MDEV-27635: selinux: allow read of /proc/sys/kernel/core_pattern

Prevent the error: setroubleshoot[23678]: SELinux is preventing /usr/libexec/mysqld from read access on the file core_pattern. Reading of the core pattern occurs on crash as added in MDEV-15051 RHEL-7.7 $ ls -laZ /proc/sys/kernel/core_pattern -rw-r--r--. root root system_u:object_r:usermodehelper_t:s0 /proc/sys/kernel/core_pattern
author: Daniel Black <daniel@linux.ibm.com> 2020-05-21 16:19:49 +1000
committer: Daniel Black <daniel@mariadb.org> 2022-01-27 10:50:50 +1100
commit: 8b3b73808d90f25a3ec5698864d9b406ae7bba80 (patch)
tree: 9aa3a7b25ca591b716c8bdbf688f98f8bd7e102e /support-files
parent: 68b3fa8865aad65eaaac84cb1f48426aa05a1deb (diff)
download: mariadb-git-8b3b73808d90f25a3ec5698864d9b406ae7bba80.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/support-files/policy/selinux/mariadb-server.te b/support-files/policy/selinux/mariadb-server.te
index 45ef40f4153..c8b2c21ff07 100644
--- a/support-files/policy/selinux/mariadb-server.te
+++ b/support-files/policy/selinux/mariadb-server.te
@@ -77,6 +77,7 @@ allow mysqld_t user_tmp_t:dir { write add_name };
 allow mysqld_t user_tmp_t:file create;
 allow mysqld_t bin_t:lnk_file read;
 allow mysqld_t tmp_t:file { append create read write open getattr unlink setattr };
+allow mysqld_t usermodehelper_t:file { read open };
 
 # Allows too much leeway - the xtrabackup/wsrep rules in fc should fix it, but
 # keep for the moment.
author	Daniel Black <daniel@linux.ibm.com>	2020-05-21 16:19:49 +1000
committer	Daniel Black <daniel@mariadb.org>	2022-01-27 10:50:50 +1100
commit	8b3b73808d90f25a3ec5698864d9b406ae7bba80 (patch)
tree	9aa3a7b25ca591b716c8bdbf688f98f8bd7e102e /support-files
parent	68b3fa8865aad65eaaac84cb1f48426aa05a1deb (diff)
download	mariadb-git-8b3b73808d90f25a3ec5698864d9b406ae7bba80.tar.gz