0

I have a directory /media/databases under which I want to hold 3 different databases : mariadb, postgresql and neo4j.

My issue is that I already have configured postgresql selinux context and the server won't start unless the /media/databases context is set on postgresql_db_t.

So my question is : how could I set those contexts right ? Are there some contexts neutral enough to hold ? I've done a :

seinfo -t

The list is quite large..

Or maybe I am seeing this all wrong and I should only separate my databases at the media root : /media/postgresql, /media/mariadb, /media/neo4j ?

Thanks for your insight.

John Doe
  • 125
  • 1
  • 7
  • 1
    I suspect this will be a duplicate of https://serverfault.com/a/809364/126632 – Michael Hampton Aug 29 '18 at 18:33
  • Nice catch ! Yes it was : I set the directory to unlabeled_t and make a special rule for postgresql with audit2allow. I need to see what happens now for the other db but that should be the same. – John Doe Aug 29 '18 at 22:40

1 Answers1

0

Each database type directory under /media/databases should have a selinux context set (semanage fcontext) matching the rules expected for that database type.

e.g. for MySQL based on mysql selinux ref:

# semanage fcontext -a -t mysqld_db_t "/media/mariadb(/.*)?"
# restorecon -Rv /media/mariadb
danblack
  • 1,249
  • 13
  • 15