diff options
| author | Daniel Black <grooverdan@users.sourceforge.net> | 2015-10-14 07:46:31 +0200 |
|---|---|---|
| committer | Sergey Vojtovich <svoj@mariadb.org> | 2015-10-14 12:45:59 +0200 |
| commit | 3723c70a304566d867b6fb22f1b102d389d66321 (patch) | |
| tree | 03a6bf444392f1243c8c1c599b61b87e2a7ad497 | |
| parent | 079cc48e063adc3c132404cbab178fbf66750160 (diff) | |
| download | mariadb-git-3723c70a304566d867b6fb22f1b102d389d66321.tar.gz | |
MDEV-426: systemd PermissionsStartOnly=true by default
mariadb-service-convert during migration can create a file containing
ExecStartPre=/usr/sbin/sysctl -q -w vm.drop_caches=3 if the users my.cnf
contains [mysqld_safe] flush_caches. This sysctl entry change requires root
access. No existing ExecStartPre requires execution requires execution
as another user.
There is a comment in the mariadb{,@}.service.in that indicates
mysqld_install which would require -u mysql to explicity change user to
mysql from root since PermissionsStartOnly=true.
Otherwise the following error would be generated:
Oct 14 07:38:38 spaceman systemd[1]: Starting MariaDB database server...
-- Subject: Unit mariadb.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit mariadb.service has begun starting up.
Oct 14 07:38:38 spaceman sysctl[10089]: sysctl: permission denied on key 'vm.drop_caches'
Oct 14 07:38:38 spaceman systemd[1]: mariadb.service: control process exited, code=exited status=255
Oct 14 07:38:38 spaceman systemd[1]: Failed to start MariaDB database server.
| -rw-r--r-- | cmake/systemd.cmake | 2 | ||||
| -rw-r--r-- | support-files/mariadb.service.in | 4 | ||||
| -rw-r--r-- | support-files/mariadb@.service.in | 4 |
3 files changed, 5 insertions, 5 deletions
diff --git a/cmake/systemd.cmake b/cmake/systemd.cmake index f031f4be0f4..30374e4c348 100644 --- a/cmake/systemd.cmake +++ b/cmake/systemd.cmake @@ -61,7 +61,7 @@ MACRO(CHECK_SYSTEMD) ${INSTALL_SYSTEMD_UNITDIR}/mariadb@.service ${INSTALL_SYSTEMD_UNITDIR}/mariadb@bootstrap.service.d/wsrep-new-cluster.conf") IF(DEB) - SET(SYSTEMD_EXECSTARTPRE "PermissionsStartOnly=true\nExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d /var/run/mysqld") + SET(SYSTEMD_EXECSTARTPRE "ExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d /var/run/mysqld") SET(SYSTEMD_EXECSTARTPOST "ExecStartPost=/etc/mysql/debian-start") ENDIF() MESSAGE(STATUS "Systemd features enabled") diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in index a40b3e18e27..0b4e8f6befe 100644 --- a/support-files/mariadb.service.in +++ b/support-files/mariadb.service.in @@ -43,10 +43,10 @@ User=mysql Group=mysql # Execute pre and post scripts as root, otherwise it does it as User= -# PermissionsStartOnly=true +PermissionsStartOnly=true # Needed to create system tables etc. -# ExecStartPre=/usr/bin/mysql_install_db +# ExecStartPre=/usr/bin/mysql_install_db -u mysql # Start main service # MYSQLD_OPTS here is for users to set in /etc/systemd/system/mariadb.service.d/MY_SPECIAL.conf diff --git a/support-files/mariadb@.service.in b/support-files/mariadb@.service.in index b8ef969cf32..dd9eded610f 100644 --- a/support-files/mariadb@.service.in +++ b/support-files/mariadb@.service.in @@ -50,10 +50,10 @@ User=mysql Group=mysql # Execute pre and post scripts as root, otherwise it does it as User= -# PermissionsStartOnly=true +PermissionsStartOnly=true # Needed to create system tables etc. -# ExecStartPre=/usr/bin/mysql_install_db +# ExecStartPre=/usr/bin/mysql_install_db -u mysql # Start main service # MYSQLD_OPTS here is for users to set in /etc/systemd/system/mariadb@.service.d/MY_SPECIAL.conf |