.my.cnf file for MySQL monitoring is ignored or inaccessible on AlmaLinux 9
Hello,
.my.cnf file for MySQL (Percona 8) monitoring is ignored or inaccessible by Zabbix Agent 2 (6.0) on AlmaLinux 9 with SELinux enabled.
zabbix's home directory in /etc/passwd is /var/lib/zabbix
What was done:
/var/lib/zabbix/.my.cnf file was created
MySQL user specified in /var/lib/zabbix/.my.cnf can log in and view databases, it was confirmed.
SELinux policy added:
Finally:
Result:
Any ideas what may be the reason?
.my.cnf file for MySQL (Percona 8) monitoring is ignored or inaccessible by Zabbix Agent 2 (6.0) on AlmaLinux 9 with SELinux enabled.
zabbix's home directory in /etc/passwd is /var/lib/zabbix
What was done:
Code:
mkdir /var/lib/zabbix
Code:
[client] protocol=tcp user='zbx_monitor' password='<password>'
Code:
chown -R zabbix. /var/lib/zabbix chmod 400 /var/lib/zabbix/.my.cnf
Code:
cat <<EOF > zabbix_home.te
module zabbix_home 1.0;
require {
type zabbix_agent_t;
type zabbix_var_lib_t;
type mysqld_etc_t;
type mysqld_port_t;
type mysqld_var_run_t;
class file { open read };
class tcp_socket name_connect;
class sock_file write;
}
allow zabbix_agent_t zabbix_var_lib_t:file read;
allow zabbix_agent_t zabbix_var_lib_t:file open;
allow zabbix_agent_t mysqld_etc_t:file read;
allow zabbix_agent_t mysqld_port_t:tcp_socket name_connect;
allow zabbix_agent_t mysqld_var_run_t:sock_file write;
EOF
checkmodule -M -m -o zabbix_home.mod zabbix_home.te
semodule_package -o zabbix_home.pp -m zabbix_home.mod
semodule -i zabbix_home.pp
restorecon -R /var/lib/zabbix
Code:
systemctl restart zabbix-agent2 zabbix_agent2 -t mysql.version
Code:
mysql.version [m|ZBX_NOTSUPPORTED] [Cannot fetch data: Cannot fetch data: Error 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO).]
Any ideas what may be the reason?
Comment