在此这前,我对SELinux完全不了解。
MySQL服务启动失败
- 查看服务状态
[root@localhost system]# systemctl status mysqld
● mysqld.service - MySQL ServerLoaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)Active: failed (Result: start-limit) since Tue 2023-04-11 10:11:48 CST; 33min agoDocs: man:mysqld(8)http://dev.mysql.com/doc/refman/en/using-systemd.htmlProcess: 13447 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid $MYSQLD_OPTS (code=exited, status=1/FAILURE)Process: 13428 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)Apr 11 10:11:47 localhost.localdomain systemd[1]: Failed to start MySQL Server.
Apr 11 10:11:47 localhost.localdomain systemd[1]: Unit mysqld.service entered failed state.
Apr 11 10:11:47 localhost.localdomain systemd[1]: mysqld.service failed.
Apr 11 10:11:48 localhost.localdomain systemd[1]: mysqld.service holdoff time over, scheduling restart.
Apr 11 10:11:48 localhost.localdomain systemd[1]: start request repeated too quickly for mysqld.service
Apr 11 10:11:48 localhost.localdomain systemd[1]: Failed to start MySQL Server.
Apr 11 10:11:48 localhost.localdomain systemd[1]: Unit mysqld.service entered failed state.
Apr 11 10:11:48 localhost.localdomain systemd[1]: mysqld.service failed.
- 服务状态中没有显示有帮助的信息。接着查看MySQL日志。
2023-04-11T03:19:39.649418Z 0 [Note] InnoDB: PUNCH HOLE support available
2023-04-11T03:19:39.649456Z 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2023-04-11T03:19:39.649464Z 0 [Note] InnoDB: Uses event mutexes
2023-04-11T03:19:39.649470Z 0 [Note] InnoDB: GCC builtin __atomic_thread_fence() is used for memory barrier
2023-04-11T03:19:39.649476Z 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2023-04-11T03:19:39.649482Z 0 [Note] InnoDB: Using Linux native AIO
2023-04-11T03:19:39.649856Z 0 [Note] InnoDB: Number of pools: 1
2023-04-11T03:19:39.649991Z 0 [Note] InnoDB: Using CPU crc32 instructions
2023-04-11T03:19:39.651976Z 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
2023-04-11T03:19:39.661820Z 0 [Note] InnoDB: Completed initialization of buffer pool
2023-04-11T03:19:39.664613Z 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
2023-04-11T03:19:39.674748Z 0 [ERROR] InnoDB: Operating system error number 13 in a file operation.
2023-04-11T03:19:39.674804Z 0 [ERROR] InnoDB: The error means mysqld does not have the access rights to the directory.
2023-04-11T03:19:39.674819Z 0 [ERROR] InnoDB: os_file_get_status() failed on './ibdata1'. Can't determine file permissions
2023-04-11T03:19:39.674842Z 0 [ERROR] InnoDB: Plugin initialization aborted with error Generic error
2023-04-11T03:19:40.275467Z 0 [ERROR] Plugin 'InnoDB' init function returned error.
2023-04-11T03:19:40.275510Z 0 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
2023-04-11T03:19:40.275524Z 0 [ERROR] Failed to initialize builtin plugins.
2023-04-11T03:19:40.275532Z 0 [ERROR] Aborting2023-04-11T03:19:40.275586Z 0 [Note] Binlog end
2023-04-11T03:19:40.275721Z 0 [Note] Shutting down plugin 'CSV'
2023-04-11T03:19:40.276288Z 0 [Note] /usr/sbin/mysqld: Shutdown complete
- 找到关键信息
InnoDB: os_file_get_status() failed on ‘./ibdata1’. Can’t determine file permissions
从提示中看出,ibdata1文件并没有损坏,只是权限问题。
为什么会出现这个错误?
由于MySQL没有采用默认的配置文件(比如数据目录是/var/lib/mysql),SELinux就会拒绝访问,在/var/log/audit/audit.log中可以看到提示消息 “avc: denied ”,如:
type=AVC msg=audit(1681193643.439:384714): avc: denied { getattr } for pid=14633 comm="mysqld" path="/home/data/mysql/ibdata1" dev="dm-2" ino=1610612865 scontext=system_u:system_r:mysqld_t:s0 tcontext=unconfined_u:object_r:home_root_t:s0 tclass=file
type=SYSCALL msg=audit(1681193643.439:384714): arch=c000003e syscall=4 success=yes exit=0 a0=7f63ad62fca0 a1=7f6354193608 a2=7f6354193608 a3=76 items=0 ppid=1 pid=14633 auid=4294967295 uid=27 gid=27 euid=27 suid=27 fsuid=27 egid=27 sgid=27 fsgid=27 tty=(none) ses=4294967295 comm="mysqld" exe="/usr/sbin/mysqld" subj=system_u:system_r:mysqld_t:s0 key=(null)
SELinux是什么
MySQL & SELinux
解决方式
- 关闭SELinux或设置为宽松模式
- 让MySQL采用默认配置
- 修改SELinux策略
简单粗暴试一试
setenforce 0 # 关闭SELinux
systemctl start mysqld.servie # 启动
再次查看状态,正常运行中。
[root@localhost ~]# systemctl status mysqld.service
● mysqld.service - MySQL ServerLoaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)Active: active (running) since Tue 2023-04-11 11:21:48 CST; 24min agoDocs: man:mysqld(8)http://dev.mysql.com/doc/refman/en/using-systemd.htmlProcess: 14585 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid $MYSQLD_OPTS (code=exited, status=0/SUCCESS)Process: 14566 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)Main PID: 14588 (mysqld)CGroup: /system.slice/mysqld.service└─14588 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pidApr 11 11:21:45 localhost.localdomain systemd[1]: Starting MySQL Server...
Apr 11 11:21:48 localhost.localdomain systemd[1]: Started MySQL Server.