Bug #82709 | setting datadir in my.cnf is not used in mysql-systems-start sanity check | ||
---|---|---|---|
Submitted: | 24 Aug 2016 12:36 | Modified: | 6 Mar 2017 19:19 |
Reporter: | Lars Van Casteren | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Packaging | Severity: | S3 (Non-critical) |
Version: | 5.6.30-1 | OS: | Debian (stretch/sid) |
Assigned to: | Lars Tangvald | CPU Architecture: | Any |
Tags: | mysql-systemd-start, pre sanity, service |
[24 Aug 2016 12:36]
Lars Van Casteren
[25 Aug 2016 6:07]
Lars Tangvald
It's possible to get the value from the config, so it doesn't need to be hardcoded at all.
[10 Feb 2017 18:07]
Daniel Bakken
This bug also affects MySQL 5.7.17 running under systemd (tested on Debian Jessie). The /etc/init.d/mysql script finds the datadir using my_print_defaults.
[21 Feb 2017 15:44]
Martin Heineck
This Bug is security relavant and missleading. I was reinitializing an already configured mysqld under debian jessie. The datadir differs to default, mysqld was started and initialized the datadir correctly at first boot. At second boot this code dropped my root password and set auth_socket as authentication plugin which is not allowed by policy inside the environment infrastructure here: /usr/share/mysql/mysql-systemd-start: if [ ! "$(ls -A ${MYSQLDATA}/mysql)" ]; then SQL=$(mktemp -u ${MYSQLFILES}/XXXXXXXXXX) install /dev/null -m0600 -omysql -gmysql "${SQL}" cat << EOF > ${SQL} USE mysql; INSTALL PLUGIN auth_socket SONAME 'auth_socket.so'; ALTER USER 'root'@'localhost' IDENTIFIED WITH 'auth_socket'; SHUTDOWN; EOF While another systemd service script written and delivered inside the same debian package fulfills the same approach without hardcoding: -- /etc/init.d/mysql -- MYSQLDATA=$(get_mysql_option mysqld datadir "/var/lib/mysql")
[21 Feb 2017 15:58]
Martin Heineck
Why this Bug is assigned to the initial Submitter and why this is classified as Non-critical? Before I found out, what happened my first suggestion was to use another package for mysql5.7. This is a painful bug which breaks backward compatibility, security concerns and reboot safety ! How to get a reclassification without recreating a duplicate?
[22 Feb 2017 6:50]
Lars Tangvald
Posted by developer: Hi, You can report a new bug without it being a duplicate, since it's not the exact same issue (and not one we've fully considered). Having all the scripts properly honor custom configs is a bigger task that requires some more other changes to be in place first, while the script overriding root auth on a preexisting database is both far more serious and simpler to fix.
[6 Mar 2017 19:19]
Paul DuBois
Posted by developer: Noted in 5.6.36, 5.7.18, 8.0.1 changelogs. On Debian/Ubuntu platforms, the systemd startup script for MySQL ignored datadir settings in /etc/mysql/my.cnf.