SELinux fun with MySQL and friends

Cite

Related Material

FOSDEM VZW

Crauwels, Matthias Groenewold, Ivan

Formal Metadata

Title

SELinux fun with MySQL and friends

Title of Series

FOSDEM 2020

Number of Parts

490

Author

Crauwels, Matthias

Groenewold, Ivan

License

CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/46896 (DOI)

Publisher

FOSDEM VZW

Release Date

2020

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

SELinux (Security Enhanced Linux) provides enhanced security mechanism for more advanced access control and auditing. It allows your application software and your system users to only access the resources it's been preconfigured to allow. Of course when you want to move your data- or log files to a non-standard location these policies will stop MySQL from starting. The easy way out is obviously to set SELinux to disabled or permissive. But someone once said: "Every time you disable SELinux a kitten dies". We'll show you a few ways how you can find out if it actually is SELinux that is blocking you and how to update the policies to properly keep you system secured.