Merge tag 'mariadb-5.5.55' into bb-5.5-sachin-merge

Signed-off-by: Sachin Setiya <sachin.setiya@mariadb.com>

8 files changed, 64 insertions, 44 deletions

diff --git a/support-files/CMakeLists.txt b/support-files/CMakeLists.txt
index a66adc19b13..b48abde4fe8 100644
--- a/support-files/CMakeLists.txt
+++ b/support-files/CMakeLists.txt
@@ -1,5 +1,5 @@
-# Copyright (c) 2006, 2014, Oracle and/or its affiliates.
-# Copyright (c) 2012, 2014, SkySQL Ab.
+# Copyright (c) 2006, 2016, Oracle and/or its affiliates.
+# Copyright (c) 2012, 2017, MariaDB
 # 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -67,7 +67,7 @@ IF(UNIX)
   ENDFOREACH()
   IF(INSTALL_SUPPORTFILESDIR)
     INSTALL(FILES magic DESTINATION ${inst_location} COMPONENT SupportFiles)
-    INSTALL(DIRECTORY RHEL4-SElinux/ DESTINATION ${inst_location}/SELinux/RHEL4 COMPONENT SupportFiles)
+    ADD_SUBDIRECTORY(SELinux)
   ENDIF()
 
   INSTALL(FILES mysql.m4 DESTINATION ${INSTALL_SHAREDIR}/aclocal COMPONENT Development)
diff --git a/support-files/SELinux/CMakeLists.txt b/support-files/SELinux/CMakeLists.txt
new file mode 100644
index 00000000000..996d56d6c05
--- /dev/null
+++ b/support-files/SELinux/CMakeLists.txt
@@ -0,0 +1,35 @@
+# Copyright (c) 2017, MariaDB
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+
+FIND_PROGRAM(CHECKMODULE checkmodule)
+FIND_PROGRAM(SEMODULE_PACKAGE semodule_package)
+MARK_AS_ADVANCED(CHECKMODULE SEMODULE_PACKAGE)
+
+SET(params DESTINATION ${INSTALL_SUPPORTFILESDIR}/SELinux COMPONENT SupportFiles)
+
+IF(CHECKMODULE AND SEMODULE_PACKAGE)
+  FOREACH(pol mariadb)
+    SET(src ${CMAKE_CURRENT_SOURCE_DIR}/${pol}.te)
+    SET(mod ${CMAKE_CURRENT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/${pol}-pp.dir/${pol}.mod)
+    SET(out ${CMAKE_CURRENT_BINARY_DIR}/${pol}.pp)
+    ADD_CUSTOM_COMMAND(OUTPUT ${out}
+      COMMAND ${CHECKMODULE} -M -m ${src} -o ${mod}
+      COMMAND ${SEMODULE_PACKAGE} -m ${mod} -o ${out}
+      DEPENDS ${src})
+    ADD_CUSTOM_TARGET(${pol}-pp ALL DEPENDS ${out})
+    INSTALL(FILES ${out} ${params})
+  ENDFOREACH()
+ENDIF()
+INSTALL(FILES mariadb.te rhel4-mysql.fc rhel4-mysql.te ${params})
diff --git a/support-files/SELinux/mariadb.te b/support-files/SELinux/mariadb.te
new file mode 100644
index 00000000000..1d3de52c700
--- /dev/null
+++ b/support-files/SELinux/mariadb.te
@@ -0,0 +1,9 @@
+module mariadb 1.0;
+
+require {
+        type mysqld_safe_t;
+        class capability { setuid setgid };
+}
+
+#============= mysqld_safe_t ==============
+allow mysqld_safe_t self:capability { setuid setgid };
diff --git a/support-files/RHEL4-SElinux/mysql.fc b/support-files/SELinux/rhel4-mysql.fc
index aa0fced4bbc..aa0fced4bbc 100644
--- a/support-files/RHEL4-SElinux/mysql.fc
+++ b/support-files/SELinux/rhel4-mysql.fc
diff --git a/support-files/RHEL4-SElinux/mysql.te b/support-files/SELinux/rhel4-mysql.te
index d2609244640..d2609244640 100644
--- a/support-files/RHEL4-SElinux/mysql.te
+++ b/support-files/SELinux/rhel4-mysql.te
diff --git a/support-files/build-tags b/support-files/build-tags
index c37485e32f9..03b243ee8cc 100755
--- a/support-files/build-tags
+++ b/support-files/build-tags
@@ -1,12 +1,16 @@
 #! /bin/sh
 
 rm -f TAGS
-filter='\.cpp$\|\.cc$\|\.c$\|\.h$\|sql_yacc\.yy$\|\.hpp$\|\.ic$'
 
-list="find . -type f"
-git rev-parse >/dev/null 2>/dev/null && list="git ls-files"
-
-$list |grep $filter |while read f; 
-do
-	 etags -o TAGS --append $f
-done
+if git rev-parse HEAD >/dev/null 2>&1
+then
+  cd `git rev-parse --show-toplevel`
+  echo client storage dbug libmysql sql-common \
+       sql extra mysys mysys_ssl strings regex pcre vio include \
+       tools unittest plugin libmysqld | \
+       xargs -n1 git ls-files | grep -v '\.jar$' | \
+       xargs etags -o TAGS --append
+else
+  find . -type f ! -name "*.jar" |
+       xargs etags -o TAGS --append
+fi
diff --git a/support-files/mysql.server.sh b/support-files/mysql.server.sh
index 50094ac6142..a1b43d99a05 100644
--- a/support-files/mysql.server.sh
+++ b/support-files/mysql.server.sh
@@ -166,8 +166,7 @@ parse_server_arguments() {
 
 # Get arguments from the my.cnf file,
 # the only group, which is read from now on is [mysqld]
-if test -x $bindir/my_print_defaults
-then
+if test -x "$bindir/my_print_defaults";  then
   print_defaults="$bindir/my_print_defaults"
 else
   # Try to find basedir in /etc/my.cnf
@@ -185,11 +184,6 @@ else
         print_defaults="$d/bin/my_print_defaults"
         break
       fi
-      if test -x "$d/bin/mysql_print_defaults"
-      then
-        print_defaults="$d/bin/mysql_print_defaults"
-        break
-      fi
     done
   fi
 
@@ -402,7 +396,7 @@ case "$mode" in
       fi
     else
       # Try to find appropriate mysqld process
-      mysqld_pid=`pidof $libexecdir/mysqld`
+      mysqld_pid=`pgrep $libexecdir/mysqld`
 
       # test if multiple pids exist
       pid_count=`echo $mysqld_pid | wc -w`
diff --git a/support-files/rpm/server-postin.sh b/support-files/rpm/server-postin.sh
index cd2aec4d84a..139d9e3f700 100644
--- a/support-files/rpm/server-postin.sh
+++ b/support-files/rpm/server-postin.sh
@@ -55,31 +55,9 @@ fi
 SETARGETDIR=/etc/selinux/targeted/src/policy
 SEDOMPROG=$SETARGETDIR/domains/program
 SECONPROG=$SETARGETDIR/file_contexts/program
-if [ -f /etc/redhat-release ] ; then 
-   if grep '\(Red Hat Enterprise Linux ..\|CentOS\) release 4' \
-     /etc/redhat-release >/dev/null 2>&1; then
-     echo
-     echo
-     echo 'Notes regarding SELinux on this platform:'
-     echo '========================================='
-     echo
-     echo 'The default policy might cause server startup to fail because it is '
-     echo 'not allowed to access critical files. In this case, please update '
-     echo 'your installation. '
-     echo
-     echo 'The default policy might also cause inavailability of SSL related '
-     echo 'features because the server is not allowed to access /dev/random '
-     echo 'and /dev/urandom. If this is a problem, please do the following: '
-     echo 
-     echo '  1) install selinux-policy-targeted-sources from your OS vendor'
-     echo '  2) add the following two lines to '$SEDOMPROG/mysqld.te':'
-     echo '       allow mysqld_t random_device_t:chr_file read;'
-     echo '       allow mysqld_t urandom_device_t:chr_file read;'
-     echo '  3) cd to '$SETARGETDIR' and issue the following command:'
-     echo '       make load'
-     echo
-     echo
-  fi
+
+if [ -x /usr/sbin/semodule ] ; then
+  /usr/sbin/semodule -i /usr/share/mysql/SELinux/mariadb.pp
 fi
 
 if [ -x sbin/restorecon ] ; then