Bug #106468 | Replace systemd PermissionsStartOnly with executable prefix | ||
---|---|---|---|
Submitted: | 15 Feb 2022 20:16 | Modified: | 7 Mar 2022 3:13 |
Reporter: | Terje Røsten | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Packaging | Severity: | S3 (Non-critical) |
Version: | OS: | Any | |
Assigned to: | Terje Røsten | CPU Architecture: | Any |
[15 Feb 2022 20:16]
Terje Røsten
[16 Feb 2022 10:47]
Terje Røsten
This breaks on el7 which have: $ rpm -q systemd systemd-219-78.0.7.el7.x86_64 While current setup works for all supported platforms. Need logic to detect target platform then, not sure if that make sense at this point?
[21 Feb 2022 10:01]
Terje Røsten
Required prefix + was added in systemd 231: CHANGES WITH 231: * In service units the various ExecXYZ= settings have been extended with an additional special character as first argument of the assigned value: if the character '+' is used the specified command line it will be run with full privileges, regardless of User=, Group=, CapabilityBoundingSet= and similar options. The effect is similar to the existing PermissionsStartOnly= option, but allows configuration of this concept for each executed command line independently. https://github.com/systemd/systemd/blob/main/NEWS
[21 Feb 2022 10:07]
Terje Røsten
Debian 10: 232 Ubuntu 18.04: 237 Fedora 34: 248 el8: 239 el7: 219 el6: n/a (sysv init) sles12: 228 opensuse15: 246 -> Need special care for SLES 12 and EL7.
[7 Mar 2022 3:13]
Philip Olson
Posted by developer: Fixed as of the upcoming MySQL Server 8.0.29 release, and here's the proposed changelog entry from the documentation team: Updated CMake rules to handle the deprecated PermissionsStartOnly systemd option. The alternative executable prefix was added in systemd 231 (July 2016) while PermissionsStartOnly was deprecated in systemd 240 (Dec 2018). The preferred executable prefix is now used where available. Thanks to Michael Voříšek for the inspiration.