{"id":180,"date":"2015-09-14T16:10:14","date_gmt":"2015-09-14T08:10:14","guid":{"rendered":"http:\/\/yyshell.com\/?p=180"},"modified":"2015-09-14T16:10:14","modified_gmt":"2015-09-14T08:10:14","slug":"centos6selinux%e7%8e%af%e5%a2%83%e4%b8%8b%e5%8f%98%e6%9b%b4mysql%e7%9a%84data%e7%9b%ae%e5%bd%95","status":"publish","type":"post","link":"https:\/\/yyshell.com\/?p=180","title":{"rendered":"CentOS6+SElinux\u73af\u5883\u4e0b\u53d8\u66f4MySQL\u7684data\u76ee\u5f55"},"content":{"rendered":"<blockquote><p>\u524d\u8a00\uff1a<\/p>\n<p>\u672c\u6b21\u64cd\u4f5c\u4e2d\uff0c\u6d89\u53ca\u5230SELinux\u7684\u76f8\u5173\u914d\u7f6e\uff0c\u5982\u679c\u7cfb\u7edf\u662f\u6700\u5c0f\u5316\u5b89\u88c5\u7684\u8bdd\uff0c\u9700\u8981yum\u5b89\u88c5policycoreutils-python\u5305\uff08SELinux\u76f8\u5173\uff09\uff0c\u548cvim\u5305\uff08\u6bd4vi\u5f3a\u5927\u70b9\uff0c\u65b9\u4fbf\u7f16\u8f91\uff09\uff0c\u8fd8\u6709\u5f53\u7136\u5c31\u662fmysql-server\u5305\u3002<\/p><\/blockquote>\n<p>\u9996\u5148\u6211\u4eec\u770b\u4e0b\u9ed8\u8ba4\u7684mysql\u7684\u914d\u7f6e<\/p>\n<pre class=\"lang:default decode:true \">[root@test ~]# vim \/etc\/my.cnf<\/pre>\n<p>\u5185\u5bb9\u5982\u4e0b\uff1a<\/p>\n<blockquote><p>[mysqld]<br \/>\ndatadir=\/var\/lib\/mysql<br \/>\nsocket=\/var\/lib\/mysql\/mysql.sock<br \/>\nuser=mysql<br \/>\n# Disabling symbolic-links is recommended to prevent assorted security risks<br \/>\nsymbolic-links=0<\/p>\n<p>[mysqld_safe]<br \/>\nlog-error=\/var\/log\/mysqld.log<br \/>\npid-file=\/var\/run\/mysqld\/mysqld.pid<\/p><\/blockquote>\n<p>\u53ef\u4ee5\u770b\u5230\uff0c\u9ed8\u8ba4\u7684\u6570\u636e\u76ee\u5f55\u662f\/var\/lib\/mysql\uff0c\u9ed8\u8ba4\u7684socket\u4e3a\/var\/lib\/mysql\/mysql.sock<\/p>\n<p>\u4e0b\u9762\uff0c\u6211\u4eec\u628a\u6211\u7684\u7b2c\u4e8c\u5757\u786c\u76d8\u6302\u8f7d\u4e0b\uff0c\u6302\u8f7d\u76ee\u5f55\u5728\/mnt\/sdb\u76ee\u5f55\u4e0b\uff0c\u70b9\u51fb\u67e5\u770b<a href=\"http:\/\/yyshell.com\/?p=126\" target=\"_blank\">\u6302\u8f7d\u65b9\u6cd5<\/a><\/p>\n<p>\u5728sdb\u76ee\u5f55\u4e0b\u5efa\u7acbmysql\u6587\u4ef6\u5939\uff0c\u7528\u6765\u5b58\u653emysql\u6570\u636e\u6587\u4ef6\u548csocket<\/p>\n<pre class=\"lang:default decode:true \">[root@test ~]# mkdir \/mnt\/sdb\/mysql<\/pre>\n<p>\u7f16\u8f91\/etc\/my.cnf\u6587\u4ef6\uff0c\u628adatadir\u548csocket\u5206\u522b\u6539\u4e3a<\/p>\n<pre class=\"lang:default decode:true \">datadir=\/mnt\/sdb\/mysql\r\nsocket=\/mnt\/sdb\/mysql\/mysql.sock<\/pre>\n<p>\u518d\u628a\u539f\u6765\u7684\u91cc\u9762\u7684\u6587\u4ef6\u590d\u5236\u5230\u65b0\u76ee\u5f55\u53bb<\/p>\n<pre class=\"lang:default decode:true\">[root@test lib]# cp -avx \/var\/lib\/mysql\/ \/mnt\/sdb\/<\/pre>\n<p>\u542f\u52a8mysql<\/p>\n<pre class=\"lang:default decode:true \">[root@test mysql]# service mysqld start<\/pre>\n<p>\u63d0\u793a<\/p>\n<blockquote><p>MySQL Daemon failed to start.<br \/>\n\u6b63\u5728\u542f\u52a8 mysqld\uff1a\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 [\u5931\u8d25]<\/p><\/blockquote>\n<p>\u770b\u770b\u65e5\u5fd7<\/p>\n<blockquote><p>150914 15:02:40 mysqld_safe mysqld from pid file \/var\/run\/mysqld\/mysqld.pid ended<br \/>\n150914 15:08:24 mysqld_safe Starting mysqld daemon with databases from \/mnt\/sdb\/mysql<br \/>\n150914 15:08:24 [Warning] Can&#8217;t create test file \/mnt\/sdb\/mysql\/test.lower-test<br \/>\n150914 15:08:24 [Warning] Can&#8217;t create test file \/mnt\/sdb\/mysql\/test.lower-test<br \/>\n\/usr\/libexec\/mysqld: Can&#8217;t change dir to &#8216;\/mnt\/sdb\/mysql\/&#8217; (Errcode: 13)<br \/>\n150914 15:08:24 [ERROR] Aborting<\/p><\/blockquote>\n<p>\u770b\u770b\u539f\u6765\u76ee\u5f55\u7684SELinux\u6743\u9650<\/p>\n<pre class=\"lang:default decode:true \">[root@test mysql]# ll -Zd \/var\/lib\/mysql\/<\/pre>\n<blockquote><p>drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 \/var\/lib\/mysql\/<\/p><\/blockquote>\n<p>\u770b\u770b\u5f53\u524d\u76ee\u5f55\u7684SELinux\u6743\u9650<\/p>\n<pre class=\"lang:default decode:true \">[root@test mysql]# ll -Zd \/mnt\/sdb\/<\/pre>\n<blockquote><p>drwxr-xr-x. root root system_u:object_r:file_t:s0 \/mnt\/sdb\/<\/p><\/blockquote>\n<p>\u90a3\u6211\u4eec\u6539\u6210\u4e00\u6837\u7684\u6743\u9650<\/p>\n<pre class=\"lang:default decode:true \">[root@test mysql]# chown mysql:mysql \/mnt\/sdb\/\r\n[root@test mysql]# semanage fcontext -a -t mysqld_db_t \"\/mnt\/sdb(\/.*)?\"\r\n[root@test mysql]# restorecon -rv \/mnt\/sdb<\/pre>\n<p>\u518d\u6b21\u542f\u52a8mysql\u670d\u52a1\uff0c\u7ec8\u4e8eOK\u4e86\u3002<\/p>\n<p>==\uff0c\u95ee\u9898\u6ca1\u5b8c\uff0c\u7528\u5ba2\u6237\u7aef\u767b\u5f55mysql\u8bd5\u8bd5\uff01<\/p>\n<pre class=\"lang:default decode:true \">[root@test mysql]# mysql -uroot -p<\/pre>\n<p>\u8f93\u5165\u5bc6\u7801\uff0c\u63d0\u793a<\/p>\n<blockquote><p>ERROR 2002 (HY000): Can&#8217;t connect to local MySQL server through socket &#8216;\/var\/lib\/mysql\/mysql.sock&#8217; (2)<\/p><\/blockquote>\n<p>\u770b\u5230\u6ca1\uff0c\u6211\u4eec\u670d\u52a1\u7aef\u6307\u5b9asocket\u4e86\uff0c\u4f46\u5ba2\u6237\u7aef\u6ca1\u53cd\u5e94\u8fc7\u6765 \uff0c\u8fd8\u7528\u8001\u7684socket\u8fde\u63a5\uff0c\u5f53\u7136\u8fde\u4e0d\u4e0a\uff01<\/p>\n<p>\u7ee7\u7eed\u7f16\u8f91\u914d\u7f6e\u6587\u4ef6\/etc\/my.cnf<\/p>\n<p>\u5728\u6700\u4e0a\u9762\u52a0\u4e0a\u8fd9\u4e9b<\/p>\n<pre class=\"lang:default decode:true \">[client]\r\nport=3306\r\nsocket=\/mnt\/sdb\/mysql\/mysql.sock<\/pre>\n<p>\u518d\u8fde\u63a5\u4e0b\uff0c\u63d0\u793a\u6210\u529f\u4e86\u3002<\/p>\n<blockquote><p>Welcome to the MySQL monitor. Commands end with ; or \\g.<br \/>\n&#8230;&#8230;.<\/p><\/blockquote>\n<p>\u5982\u679c\u9700\u8981\u6307\u5b9a\u7f16\u7801\uff0c\u4f8b\u5982utf-8\u7f16\u7801\uff0c\u5728my.cnf\u4e0a\u6dfb\u52a0<\/p>\n<pre class=\"lang:default decode:true \">[server]\r\ncharacter-set-server=utf8<\/pre>\n<p>\u8fd9\u6837\u7684\u8bdd\uff0c\u7f16\u7801\u5c31\u6307\u5b9a\u597d\u4e86\u3002<\/p>\n<p>\u603b\u4e4b\uff0c\u66f4\u6539\u6570\u636e\u5e93\u7684\u76ee\u5f55\uff0c\u9664\u4e86\u76ee\u5f55\u672c\u8eab\u7684\u6743\u9650\u8981\u5bf9\uff0c\u8fd9\u91cc\u6211\u4eec\u7528cp -avx \u547d\u4ee4\u4fdd\u7559\u4e86\u539f\u6765\u7684\u6743\u9650\u7ed3\u6784\uff0c\u6240\u4ee5\u9ed8\u8ba4\u5c31\u5df2\u7ecf\u5bf9\u4e86\u3002\u6570\u636e\u76ee\u5f55\u7684\u7236\u7ea7\u76ee\u5f55\u4e5f\u5f88\u91cd\u8981\uff0c\u81f3\u5c11\u50cfdrwxr-xr-x. root root system_u:object_r:file_t:s0 \/mnt\/sdb\/\u8fd9\u6837\u7684\u6743\u9650\u7ed3\u6784\u80af\u5b9a\u4e0d\u884c\u7684\u3002\u6211\u4eec\u6539\u6210\u7684\u662f\u8fd9\u6837\u7684\u6743\u9650\u7ed3\u6784drwxr-xr-x. mysql mysql system_u:object_r:mysqld_db_t:s0 \/var\/lib\/mysql\/\uff0c\u5c31\u53ef\u4ee5\u6253\u5f00\u4e86\uff0c\u6709\u65f6\u5019\u6539\u6210drwxr-xr-x. apache apache system_u:object_r:httpd_sys_content_t:s0 \/mnt\/sdb\/\u8fd9\u6837\u7684apache\u7684\u6743\u9650\uff0c\u4e5f\u884c\uff0c\u8bb0\u4f4f\uff0c\u4e0d\u80fd\u662froot\u90a3\u79cd\u6743\u9650\uff01\uff01<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u524d\u8a00\uff1a \u672c\u6b21\u64cd\u4f5c\u4e2d\uff0c\u6d89\u53ca\u5230SELinux\u7684\u76f8\u5173\u914d\u7f6e\uff0c\u5982\u679c\u7cfb\u7edf\u662f\u6700\u5c0f\u5316\u5b89\u88c5\u7684\u8bdd\uff0c\u9700<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-180","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/yyshell.com\/index.php?rest_route=\/wp\/v2\/posts\/180","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/yyshell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/yyshell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/yyshell.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/yyshell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=180"}],"version-history":[{"count":1,"href":"https:\/\/yyshell.com\/index.php?rest_route=\/wp\/v2\/posts\/180\/revisions"}],"predecessor-version":[{"id":181,"href":"https:\/\/yyshell.com\/index.php?rest_route=\/wp\/v2\/posts\/180\/revisions\/181"}],"wp:attachment":[{"href":"https:\/\/yyshell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=180"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/yyshell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=180"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/yyshell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=180"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}