From 8b3b73808d90f25a3ec5698864d9b406ae7bba80 Mon Sep 17 00:00:00 2001
From: Daniel Black <daniel@linux.ibm.com>
Date: Thu, 21 May 2020 16:19:49 +1000
Subject: [PATCH] MDEV-27635: selinux: allow read of
 /proc/sys/kernel/core_pattern

Prevent the error:

setroubleshoot[23678]: SELinux is preventing /usr/libexec/mysqld from read access on the file core_pattern.

Reading of the core pattern occurs on crash as added in MDEV-15051

RHEL-7.7

$  ls -laZ /proc/sys/kernel/core_pattern
-rw-r--r--. root root system_u:object_r:usermodehelper_t:s0 /proc/sys/kernel/core_pattern
---
 support-files/policy/selinux/mariadb-server.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/support-files/policy/selinux/mariadb-server.te b/support-files/policy/selinux/mariadb-server.te
index 45ef40f4153..c8b2c21ff07 100644
--- a/support-files/policy/selinux/mariadb-server.te
+++ b/support-files/policy/selinux/mariadb-server.te
@@ -77,6 +77,7 @@ allow mysqld_t user_tmp_t:dir { write add_name };
 allow mysqld_t user_tmp_t:file create;
 allow mysqld_t bin_t:lnk_file read;
 allow mysqld_t tmp_t:file { append create read write open getattr unlink setattr };
+allow mysqld_t usermodehelper_t:file { read open };
 
 # Allows too much leeway - the xtrabackup/wsrep rules in fc should fix it, but
 # keep for the moment.