Perl DBI fails to connect if SELinux is enabled and in enforcing mode

[rwfranks]

Transcribed verbatim from CPAN RT#134050, warts and all.

Thu Jan 14 20:52:44 2021 andrew.xavier [...] servicenow.com - Ticket created
Subject: Perl DBI fails to connect if SELinux is enabled and in enforcing mode. It works fine in permissive mode. No denial reported by SElinux

Date: Fri, 15 Jan 2021 01:23:46 +0000
To: "[email protected]" [email protected]
From: Andrew Xavier [email protected]

Hi Team,

Perl DBI is failing when SElinux is running in enforcing mode. Works fine in permissive mode.

The environment is 3.10.0-1062.18.1.el7.x86_64, CentOS Linux release 7.7.1908 (Core)

The simple script to validate

dbconnect.pl
#!/usr/bin/perl -w
use v5.10;
use DBI;

say "Perl MariaDB Connect Demo";
my $dsn = "DBI:mysql:database=andrewbackuptest;mysql_socket=/tmp/mysqld_andrewbackuptest_3510.sock";
my $username = 'xaviea';
my $password = 'xaviea';

my %attr = ( PrintError=>0, RaiseError=>1);

my $dbh = DBI->connect($dsn,$username,$password, \%attr);

say "Connected to the MySQL database.";

$dbh->disconnect();

tsa401:/root]# getenforce
Permissive

tsa401:/root]# perl dbconnect.pl
Perl MariaDB Connect Demo
Connected to the MySQL database.



DBI_TRACE=15=dbconnect.trace perl dbconnect.pl

DB Connect trace output

DBI 1.627-ithread default trace level set to 0x0/15 (pid 27659 pi 2129010) at DBI.pm line 288 via dbconnect.pl line 3
install_method DBI::db::get_info    , flags 0x2a00,
    usage: min 2, max 2, '$info_type'
install_method DBI::db::take_imp_data, flags 0x10000,
    usage: min 1, max 1, ''
install_method DBI::db::disconnect  , flags 0x10c00, T 0x00000200,
    usage: min 1, max 1, ''
install_method DBI::db::selectrow_array, flags 0x2000,
    usage: min 2, max 0, '$statement [, \%attr [, @bind_params ] ]'
install_method DBI::db::tables      , flags 0x2200,
    usage: min 1, max 6, '$catalog, $schema, $table, $type [, \%attr ]'
install_method DBI::db::quote_identifier, flags 0x0430,
    usage: min 2, max 6, '$name [, ...] [, \%attr ]'
install_method DBI::db::clone       , T 0x00000200,
    usage: min 1, max 2, '[\%attr]'
install_method DBI::db::quote       , flags 0x0430,
    usage: min 2, max 3, '$string [, $data_type ]'
install_method DBI::db::type_info   , flags 0x2200,
    usage: min 1, max 2, '$data_type'
install_method DBI::db::statistics_info, flags 0xaa00,
    usage: min 6, max 7, '$catalog, $schema, $table, $unique_only, $quick, [, \%attr ]'
install_method DBI::db::selectrow_arrayref, flags 0x2000,
    usage: min 2, max 0, '$statement [, \%attr [, @bind_params ] ]'
install_method DBI::db::begin_work  , flags 0x0400, T 0x00001000,
    usage: min 1, max 2, '[ \%attr ]'
install_method DBI::db::last_insert_id, flags 0x2800,
    usage: min 5, max 6, '$catalog, $schema, $table_name, $field_name [, \%attr ]'
install_method DBI::db::foreign_key_info, flags 0xaa00,
    usage: min 7, max 8, '$pk_catalog, $pk_schema, $pk_table, $fk_catalog, $fk_schema, $fk_table [, \%attr ]'
install_method DBI::db::primary_key , flags 0x2200,
    usage: min 4, max 5, '$catalog, $schema, $table [, \%attr ]'
install_method DBI::db::commit      , flags 0x0c80, T 0x00001000,
    usage: min 1, max 1, ''
install_method DBI::db::ping        , flags 0x0404,
    usage: min 1, max 1, ''
install_method DBI::db::selectall_arrayref, flags 0x2000,
    usage: min 2, max 0, '$statement [, \%attr [, @bind_params ] ]'
install_method DBI::db::type_info_all, flags 0x2a00,
    usage: min 1, max 1, ''
install_method DBI::db::do          , flags 0x3200,
    usage: min 2, max 0, '$statement [, \%attr [, @bind_params ] ]'
install_method DBI::db::selectcol_arrayref, flags 0x2000,
    usage: min 2, max 0, '$statement [, \%attr [, @bind_params ] ]'
install_method DBI::db::prepare_cached, flags 0xa200,
    usage: min 2, max 4, '$statement [, \%attr [, $if_active ] ]'
install_method DBI::db::rows        , flags 0x0004
install_method DBI::db::rollback    , flags 0x0c80, T 0x00001000,
    usage: min 1, max 1, ''
install_method DBI::db::column_info , flags 0xaa00,
    usage: min 5, max 6, '$catalog, $schema, $table, $column [, \%attr ]'
install_method DBI::db::table_info  , flags 0xaa00,
    usage: min 1, max 6, '$catalog, $schema, $table, $type [, \%attr ]'
install_method DBI::db::primary_key_info, flags 0xaa00,
    usage: min 4, max 5, '$catalog, $schema, $table [, \%attr ]'
install_method DBI::db::prepare     , flags 0xa200,
    usage: min 2, max 3, '$statement [, \%attr]'
install_method DBI::db::preparse
install_method DBI::db::connected   , flags 0x0004, T 0x00000200, H 3,
    usage: min 1, max 0, ''
install_method DBI::db::data_sources, flags 0x0200,
    usage: min 1, max 2, '[\%attr]'
install_method DBI::db::selectall_hashref, flags 0x2000,
    usage: min 3, max 0, '$statement, $keyfield [, \%attr [, @bind_params ] ]'
install_method DBI::db::selectrow_hashref, flags 0x2000,
    usage: min 2, max 0, '$statement [, \%attr [, @bind_params ] ]'
install_method DBI::dr::default_user, T 0x00000200,
    usage: min 3, max 4, '$user, $pass [, \%attr]'
install_method DBI::dr::data_sources, flags 0x0800, T 0x00000200,
    usage: min 1, max 2, '[\%attr]'
install_method DBI::dr::dbixs_revision, flags 0x0004
install_method DBI::dr::disconnect_all, flags 0x0800, T 0x00000200,
    usage: min 1, max 1, ''
install_method DBI::dr::connect_cached, flags 0x8000, T 0x00000200, H 3,
    usage: min 1, max 5, '[$db [,$user [,$passwd [,\%attr]]]]'
install_method DBI::dr::connect     , flags 0x8000, T 0x00000200, H 3,
    usage: min 1, max 5, '[$db [,$user [,$passwd [,\%attr]]]]'
install_method DBI::st::more_results,
    usage: min 1, max 1, ''
install_method DBI::st::blob_read   ,
    usage: min 4, max 5, '$field, $offset, $len [, \$buf [, $bufoffset]]'
install_method DBI::st::fetchall_hashref,
    usage: min 2, max 2, '$key_field'
install_method DBI::st::bind_param_inout_array,
    usage: min 4, max 5, '$parameter, \@var, $maxlen, [, \%attr]'
install_method DBI::st::finish      ,
    usage: min 1, max 1, ''
install_method DBI::st::rows        , flags 0x0004
install_method DBI::st::execute_for_fetch, flags 0x5040,
    usage: min 2, max 3, '$fetch_sub [, $tuple_status]'
install_method DBI::st::fetchrow_hashref
install_method DBI::st::_get_fbav
install_method DBI::st::_set_fbav   , T 0x00000006
install_method DBI::st::fetchrow
install_method DBI::st::fetch
install_method DBI::st::execute_array, flags 0x5040,
    usage: min 2, max 0, '\%attribs [, @args]'
install_method DBI::st::dump_results,
    usage: min 1, max 5, '$maxfieldlen, $linesep, $fieldsep, $filehandle'
install_method DBI::st::bind_param_array,
    usage: min 3, max 4, '$parameter, $var [, \%attr]'
install_method DBI::st::fetchrow_array
install_method DBI::st::execute     , flags 0x1040,
    usage: min 1, max 0, '[@args]'
install_method DBI::st::bind_col    ,
    usage: min 3, max 4, '$column, \$var [, \%attr]'
install_method DBI::st::fetchall_arrayref,
    usage: min 1, max 3, '[ $slice [, $max_rows]]'
install_method DBI::st::fetchrow_arrayref
install_method DBI::st::bind_param_inout,
    usage: min 4, max 5, '$parameter, \$var, $maxlen, [, \%attr]'
install_method DBI::st::bind_columns,
    usage: min 2, max 0, '\$var1 [, \$var2, ...]'
install_method DBI::st::cancel      , flags 0x0800,
    usage: min 1, max 1, ''
install_method DBI::st::blob_copy_to_file,
    usage: min 3, max 3, '$field, $filename_or_handleref'
install_method DBI::st::bind_param  ,
    usage: min 3, max 4, '$parameter, $var [, \%attr]'
install_method DBI::common::parse_trace_flag, flags 0x0404, T 0x00000008,
    usage: min 2, max 2, '$name'
install_method DBI::common::errstr  , flags 0x0004
install_method DBI::common::trace_msg, flags 0x0004, T 0x00000008,
    usage: min 2, max 3, '$message_text [, $min_level ]'
install_method DBI::common::err     , flags 0x0004
install_method DBI::common::CLEAR   , flags 0x0004
install_method DBI::common::state   , flags 0x0004
install_method DBI::common::NEXTKEY , flags 0x0004
install_method DBI::common::trace   , flags 0x0004,
    usage: min 1, max 3, '[$trace_level, [$filename]]'
install_method DBI::common::debug   , flags 0x0004,
    usage: min 1, max 2, '[$debug_level]'
install_method DBI::common::parse_trace_flags, flags 0x0404, T 0x00000008,
    usage: min 2, max 2, '$flags'
install_method DBI::common::private_attribute_info
install_method DBI::common::swap_inner_handle,
    usage: min 2, max 3, '$h [, $allow_reparent ]'
install_method DBI::common::EXISTS  , flags 0x0004
install_method DBI::common::visit_child_handles, flags 0x0404, T 0x00000004,
    usage: min 2, max 3, '$coderef [, $info ]'
install_method DBI::common::FETCH   , flags 0x0404
install_method DBI::common::FIRSTKEY, flags 0x0004
install_method DBI::common::set_err , flags 0x0010,
    usage: min 3, max 6, '$err, $errmsg [, $state, $method, $rv]'
install_method DBI::common::DESTROY , flags 0x10004
install_method DBI::common::dump_handle, flags 0x0004,
    usage: min 1, max 3, '[$message [, $level]]'
install_method DBI::common::FETCH_many, flags 0x0404
install_method DBI::common::can     , flags 0x0100
install_method DBI::common::STORE   , flags 0x041c
install_method DBI::common::private_data, flags 0x0004,
    usage: min 1, max 1, ''
install_method DBI::common::func    , flags 0x0006
    -> DBI->connect(DBI:mysql:database=andrewbackuptest;mysql_socket=/tmp/mysqld_andrewbackuptest_3510.sock, xaviea, ****,
HASH(0x21554a0))
    -> DBI->install_driver(mysql) for linux perl=5.016003 pid=27659 ruid=0 euid=0
       install_driver: DBD::mysql version 4.023 loaded from /usr/lib64/perl5/vendor_perl/DBD/mysql.pm
    New 'DBI::dr' (for DBD::mysql::dr, parent='', id=undef)
    dbih_setup_handle(DBI::dr=HASH(0x2155140)=>DBI::dr=HASH(0x22515c8), DBD::mysql::dr, 0, Null!)
    dbih_make_com(Null!, 0, DBD::mysql::dr, 152, 0) thr#2129010
    dbih_setup_attrib(DBI::dr=HASH(0x22515c8), Err, Null!) SCALAR(0x224c000) (already defined)
    dbih_setup_attrib(DBI::dr=HASH(0x22515c8), State, Null!) SCALAR(0x22bb238) (already defined)
    dbih_setup_attrib(DBI::dr=HASH(0x22515c8), Errstr, Null!) SCALAR(0x224bfe8) (already defined)
    dbih_setup_attrib(DBI::dr=HASH(0x22515c8), TraceLevel, Null!) 0 (already defined)
    dbih_setup_attrib(DBI::dr=HASH(0x22515c8), FetchHashKeyName, Null!) 'NAME' (already defined)
install_method DBI::db::mysql_fd
install_method DBI::db::mysql_async_result
install_method DBI::db::mysql_async_ready
install_method DBI::st::mysql_async_result
install_method DBI::st::mysql_async_ready
    <- install_driver= DBI::dr=HASH(0x2155140)
    >> connect     DISPATCH (DBI::dr=HASH(0x2155140) rc2/3 @5 g2 ima8001 pid#27659) at /usr/lib64/perl5/vendor_perl/DBI.pm
line 670
    !! warn: 0 CLEARED by call to connect method
    -> connect for DBD::mysql::dr (DBI::dr=HASH(0x2155140)~0x22515c8 'database=andrewbackuptest;mysql_socket=/tmp/mysqld_a
ndrewbackuptest_3510.sock' 'xaviea' **** HASH(0x2266988)) thr#2129010
    New 'DBI::db' (for DBD::mysql::db, parent=DBI::dr=HASH(0x22515c8), id=HASH(0x2205280))
    dbih_setup_handle(DBI::db=HASH(0x2205130)=>DBI::db=HASH(0x2205310), DBD::mysql::db, 22bb640, HASH(0x2205280))
    dbih_make_com(DBI::dr=HASH(0x22515c8), 238ce80, DBD::mysql::db, 192, 22051c0) thr#2129010
    dbih_setup_attrib(DBI::db=HASH(0x2205310), Err, DBI::dr=HASH(0x22515c8)) SCALAR(0x22bb958) (already defined)
    dbih_setup_attrib(DBI::db=HASH(0x2205310), State, DBI::dr=HASH(0x22515c8)) SCALAR(0x22bba18) (already defined)
    dbih_setup_attrib(DBI::db=HASH(0x2205310), Errstr, DBI::dr=HASH(0x22515c8)) SCALAR(0x22bb9b8) (already defined)
    dbih_setup_attrib(DBI::db=HASH(0x2205310), TraceLevel, DBI::dr=HASH(0x22515c8)) 0 (already defined)
    dbih_setup_attrib(DBI::db=HASH(0x2205310), FetchHashKeyName, DBI::dr=HASH(0x22515c8)) 'NAME' (already defined)
    dbih_setup_attrib(DBI::db=HASH(0x2205310), HandleSetErr, DBI::dr=HASH(0x22515c8)) undef (not defined)
    dbih_setup_attrib(DBI::db=HASH(0x2205310), HandleError, DBI::dr=HASH(0x22515c8)) undef (not defined)
    dbih_setup_attrib(DBI::db=HASH(0x2205310), ReadOnly, DBI::dr=HASH(0x22515c8)) undef (not defined)
    dbih_setup_attrib(DBI::db=HASH(0x2205310), Profile, DBI::dr=HASH(0x22515c8)) undef (not defined)
imp_dbh->connect: dsn = database=andrewbackuptest;mysql_socket=/tmp/mysqld_andrewbackuptest_3510.sock, uid = xaviea, pwd =
xaviea
imp_dbh->my_login : dbname = andrewbackuptest, uid = xaviea, pwd = xaviea,host = NULL, port = NULL
imp_dbh->mysql_dr_connect: host = |NULL|, port = 0, uid = xaviea, pwd = xaviea
imp_dbh->bind_type_guessing: 0
imp_dbh->use_server_side_prepare: 0
imp_dbh->mysql_dr_connect: client_flags = 2
imp_dbh->mysql_dr_connect: <-             --> do_error
Can't connect to local MySQL server through socket '/tmp/mysqld_andrewbackuptest_3510.sock' (22) error 2002 recorded: Can'
t connect to local MySQL server through socket '/tmp/mysqld_andrewbackuptest_3510.sock' (22)
                   <-- do_error
    >> DESTROY     DISPATCH (DBI::db=HASH(0x2205130) rc1/1 @1 g2 ima10004 pid#27659) at /usr/lib64/perl5/vendor_perl/DBD/m
ysql.pm line 152 via  at dbconnect.pl line 22
    <> DESTROY(DBI::db=HASH(0x2205130)) ignored for outer handle (inner DBI::db=HASH(0x2205310) has ref cnt 2)
    >> DESTROY     DISPATCH (DBI::db=HASH(0x2205310) rc1/1 @1 g2 ima10004 pid#27659) at /usr/lib64/perl5/vendor_perl/DBI.p
m line 670 via  at dbconnect.pl line 22
    -> DESTROY for DBD::mysql::db (DBI::db=HASH(0x2205310)~INNER) thr#2129010
         DESTROY for DBI::db=HASH(0x2205310) ignored - handle not initialised
       ERROR: 2002 'Can't connect to local MySQL server through socket '/tmp/mysqld_andrewbackuptest_3510.sock' (22)' (err
#0)
    <- DESTROY= ( undef ) [1 items] at /usr/lib64/perl5/vendor_perl/DBI.pm line 670 via  at dbconnect.pl line 22
    DESTROY (dbih_clearcom) (dbh 0x2205310, com 0x21422f0, imp DBD::mysql::db):
       FLAGS 0x100211: COMSET Warn PrintWarn AutoCommit
       ERR 2002
       ERRSTR 'Can't connect to local MySQL server through socket '/tmp/mysqld_andrewbackuptest_3510.sock' (22)'
       PARENT DBI::dr=HASH(0x22515c8)
       KIDS 0 (0 Active)
       IMP_DATA HASH(0x2205280)
    dbih_clearcom 0x2205310 (com 0x21422f0, type 2) done.

    !! ERROR: 2002 'Can't connect to local MySQL server through socket '/tmp/mysqld_andrewbackuptest_3510.sock' (22)' (err
#0)
    <- connect= ( undef ) [1 items] at /usr/lib64/perl5/vendor_perl/DBI.pm line 670
    -> $DBI::errstr (&) FETCH from lasth=HASH
    >> DBD::mysql::dr::errstr
    <- $DBI::errstr= 'Can't connect to local MySQL server through socket '/tmp/mysqld_andrewbackuptest_3510.sock' (22)'
       DBI connect('database=andrewbackuptest;mysql_socket=/tmp/mysqld_andrewbackuptest_3510.sock','xaviea',...) failed: C
an't connect to local MySQL server through socket '/tmp/mysqld_andrewbackuptest_3510.sock' (22)
    -- DBI::END ($@: , $!: )
    >> disconnect_all DISPATCH (DBI::dr=HASH(0x2155140) rc1/3 @1 g2 ima801 pid#27659) at /usr/lib64/perl5/vendor_perl/DBI.
pm line 749 via  at /usr/share/perl5/vendor_perl/Carp.pm line 100
    !! ERROR: 2002 CLEARED by call to disconnect_all method
    -> disconnect_all for DBD::mysql::dr (DBI::dr=HASH(0x2155140)~0x22515c8) thr#2129010
    <- disconnect_all= ( ) [0 items] (not implemented) at /usr/lib64/perl5/vendor_perl/DBI.pm line 749 via  at /usr/share/
perl5/vendor_perl/Carp.pm line 100
!   >> DESTROY     DISPATCH (DBI::dr=HASH(0x22515c8) rc1/1 @1 g2 ima10004 pid#27659) during global destruction
!   -> DESTROY in DBD::_::common for DBD::mysql::dr (DBI::dr=HASH(0x22515c8)~INNER) thr#2129010
!   <- DESTROY= ( undef ) [1 items] during global destruction
    DESTROY (dbih_clearcom) (drh 0x2155140, com 0x238ce80, imp global destruction):
       FLAGS 0x100215: COMSET Active Warn PrintWarn AutoCommit
       PARENT undef
       KIDS 0 (0 Active)
    dbih_clearcom 0x2155140 (com 0x238ce80, type 1) done.

!   >> DESTROY     DISPATCH (DBI::dr=HASH(0x2155140) rc1/1 @1 g2 ima10004 pid#27659) during global destruction
!   <> DESTROY for DBI::dr=HASH(0x2155140) ignored (inner handle gone)

Please assist.

Thanks
Andrew