I have a script that dumps a mysql database. It then compresses the file and this gets stored in my home folder by using cron. The problem is I seem to be getting an error message.
mysqldump: Couldn't execute 'show fields from `auth_group`': Can't create/write to file '/tmp/#sql_151e_0.MYI' (Errcode: 13) (1)
c2duo_db-22072011.sql
Now on my centos server graphical end, it says selinx has denied access to mysqld. Ofcourse if I disable selinux this works fine. But I need selinux enabled. Is there a way around this problem?
cron
10 11 * * 5 /home/sh/mysqlbackup.sh
mysqlbackup.sh
#!/bin/sh
mysqldump -uroot -ppassword --opt c2duo_db > /home/sh/c2duo_db-`date +%d%m%Y`.sql
cd /home/sh
tar -zcvf c2duo_db.tgz *.sql
EDIT: Here what I get from the command grep mysqld /var/log/audit/audit.log | tail | audit2why
.
type=AVC msg=audit(1311581788.889:12363): avc: denied { write } for pid=22102 comm="mysqld" path="/tmp/#sql_151e_0.MYI" dev=dm-0 ino=103481390 scontext=root:system_r:mysqld_t:s0 tcontext=root:object_r:httpd_sys_content_t:s0 tclass=file
Was caused by:
Missing or disabled TE allow rule.
Allow rules may exist but be disabled by boolean settings; check boolean settings.
You can see the necessary allow rules by running audit2allow with this audit message as input.
Also, my mysql server was already installed on this machine. So I guess it is an official repo.
Best Answer
You probably have bad file context on
/tmp
directory. Show usls -ldZ /tmp
.How is it possible that temporary file inside
/tmp
hashttpd_sys_content_t
fcontext?On RHEL it is:
For sure it has nothing to do with path for your backup file. If it would be permission problem, you would get something like this:
You can use
strace -f -ff -o /tmp/strace mysqldump -uroot -ppassword --opt c2duo_db
to see, which files it tries to open, use...