Bug#25088048 ADDITIONAL ISSUES IN MYSQLD_SAFE

Don't read --ledir option from config file. Ignore current working for finding location of mysqld Remove use of chown/chmod in scripts. Be helpful only when basedir is /var/log or /var/lib. Removed unused systemd files for SLES. Set explicit basedir in scripts.

Bug#25088048 ADDITIONAL ISSUES IN MYSQLD_SAFE
Don't read --ledir option from config file. Ignore current working for finding location of mysqld Remove use of chown/chmod in scripts. Be helpful only when basedir is /var/log or /var/lib. Removed unused systemd files for SLES. Set explicit basedir in scripts.
cdd57aa7 · Terje Rosten · a63185e8 · cdd57aa7 · cdd57aa7 · cdd57aa7
Commit cdd57aa7 authored Nov 16, 2016 by Terje Rosten
9 changed files
--- a/packaging/rpm-oel/mysql-systemd-start
+++ b/packaging/rpm-oel/mysql-systemd-start
@@ -22,7 +22,9 @@ install_db () {
    datadir=$(get_option mysqld datadir "/var/lib/mysql")
    # Restore log, dir, perms and SELinux contexts
-    [ -d "$datadir" ] || install -d -m 0755 -omysql -gmysql "$datadir" || exit 1
+    if [ ! -d "$datadir" -a ! -h "$datadir" -a "x$(basedir "$datadir")" = "x/var/lib" ]; then
+	install -d -m 0755 -omysql -gmysql "$datadir" || exit 1
+    fi
    log=/var/log/mysqld.log
    [ -e $log ] || touch $log
    chmod 0640 $log

--- a/packaging/rpm-oel/mysql.init
+++ b/packaging/rpm-oel/mysql.init
@@ -70,18 +70,19 @@ start(){
 	ret=0
    else
    	# prepare for start
-	touch "$errlogfile"
+	if [ ! -e "$errlogfile" -a ! -h "$errlogfile" -a "x$(dirname "$errlogfile")" = "x/var/log" ]; then
-	chown mysql:mysql "$errlogfile" 
+	    install /dev/null -m0640 -omysql -gmysql "$errlogfile"
-	chmod 0640 "$errlogfile"
+	fi
 	[ -x /sbin/restorecon ] && /sbin/restorecon "$errlogfile"
 	if [ ! -d "$datadir/mysql" ] ; then
 	    # First, make sure $datadir is there with correct permissions
-	    if [ ! -e "$datadir" -a ! -h "$datadir" ]
+	    if [ ! -d "$datadir" -a ! -h "$datadir" -a "x$(basedir "$datadir")" = "x/var/lib" ]; then
-	    then
+		install -d -m0755 -omysql -gmysql "$datadir" || exit 1
-		mkdir -p "$datadir" || exit 1
+	    fi
+	    if [ ! -h "$datadir" -a "x$(basedir "$datadir")" = "x/var/lib" ]; then
+		chown mysql:mysql "$datadir"
+		chmod 0755 "$datadir"
 	    fi
-	    chown mysql:mysql "$datadir"
-	    chmod 0755 "$datadir"
 	    if [ -x /sbin/restorecon ]; then
 		/sbin/restorecon "$datadir"
 		for dir in /var/lib/mysql-files ; do
@@ -94,13 +95,14 @@ start(){
 	    # Now create the database
 	    action $"Initializing MySQL database: " /usr/bin/mysql_install_db --rpm --datadir="$datadir" --user=mysql
 	    ret=$?
-	    chown -R mysql:mysql "$datadir"
 	    if [ $ret -ne 0 ] ; then
 		return $ret
 	    fi
 	fi
-	chown mysql:mysql "$datadir"
+	if [ ! -h "$datadir" -a "x$(basedir "$datadir")" = "x/var/lib" ]; then
-	chmod 0755 "$datadir"
+	    chown mysql:mysql "$datadir"
+	    chmod 0755 "$datadir"
+	fi
 	# Pass all the options determined above, to ensure consistent behavior.
 	# In many cases mysqld_safe would arrive at the same conclusions anyway
 	# but we need to be sure.  (An exception is that we don't force the

--- a/packaging/rpm-oel/mysqld.service
+++ b/packaging/rpm-oel/mysqld.service
@@ -34,7 +34,7 @@ PermissionsStartOnly=true
 ExecStartPre=/usr/bin/mysql-systemd-start pre
 # Start main service
-ExecStart=/usr/bin/mysqld_safe
+ExecStart=/usr/bin/mysqld_safe --basedir=/usr
 # Don't signal startup success before a ping works
 ExecStartPost=/usr/bin/mysql-systemd-start post

--- a/packaging/rpm-sles/CMakeLists.txt
+++ b/packaging/rpm-sles/CMakeLists.txt
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
 # 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -20,7 +20,6 @@ IF(UNIX)
  # Left in current directory, to be taken during build
  CONFIGURE_FILE(mysql.spec.in ${CMAKE_CURRENT_BINARY_DIR}/${SPECFILENAME} @ONLY)
  FOREACH(fedfile my.cnf my_config.h mysql.init
-          mysqld.service mysql-systemd-start mysql.conf
          filter-requires.sh filter-provides.sh)
    CONFIGURE_FILE(${fedfile} ${CMAKE_CURRENT_BINARY_DIR}/${fedfile} COPYONLY)
  ENDFOREACH()

--- a/packaging/rpm-sles/mysql-systemd-start
+++ b/packaging/rpm-sles/mysql-systemd-start
-#! /bin/bash
-#
-# Scripts to run by MySQL systemd service
-# 
-# Needed argument: pre | post
-# 
-# pre mode  :  try to run mysql_install_db and fix perms and SELinux contexts
-# post mode :  ping server until answer is received
-# 
-install_db () {    
-    # Note: something different than datadir=/var/lib/mysql requires SELinux policy changes (in enforcing mode)
-    datadir=$(/usr/bin/my_print_defaults server mysqld | grep '^--datadir=' | sed -n 's/--datadir=//p' | tail -n 1)
-    # Restore log, dir, perms and SELinux contexts
-    [ -d "$datadir" ] || install -d -m 0755 -omysql -gmysql "$datadir" || exit 1
-    log=/var/log/mysqld.log
-    [ -e $log ] || touch $log
-    chmod 0640 $log
-    chown mysql:mysql $log || exit 1
-    if [ -x /usr/sbin/restorecon ]; then
-        /usr/sbin/restorecon "$datadir"
-        /usr/sbin/restorecon $log
-    fi
-    # If special mysql dir is in place, skip db install 
-    [ -d "$datadir/mysql" ] && exit 0
-    # Create initial db
-    /usr/bin/mysql_install_db --rpm --datadir="$datadir" --user=mysql
-    # Create a file to trigger execution of mysql_secure_installation
-    # after server has started
-    touch  "$datadir"/.phase_two_required
-    exit 0
-}
-pinger () {
-    # Wait for ping to answer to signal startup completed,
-    # might take a while in case of e.g. crash recovery
-    # MySQL systemd service will timeout script if no answer
-    ret=1
-    while /bin/true ; do
-        sleep 1
-        mysqladmin ping >/dev/null 2>&1 && ret=0 && break
-    done
-    # If server has been started successfully and file created in
-    # install_db step is present we run mysql_secure_installation
-    if [ $ret -eq 0 -a -e "$datadir"/.phase_two_required -a -x /usr/bin/mysql_secure_installation ] ; then
-	/usr/bin/mysql_secure_installation --use-default --defaults-file=/etc/my.cnf
-	rm -f "$datadir"/.phase_two_required
-    fi
-    exit 0
-}
-# main
-case $1 in
-    "pre") install_db ;;
-    "post") pinger ;;
-esac
-exit 0
--- a/packaging/rpm-sles/mysql.conf
+++ b/packaging/rpm-sles/mysql.conf
-d /var/run/mysqld 0755 mysql mysql -
--- a/packaging/rpm-sles/mysql.init
+++ b/packaging/rpm-sles/mysql.init
@@ -49,7 +49,6 @@ get_option () {
 datadir=$(get_option mysqld datadir "/var/lib/mysql")
 socket=$(get_option  mysqld socket "$datadir/mysql.sock")
 pidfile=$(get_option mysqld_safe pid-file "/var/run/mysql/mysqld.pid")
-logfile=$(get_option mysqld_safe log-error "/var/log/mysql/mysqld.log")
 install_db () {
    # Note: something different than datadir=/var/lib/mysql requires 
@@ -58,14 +57,16 @@ install_db () {
    logfile=$(get_option mysqld_safe log-error "/var/log/mysql/mysqld.log")
    # Restore log, dir, perms and SELinux contexts
-    [ -d "$datadir" ] || install -d -m 0755 -omysql -gmysql "$datadir" || return 1
+    if [ ! -d "$datadir" -a ! -h "$datadir" -a "x$(basedir "$datadir")" = "x/var/lib" ]; then
+	install -d -m 0755 -omysql -gmysql "$datadir" || return 1
+    fi
-    [ -e $logfile ] || touch $logfile || return 1
+    if [ ! -e "$logfile" -a ! -h "$logfile" -a "x$(dirname "$logfile")" = "x/var/log/mysql" ]; then
-    chmod 0640 $logfile
+	install /dev/null -omysql -gmysql "$logfile" || return 1
-    chown mysql:mysql $logfile || return 1
+    fi
    if [ -x /usr/sbin/restorecon ]; then
        /usr/sbin/restorecon "$datadir"
-        /usr/sbin/restorecon $logfile
+        /usr/sbin/restorecon "$logfile"
    fi
    # If special mysql dir is in place, skip db install 

--- a/packaging/rpm-sles/mysqld.service
+++ b/packaging/rpm-sles/mysqld.service
-#
-# Simple MySQL systemd service file
-#
-# systemd supports lots of fancy features, look here (and linked docs) for a full list: 
-#   http://www.freedesktop.org/software/systemd/man/systemd.exec.html
-#
-# Note: this file ( /usr/lib/systemd/system/mysql.service )
-# will be overwritten on package upgrade, please copy the file to 
-#
-#  /etc/systemd/system/mysql.service 
-#  
-# to make needed changes.
-# 
-# systemd-delta can be used to check differences between the two mysql.service files.
-#
-[Unit]
-Description=MySQL Community Server
-After=network.target
-After=syslog.target
-[Install]
-WantedBy=multi-user.target
-Alias=mysql.service
-[Service]
-User=mysql
-Group=mysql
-# Execute pre and post scripts as root
-PermissionsStartOnly=true
-# Needed to create system tables etc.
-ExecStartPre=/usr/bin/mysql-systemd-start pre
-# Start main service
-ExecStart=/usr/bin/mysqld_safe
-# Don't signal startup success before a ping works
-ExecStartPost=/usr/bin/mysql-systemd-start post
-# Give up if ping don't get an answer
-TimeoutSec=600
-Restart=always
-PrivateTmp=false
--- a/scripts/mysqld_safe.sh
+++ b/scripts/mysqld_safe.sh
@@ -218,7 +218,13 @@ parse_arguments() {
      # mysqld_safe-specific options - must be set in my.cnf ([mysqld_safe])!
      --core-file-size=*) core_file_size="$val" ;;
-      --ledir=*) ledir="$val" ;;
+      --ledir=*)
+        if [ -z "$pick_args" ]; then
+          log_error "--ledir option can only be used as command line option, found in config file"
+          exit 1
+        fi
+        ledir="$val"
+        ;;
      --malloc-lib=*) set_malloc_lib "$val" ;;
      --mysqld=*)
        if [ -z "$pick_args" ]; then
@@ -394,7 +400,15 @@ else
  relpkgdata='@pkgdatadir@'
 fi
-MY_PWD=`pwd`
+case "$0" in
+  /*)
+  MY_PWD='@prefix@'
+  ;;
+  *)
+  MY_PWD=`dirname $0`
+  MY_PWD=`dirname $MY_PWD`
+  ;;
+esac
 # Check for the directories we would expect from a binary release install
 if test -n "$MY_BASEDIR_VERSION" -a -d "$MY_BASEDIR_VERSION"
 then