Commit 3723c70a authored by Daniel Black's avatar Daniel Black Committed by Sergey Vojtovich

MDEV-426: systemd PermissionsStartOnly=true by default

mariadb-service-convert during migration can create a file containing
ExecStartPre=/usr/sbin/sysctl -q -w vm.drop_caches=3 if the users my.cnf
contains [mysqld_safe] flush_caches. This sysctl entry change requires root
access. No existing ExecStartPre requires execution requires execution
as another user.

There is a comment in the mariadb{,@}.service.in that indicates
mysqld_install which would require -u mysql to explicity change user to
mysql from root since PermissionsStartOnly=true.

Otherwise the following error would be generated:
Oct 14 07:38:38 spaceman systemd[1]: Starting MariaDB database server...
-- Subject: Unit mariadb.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit mariadb.service has begun starting up.
Oct 14 07:38:38 spaceman sysctl[10089]: sysctl: permission denied on key 'vm.drop_caches'
Oct 14 07:38:38 spaceman systemd[1]: mariadb.service: control process exited, code=exited status=255
Oct 14 07:38:38 spaceman systemd[1]: Failed to start MariaDB database server.
parent 079cc48e
...@@ -61,7 +61,7 @@ MACRO(CHECK_SYSTEMD) ...@@ -61,7 +61,7 @@ MACRO(CHECK_SYSTEMD)
${INSTALL_SYSTEMD_UNITDIR}/mariadb@.service ${INSTALL_SYSTEMD_UNITDIR}/mariadb@.service
${INSTALL_SYSTEMD_UNITDIR}/mariadb@bootstrap.service.d/wsrep-new-cluster.conf") ${INSTALL_SYSTEMD_UNITDIR}/mariadb@bootstrap.service.d/wsrep-new-cluster.conf")
IF(DEB) IF(DEB)
SET(SYSTEMD_EXECSTARTPRE "PermissionsStartOnly=true\nExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d /var/run/mysqld") SET(SYSTEMD_EXECSTARTPRE "ExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d /var/run/mysqld")
SET(SYSTEMD_EXECSTARTPOST "ExecStartPost=/etc/mysql/debian-start") SET(SYSTEMD_EXECSTARTPOST "ExecStartPost=/etc/mysql/debian-start")
ENDIF() ENDIF()
MESSAGE(STATUS "Systemd features enabled") MESSAGE(STATUS "Systemd features enabled")
......
...@@ -43,10 +43,10 @@ User=mysql ...@@ -43,10 +43,10 @@ User=mysql
Group=mysql Group=mysql
# Execute pre and post scripts as root, otherwise it does it as User= # Execute pre and post scripts as root, otherwise it does it as User=
# PermissionsStartOnly=true PermissionsStartOnly=true
# Needed to create system tables etc. # Needed to create system tables etc.
# ExecStartPre=/usr/bin/mysql_install_db # ExecStartPre=/usr/bin/mysql_install_db -u mysql
# Start main service # Start main service
# MYSQLD_OPTS here is for users to set in /etc/systemd/system/mariadb.service.d/MY_SPECIAL.conf # MYSQLD_OPTS here is for users to set in /etc/systemd/system/mariadb.service.d/MY_SPECIAL.conf
......
...@@ -50,10 +50,10 @@ User=mysql ...@@ -50,10 +50,10 @@ User=mysql
Group=mysql Group=mysql
# Execute pre and post scripts as root, otherwise it does it as User= # Execute pre and post scripts as root, otherwise it does it as User=
# PermissionsStartOnly=true PermissionsStartOnly=true
# Needed to create system tables etc. # Needed to create system tables etc.
# ExecStartPre=/usr/bin/mysql_install_db # ExecStartPre=/usr/bin/mysql_install_db -u mysql
# Start main service # Start main service
# MYSQLD_OPTS here is for users to set in /etc/systemd/system/mariadb@.service.d/MY_SPECIAL.conf # MYSQLD_OPTS here is for users to set in /etc/systemd/system/mariadb@.service.d/MY_SPECIAL.conf
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment