Layer: contrib

Module: mysql

Tunables Interfaces

Description:

Policy for MySQL

Tunables:

mysql_connect_any

Default value

false

Description

Allow mysqld to connect to all ports

mysql_connect_http

Default value

false

Description

Allow mysqld to connect to http port

mysql_run_under_different_user

Default value

false

Description

Allow mysqld to run under a different user via --user

Return

Interfaces:

mysql_admin(
	
		domain
		
			,
		
		role
		
	)

Summary

All of the rules required to administrate an mysql environment

Parameters

Parameter:	Description:
domain	Domain allowed access.
role	The role to be allowed to manage the mysql domain.

mysql_append_db_files(
	
		domain
		
	)

Summary

Append to the MySQL database directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_append_log(
	
		domain
		
	)

Summary

Allow the specified domain to append to MySQL log files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_db_filetrans(
	
		domain
		
			,
		
		private type
		
			,
		
		object
		
			,
		
		name
		
	)

Summary

Create private objects at mysql db directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.
private type	The type of the object to be created.
object	The object class of the object being created.
name	The name of the object being created.

mysql_domtrans(
	
		domain
		
	)

Summary

Execute MySQL in the mysql domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

mysql_domtrans_mysql_safe(
	
		domain
		
	)

Summary

Execute MySQL safe script in the mysql safe domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

mysql_dontaudit_append_log(
	
		domain
		
	)

Summary

Do not audit attempts to append to the MySQL logs.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mysql_dontaudit_read_log(
	
		domain
		
	)

Summary

dontaudit attempts to read MySQL log files.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mysql_dontaudit_rw_db(
	
		domain
		
	)

Summary

dontaudit attempts to read/write to the MySQL db files.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mysql_dontaudit_write_log(
	
		domain
		
	)

Summary

dontaudit attempts to write to the MySQL log files.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mysql_exec(
	
		domain
		
	)

Summary

Execute MySQL in the caller domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_filetrans_named_content(
	
		domain
		
	)

Summary

Transition to mysqld named content

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_list_db(
	
		domain
		
	)

Summary

List the directories that contain MySQL database storage.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_manage_db_dirs(
	
		domain
		
	)

Summary

Create, read, write, and delete MySQL database directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_manage_db_files(
	
		domain
		
	)

Summary

Create, read, write, and delete MySQL database files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_read_config(
	
		domain
		
	)

Summary

Read MySQL configuration files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_read_db_lnk_files(
	
		domain
		
	)

Summary

Read and write to the MySQL database directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_read_home_content(
	
		domain
		
	)

Summary

read mysqld homedir content (.k5login)

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_read_log(
	
		domain
		
	)

Summary

Allow the specified domain to read MySQL log files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_read_pid_files(
	
		domain
		
	)

Summary

Read MySQL PID files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_rw_db_dirs(
	
		domain
		
	)

Summary

Read and write to the MySQL database directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_rw_db_files(
	
		domain
		
	)

Summary

Read and write to the MySQL database directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_rw_db_sockets(
	
		domain
		
	)

Summary

Read and write to the MySQL database named socket.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_safe_exec(
	
		domain
		
	)

Summary

Execute MySQL_safe in the caller domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_search_db(
	
		domain
		
	)

Summary

Search the directories that contain MySQL database storage.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_search_pid_files(
	
		domain
		
	)

Summary

Search MySQL PID files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_signal(
	
		domain
		
	)

Summary

Send a generic signal to MySQL.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_signull(
	
		domain
		
	)

Summary

Send a null signal to mysql.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_stream_connect(
	
		domain
		
	)

Summary

Connect to MySQL using a unix domain stream socket.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_systemctl(
	
		domain
		
	)

Summary

Execute mysqld server in the mysqld domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

mysql_tcp_connect(
	
		domain
		
	)

Summary

Allow the specified domain to connect to mysql with a tcp socket.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mysql_write_log(
	
		domain
		
	)

Summary

Write to the MySQL log.

Parameters

Parameter:	Description:
domain	Domain allowed access.

Return