Using HP Serviceguard for Linux to Provide High Availability for LAMP, December 2005
Listen 15.70.191.61:80
DocumentRoot "/Apache"
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/Apache">
Options Indexes FollowSymLinks
AllowOverride None
Order allow, deny
Allow from all
</Directory>
my.cnf
[mysqld]
datadir=/MySQL_1/mysql
socket=/MySQL_1/mysql/mysql.sock
port=3306
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
# old_passwords=1
[mysql.server]
user=mysql
basedir=/MySQL_1
[mysqld_safe]
err-log=/MySQL_1/mysql/mysqld.err
pid-file=/var/run/mysqld/mysqld.pid
[client]
socket=/MySQL_1/mysql/mysql.sock
SELinux Considerations
All the Apache and MySQL files and directories are protected by SELinux security policy.
This is turned on by default in RHEL 4. All of these files need to be associated with a
security context for them to work properly. SELinux protection allows processes access to
only those files, which are set with the certain context. All the default directories of both
Apache and MySQL have the right contexts associated with all its files. If any changes
are made, such as moving the DocumentRoot of Apache or the MySQL database from
local to a shared storage, then these new directories and all of the files in the directory
need to be set to the same file context as the default installation.
In the case of multiple Apache and MySQL instances running, only one instance can use
the default directory. All of the instances should bear the same security context for all its
associated files and directories. It does not matter if these files reside on the local disk or
the shared storage. SELinux will allow access to these files only after the right context is
set. Configuring the context is mandatory if anything other than the default file locations
of Apache and MySQL are used. Users should refer SELinux documents for detailed
information on how to configure SELinux with these services.
10