Bug #106468 Replace systemd PermissionsStartOnly with executable prefix
Submitted: 15 Feb 2022 20:16 Modified: 7 Mar 2022 3:13
Reporter: Terje Røsten Email Updates:
Status: Closed Impact on me:
Category:MySQL Server: Packaging Severity:S3 (Non-critical)
Version: OS:Any
Assigned to: Terje Røsten CPU Architecture:Any

[15 Feb 2022 20:16] Terje Røsten
PermissionsStartOnly option is deprecated

executable prefix docs: https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart=

Ref: https://github.com/mysql/mysql-server/pull/383

How to repeat:

Suggested fix:
[16 Feb 2022 10:47] Terje Røsten
This breaks on el7 which have:

$ rpm -q systemd

While current setup works for all supported platforms.

Need logic to detect target platform then, not sure if that make sense at this point?
[21 Feb 2022 10:01] Terje Røsten
Required prefix + was added in systemd 231:


        * In service units the various ExecXYZ= settings have been extended
          with an additional special character as first argument of the
          assigned value: if the character '+' is used the specified command
          line it will be run with full privileges, regardless of User=,
          Group=, CapabilityBoundingSet= and similar options. The effect is
          similar to the existing PermissionsStartOnly= option, but allows
          configuration of this concept for each executed command line

[21 Feb 2022 10:07] Terje Røsten
Debian 10: 232
Ubuntu 18.04: 237
Fedora 34: 248
el8: 239
el7: 219
el6: n/a (sysv init)
sles12: 228
opensuse15: 246

-> Need special care for SLES 12 and EL7.
[7 Mar 2022 3:13] Philip Olson
Posted by developer:
Fixed as of the upcoming MySQL Server 8.0.29 release, and here's the proposed changelog entry from the documentation team:

Updated CMake rules to handle the deprecated PermissionsStartOnly systemd
option. The alternative executable prefix was added in systemd 231 (July
2016) while PermissionsStartOnly was deprecated in systemd 240 (Dec 2018).
The preferred executable prefix is now used where available.

Thanks to Michael Voříšek for the inspiration.