/packaging/rpm-oel/mysql.init b/packaging/rpm-oel/mysql.init
@@ -98,10 +98,12 @@ start(){
 	    chmod 0751 "$datadir"
 	    if [ -x /sbin/restorecon ] ; then
 		/sbin/restorecon "$datadir"
-		if [ -x /usr/sbin/semanage -a -d /var/lib/mysql -a -d /var/lib/mysql-files ] ; then
-		    /usr/sbin/semanage fcontext -a -e /var/lib/mysql /var/lib/mysql-files >/dev/null 2>&1
-		    /sbin/restorecon /var/lib/mysql-files
-		fi
+		for dir in /var/lib/mysql-files /var/lib/mysql-keyring ; do
+		    if [ -x /usr/sbin/semanage -a -d /var/lib/mysql -a -d $dir ] ; then
+			/usr/sbin/semanage fcontext -a -e /var/lib/mysql $dir >/dev/null 2>&1
+			/sbin/restorecon $dir
+		    fi
+		done
 	    fi
 	    # Now create the database
 	    action $"Initializing MySQL database: " /usr/sbin/mysqld --initialize --datadir="$datadir" --user=mysql

diff --git a/scripts/systemd/mysqld_pre_systemd.in b/scripts/systemd/mysqld_pre_systemd.in
@@ -1,6 +1,6 @@
 #! /bin/bash
 
-# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -57,6 +57,11 @@ install_db () {
     if [ -x /usr/sbin/restorecon ]; then
         /usr/sbin/restorecon "$datadir"
         /usr/sbin/restorecon $log
+	for dir in /var/lib/mysql-files /var/lib/mysql-keyring ; do
+            if [ -x /usr/sbin/semanage -a -d /var/lib/mysql -a -d $dir ] ; then
+            /usr/sbin/semanage fcontext -a -e /var/lib/mysql $dir >/dev/null 2>&1
+            /sbin/restorecon $dir
+	done
     fi
 
     # If special mysql dir is in place, skip db install