[CentOS] NOT Solved - Re: SELinux policy to allow Dovecot to connect to Mysql

Wed Apr 26 02:22:40 UTC 2017
Gordon Messmer <gordon.messmer at gmail.com>

On 04/25/2017 03:25 PM, Robert Moskowitz wrote:
> This made the same content as before that caused problems:

I still don't understand, exactly.  Are you seeing *new* problems after 
installing a policy?  What are the problems?

> #!!!! The file '/var/lib/mysql/mysql.sock' is mislabeled on your system.
> #!!!! Fix with $ restorecon -R -v /var/lib/mysql/mysql.sock
> #!!!! This avc can be allowed using the boolean 
> 'daemons_enable_cluster_mode'
> allow dovecot_t mysqld_t:unix_stream_socket connectto;
>
> What do these 3 comments mean?

I'm not sure about the first two.  The context you see is the same I see 
on the one system where I run mysqld.  Running restorecon doesn't change 
that context.

As for the latter, it sounds like you should be able to remove your 
custom policy and "setsebool -P daemons_enable_cluster_mode 1" to allow 
dovecot to connect to mysql.