From 009457e13bb4046ebacf99866879d103c07fcc53 Mon Sep 17 00:00:00 2001 From: mhoellein Date: Fri, 1 Mar 2019 22:42:16 +0100 Subject: [PATCH] committing changes in /etc after apt run Package changes: +galera-3 25.3.25-bionic amd64 +mariadb-client-10.3 1:10.3.13+maria~bionic amd64 +mariadb-client-core-10.3 1:10.3.13+maria~bionic amd64 +mariadb-common 1:10.3.13+maria~bionic all +mariadb-server 1:10.3.13+maria~bionic all +mariadb-server-10.3 1:10.3.13+maria~bionic amd64 +mariadb-server-core-10.3 1:10.3.13+maria~bionic amd64 -mysql-client-5.7 5.7.25-0ubuntu0.18.04.2 amd64 -mysql-client-core-5.7 5.7.25-0ubuntu0.18.04.2 amd64 -mysql-server 5.7.25-0ubuntu0.18.04.2 all -mysql-server-core-5.7 5.7.25-0ubuntu0.18.04.2 amd64 +socat 1.7.3.2-2ubuntu2 amd64 --- .etckeeper | 9 + apparmor.d/usr.sbin.mysqld | 83 ++----- default/mysql | 23 ++ init.d/mysql | 218 +++++++++--------- .../ignore.d.paranoid/mariadb-server-10_3 | 9 + logcheck/ignore.d.server/mariadb-server-10_3 | 32 +++ .../ignore.d.workstation/mariadb-server-10_3 | 32 +++ logrotate.d/mysql-server | 23 +- mysql/conf.d/mysqld_safe_syslog.cnf | 1 + mysql/debian-start | 41 +++- mysql/mariadb.cnf | 19 ++ rc0.d/{K02bind9 => K04bind9} | 0 rc0.d/{K04sendsigs => K05sendsigs} | 0 rc0.d/{K05rsyslog => K06rsyslog} | 0 rc0.d/{K06umountnfs.sh => K07umountnfs.sh} | 0 rc0.d/{K07nfs-common => K08nfs-common} | 0 rc0.d/{K07rpcbind => K08rpcbind} | 0 rc0.d/{K08hwclock.sh => K09hwclock.sh} | 0 rc0.d/{K08networking => K09networking} | 0 rc0.d/{K09umountfs => K10umountfs} | 0 rc0.d/{K10umountroot => K11umountroot} | 0 rc0.d/{K11casper => K12casper} | 0 rc0.d/{K12halt => K13halt} | 0 rc1.d/{K02bind9 => K04bind9} | 0 rc1.d/{K05rsyslog => K06rsyslog} | 0 rc1.d/{K07nfs-common => K08nfs-common} | 0 rc1.d/{K07rpcbind => K08rpcbind} | 0 rc2.d/{K02bind9 => K04bind9} | 0 rc3.d/{K02bind9 => K04bind9} | 0 rc4.d/{K02bind9 => K04bind9} | 0 rc5.d/{K02bind9 => K04bind9} | 0 rc6.d/{K02bind9 => K04bind9} | 0 rc6.d/{K04sendsigs => K05sendsigs} | 0 rc6.d/{K05rsyslog => K06rsyslog} | 0 rc6.d/{K06umountnfs.sh => K07umountnfs.sh} | 0 rc6.d/{K07nfs-common => K08nfs-common} | 0 rc6.d/{K07rpcbind => K08rpcbind} | 0 rc6.d/{K08hwclock.sh => K09hwclock.sh} | 0 rc6.d/{K08networking => K09networking} | 0 rc6.d/{K09umountfs => K10umountfs} | 0 rc6.d/{K10umountroot => K11umountroot} | 0 rc6.d/{K11casper => K12casper} | 0 rc6.d/{K12reboot => K13reboot} | 0 .../migrated-from-my.cnf-settings.conf | 11 + .../multi-user.target.wants/mariadb.service | 1 + systemd/system/mysql.service | 1 + systemd/system/mysqld.service | 1 + 47 files changed, 311 insertions(+), 193 deletions(-) create mode 100644 default/mysql create mode 100644 logcheck/ignore.d.paranoid/mariadb-server-10_3 create mode 100644 logcheck/ignore.d.server/mariadb-server-10_3 create mode 100644 logcheck/ignore.d.workstation/mariadb-server-10_3 create mode 100644 mysql/mariadb.cnf rename rc0.d/{K02bind9 => K04bind9} (100%) rename rc0.d/{K04sendsigs => K05sendsigs} (100%) rename rc0.d/{K05rsyslog => K06rsyslog} (100%) rename rc0.d/{K06umountnfs.sh => K07umountnfs.sh} (100%) rename rc0.d/{K07nfs-common => K08nfs-common} (100%) rename rc0.d/{K07rpcbind => K08rpcbind} (100%) rename rc0.d/{K08hwclock.sh => K09hwclock.sh} (100%) rename rc0.d/{K08networking => K09networking} (100%) rename rc0.d/{K09umountfs => K10umountfs} (100%) rename rc0.d/{K10umountroot => K11umountroot} (100%) rename rc0.d/{K11casper => K12casper} (100%) rename rc0.d/{K12halt => K13halt} (100%) rename rc1.d/{K02bind9 => K04bind9} (100%) rename rc1.d/{K05rsyslog => K06rsyslog} (100%) rename rc1.d/{K07nfs-common => K08nfs-common} (100%) rename rc1.d/{K07rpcbind => K08rpcbind} (100%) rename rc2.d/{K02bind9 => K04bind9} (100%) rename rc3.d/{K02bind9 => K04bind9} (100%) rename rc4.d/{K02bind9 => K04bind9} (100%) rename rc5.d/{K02bind9 => K04bind9} (100%) rename rc6.d/{K02bind9 => K04bind9} (100%) rename rc6.d/{K04sendsigs => K05sendsigs} (100%) rename rc6.d/{K05rsyslog => K06rsyslog} (100%) rename rc6.d/{K06umountnfs.sh => K07umountnfs.sh} (100%) rename rc6.d/{K07nfs-common => K08nfs-common} (100%) rename rc6.d/{K07rpcbind => K08rpcbind} (100%) rename rc6.d/{K08hwclock.sh => K09hwclock.sh} (100%) rename rc6.d/{K08networking => K09networking} (100%) rename rc6.d/{K09umountfs => K10umountfs} (100%) rename rc6.d/{K10umountroot => K11umountroot} (100%) rename rc6.d/{K11casper => K12casper} (100%) rename rc6.d/{K12reboot => K13reboot} (100%) create mode 100644 systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf create mode 120000 systemd/system/multi-user.target.wants/mariadb.service create mode 120000 systemd/system/mysql.service create mode 120000 systemd/system/mysqld.service diff --git a/.etckeeper b/.etckeeper index ba6a7c9d..a89c8434 100755 --- a/.etckeeper +++ b/.etckeeper @@ -42,6 +42,7 @@ mkdir -p './letsencrypt/renewal-hooks/post' mkdir -p './letsencrypt/renewal-hooks/pre' mkdir -p './libpaper.d' mkdir -p './mono/certstore' +mkdir -p './mysql/mariadb.conf.d' mkdir -p './netplan' mkdir -p './network/interfaces.d' mkdir -p './openvpn/client' @@ -2162,6 +2163,7 @@ maybe chmod 0644 'default/keyboard' maybe chmod 0664 'default/keyboard.pre-ubiquity' maybe chmod 0664 'default/locale' maybe chmod 0644 'default/motd-news' +maybe chmod 0644 'default/mysql' maybe chmod 0644 'default/networking' maybe chmod 0644 'default/nfs-common' maybe chmod 0644 'default/nss' @@ -3407,6 +3409,7 @@ maybe chmod 0644 'locale.gen' maybe chmod 0755 'logcheck' maybe chmod 0755 'logcheck/ignore.d.paranoid' maybe chmod 0644 'logcheck/ignore.d.paranoid/cracklib-runtime' +maybe chmod 0644 'logcheck/ignore.d.paranoid/mariadb-server-10_3' maybe chmod 0644 'logcheck/ignore.d.paranoid/mysql-server-5_5' maybe chmod 0644 'logcheck/ignore.d.paranoid/mysql-server-5_7' maybe chmod 0755 'logcheck/ignore.d.server' @@ -3415,6 +3418,7 @@ maybe chmod 0644 'logcheck/ignore.d.server/gpg-agent' maybe chmod 0644 'logcheck/ignore.d.server/hddtemp' maybe chmod 0644 'logcheck/ignore.d.server/iodined' maybe chmod 0644 'logcheck/ignore.d.server/libsasl2-modules' +maybe chmod 0644 'logcheck/ignore.d.server/mariadb-server-10_3' maybe chmod 0644 'logcheck/ignore.d.server/mysql-server-5_5' maybe chmod 0644 'logcheck/ignore.d.server/mysql-server-5_7' maybe chmod 0644 'logcheck/ignore.d.server/ntpdate' @@ -3423,6 +3427,7 @@ maybe chmod 0644 'logcheck/ignore.d.server/x2goserver' maybe chmod 0755 'logcheck/ignore.d.workstation' maybe chmod 0644 'logcheck/ignore.d.workstation/autossh' maybe chmod 0644 'logcheck/ignore.d.workstation/fetchmail' +maybe chmod 0644 'logcheck/ignore.d.workstation/mariadb-server-10_3' maybe chmod 0644 'logcheck/ignore.d.workstation/mysql-server-5_5' maybe chmod 0644 'logcheck/ignore.d.workstation/mysql-server-5_7' maybe chmod 0644 'login.defs' @@ -3557,6 +3562,8 @@ maybe chmod 0644 'mysql/conf.d/mysqld_safe_syslog.cnf' maybe chmod 0644 'mysql/conf.d/mysqldump.cnf' maybe chmod 0755 'mysql/debian-start' maybe chmod 0600 'mysql/debian.cnf' +maybe chmod 0644 'mysql/mariadb.cnf' +maybe chmod 0755 'mysql/mariadb.conf.d' maybe chmod 0644 'mysql/my.cnf.bak' maybe chmod 0644 'mysql/my.cnf.fallback' maybe chmod 0644 'mysql/my.cnf.migrated' @@ -4631,6 +4638,8 @@ maybe chmod 0755 'systemd/system/final.target.wants' maybe chmod 0755 'systemd/system/getty.target.wants' maybe chmod 0755 'systemd/system/graphical.target.wants' maybe chmod 0644 'systemd/system/hddtemp.service' +maybe chmod 0755 'systemd/system/mariadb.service.d' +maybe chmod 0644 'systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf' maybe chmod 0755 'systemd/system/multi-user.target.wants' maybe chmod 0755 'systemd/system/network-online.target.wants' maybe chmod 0755 'systemd/system/network-pre.target.wants' diff --git a/apparmor.d/usr.sbin.mysqld b/apparmor.d/usr.sbin.mysqld index 2619e7d3..b1f229b3 100644 --- a/apparmor.d/usr.sbin.mysqld +++ b/apparmor.d/usr.sbin.mysqld @@ -1,68 +1,15 @@ -# vim:syntax=apparmor -# Last Modified: Tue Feb 09 15:28:30 2016 -#include - -/usr/sbin/mysqld { - #include - #include - #include - #include - #include - -# Allow system resource access - /sys/devices/system/cpu/ r, - capability sys_resource, - capability dac_override, - capability setuid, - capability setgid, - -# Allow network access - network tcp, - - /etc/hosts.allow r, - /etc/hosts.deny r, - -# Allow config access - /etc/mysql/** r, - -# Allow pid, socket, socket lock file access - /var/run/mysqld/mysqld.pid rw, - /var/run/mysqld/mysqld.sock rw, - /var/run/mysqld/mysqld.sock.lock rw, - /run/mysqld/mysqld.pid rw, - /run/mysqld/mysqld.sock rw, - /run/mysqld/mysqld.sock.lock rw, - -# Allow execution of server binary - /usr/sbin/mysqld mr, - /usr/sbin/mysqld-debug mr, - -# Allow plugin access - /usr/lib/mysql/plugin/ r, - /usr/lib/mysql/plugin/*.so* mr, - -# Allow error msg and charset access - /usr/share/mysql/ r, - /usr/share/mysql/** r, - -# Allow data dir access - /var/lib/mysql/ r, - /var/lib/mysql/** rwk, - -# Allow data files dir access - /var/lib/mysql-files/ r, - /var/lib/mysql-files/** rwk, - -# Allow keyring dir access - /var/lib/mysql-keyring/ r, - /var/lib/mysql-keyring/** rwk, - -# Allow log file access - /var/log/mysql.err rw, - /var/log/mysql.log rw, - /var/log/mysql/ r, - /var/log/mysql/** rw, - - # Site-specific additions and overrides. See local/README for details. - #include -} +# This file is intentionally empty to disable apparmor by default for newer +# versions of MariaDB, while providing seamless upgrade from older versions +# and from mysql, where apparmor is used. +# +# By default, we do not want to have any apparmor profile for the MariaDB +# server. It does not provide much useful functionality/security, and causes +# several problems for users who often are not even aware that apparmor +# exists and runs on their system. +# +# Users can modify and maintain their own profile, and in this case it will +# be used. +# +# When upgrading from previous version, users who modified the profile +# will be prompted to keep or discard it, while for default installs +# we will automatically disable the profile. diff --git a/default/mysql b/default/mysql new file mode 100644 index 00000000..146c5a87 --- /dev/null +++ b/default/mysql @@ -0,0 +1,23 @@ +# +# NOTE: This file is read only by the traditional SysV init script. +# Debian 9 and Ubuntu 17.04 onwards do not normally read this file as they use +# systemd by default. +# +# For similar behaviour, systemd users should override ExecStart by dropping +# files into /etc/systemd/system/mariadb.service.d/ +# +# See also: +# https://wiki.debian.org/Teams/pkg-systemd/Packaging#overriding_options_and_.2Fetc.2Fdefault_handling +# https://mariadb.com/kb/en/mariadb/systemd/ +# +# Note also that MariaDB systemd does _not_ utilize mysqld_safe nor debian-start. + + +# The delay in seconds the init script waits for the server to be up and running after having started "mysqld_safe" to run the "/etc/mysql/debian-start" script. +# If the server is still not responding after the delay, the script won't be executed and an error will be thrown on the syslog. +# Default: 30 +#MYSQLD_STARTUP_TIMEOUT=30 + +# The email recipient(s) of the output of the check for crashed and improperly closed MyISAM and Aria tables done at each server start by the "/etc/mysql/debian-start" script. +# Default: root +#MYCHECK_RCPT="root" diff --git a/init.d/mysql b/init.d/mysql index 51537d20..35a52d5d 100755 --- a/init.d/mysql +++ b/init.d/mysql @@ -4,12 +4,12 @@ # Provides: mysql # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog -# Should-Start: $network $time -# Should-Stop: $network $time +# Should-Start: $network $named $time +# Should-Stop: $network $named $time # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Start and stop the mysql database server daemon -# Description: Controls the main MySQL database server daemon "mysqld" +# Description: Controls the main MariaDB database server daemon "mysqld" # and its wrapper script "mysqld_safe". ### END INIT INFO # @@ -17,17 +17,21 @@ set -e set -u ${DEBIAN_SCRIPT_DEBUG:+ set -v -x} -test -x /usr/bin/mysqld_safe || exit 0 +test -x /usr/sbin/mysqld || exit 0 . /lib/lsb/init-functions SELF=$(cd $(dirname $0); pwd -P)/$(basename $0) -CONF=/etc/mysql/my.cnf + MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf" -# priority can be overriden and "-s" adds output to stderr +# priority can be overridden and "-s" adds output to stderr ERR_LOGGER="logger -p daemon.err -t /etc/init.d/mysql -i" +if [ -f /etc/default/mysql ]; then + . /etc/default/mysql +fi + # Safeguard (relative paths, core dumps..) cd / umask 077 @@ -41,11 +45,11 @@ export HOME=/etc/mysql/ # # Usage: void mysqld_get_param option mysqld_get_param() { - /usr/sbin/mysqld --print-defaults \ - | tr " " "\n" \ - | grep -- "--$1" \ - | tail -n 1 \ - | cut -d= -f2 + /usr/sbin/mysqld --print-defaults \ + | tr " " "\n" \ + | grep -- "--$1" \ + | tail -n 1 \ + | cut -d= -f2 } ## Do some sanity checks before even trying to start mysqld. @@ -72,21 +76,21 @@ sanity_checks() { # # Usage: boolean mysqld_status [check_alive|check_dead] [warn|nowarn] mysqld_status () { - ping_output=`$MYADMIN ping 2>&1`; ping_alive=$(( ! $? )) - - ps_alive=0 - pidfile=`mysqld_get_param pid-file` - if [ -f "$pidfile" ] && ps `cat $pidfile` >/dev/null 2>&1; then ps_alive=1; fi - - if [ "$1" = "check_alive" -a $ping_alive = 1 ] || - [ "$1" = "check_dead" -a $ping_alive = 0 -a $ps_alive = 0 ]; then - return 0 # EXIT_SUCCESS - else - if [ "$2" = "warn" ]; then - echo -e "$ps_alive processes alive and '$MYADMIN ping' resulted in\n$ping_output\n" | $ERR_LOGGER -p daemon.debug - fi - return 1 # EXIT_FAILURE + ping_output=`$MYADMIN ping 2>&1`; ping_alive=$(( ! $? )) + + ps_alive=0 + pidfile=`mysqld_get_param pid-file` + if [ -f "$pidfile" ] && ps `cat $pidfile` >/dev/null 2>&1; then ps_alive=1; fi + + if [ "$1" = "check_alive" -a $ping_alive = 1 ] || + [ "$1" = "check_dead" -a $ping_alive = 0 -a $ps_alive = 0 ]; then + return 0 # EXIT_SUCCESS + else + if [ "$2" = "warn" ]; then + echo -e "$ps_alive processes alive and '$MYADMIN ping' resulted in\n$ping_output\n" | $ERR_LOGGER -p daemon.debug fi + return 1 # EXIT_FAILURE + fi } # @@ -94,98 +98,96 @@ mysqld_status () { # case "${1:-''}" in + 'start') - sanity_checks; - # Start daemon - log_daemon_msg "Starting MySQL database server" "mysqld" - if mysqld_status check_alive nowarn; then - log_progress_msg "already running" - log_end_msg 0 - else - # Could be removed during boot - test -e /var/run/mysqld || install -m 755 -o mysql -g root -d /var/run/mysqld - - # Start MySQL! - su - mysql -s /bin/sh -c "/usr/bin/mysqld_safe > /dev/null 2>&1 &" - - # 6s was reported in #352070 to be too few when using ndbcluster - # 14s was reported in #736452 to be too few with large installs - for i in $(seq 1 30); do - sleep 1 - if mysqld_status check_alive nowarn ; then break; fi - log_progress_msg "." - done - if mysqld_status check_alive warn; then - log_end_msg 0 - # Now start mysqlcheck or whatever the admin wants. - output=$(/etc/mysql/debian-start) - [ -n "$output" ] && log_action_msg "$output" - else - log_end_msg 1 - log_failure_msg "Please take a look at the syslog" - fi - fi - ;; + sanity_checks; + # Start daemon + log_daemon_msg "Starting MariaDB database server" "mysqld" + if mysqld_status check_alive nowarn; then + log_progress_msg "already running" + log_end_msg 0 + else + # Could be removed during boot + test -e /var/run/mysqld || install -m 755 -o mysql -g root -d /var/run/mysqld + + # Start MariaDB! + /usr/bin/mysqld_safe "${@:2}" 2>&1 >/dev/null | $ERR_LOGGER & + + for i in $(seq 1 "${MYSQLD_STARTUP_TIMEOUT:-30}"); do + sleep 1 + if mysqld_status check_alive nowarn ; then break; fi + log_progress_msg "." + done + if mysqld_status check_alive warn; then + log_end_msg 0 + # Now start mysqlcheck or whatever the admin wants. + output=$(/etc/mysql/debian-start) + if [ -n "$output" ]; then + log_action_msg "$output" + fi + else + log_end_msg 1 + log_failure_msg "Please take a look at the syslog" + fi + fi + ;; 'stop') - # * As a passwordless mysqladmin (e.g. via ~/.my.cnf) must be possible - # at least for cron, we can rely on it here, too. (although we have - # to specify it explicit as e.g. sudo environments points to the normal - # users home and not /root) - log_daemon_msg "Stopping MySQL database server" "mysqld" - if ! mysqld_status check_dead nowarn; then - set +e - shutdown_out=`$MYADMIN shutdown 2>&1`; r=$? - set -e - if [ "$r" -ne 0 ]; then - log_end_msg 1 - [ "$VERBOSE" != "no" ] && log_failure_msg "Error: $shutdown_out" - log_daemon_msg "Killing MySQL database server by signal" "mysqld" - killall -15 mysqld - server_down= - for i in 1 2 3 4 5 6 7 8 9 10; do - sleep 1 - if mysqld_status check_dead nowarn; then server_down=1; break; fi - done - if test -z "$server_down"; then killall -9 mysqld; fi - fi - fi - - if ! mysqld_status check_dead warn; then - log_end_msg 1 - log_failure_msg "Please stop MySQL manually and read /usr/share/doc/mysql-server-5.7/README.Debian.gz!" - exit -1 - else - log_end_msg 0 - fi - ;; + # * As a passwordless mysqladmin (e.g. via ~/.my.cnf) must be possible + # at least for cron, we can rely on it here, too. (although we have + # to specify it explicit as e.g. sudo environments points to the normal + # users home and not /root) + log_daemon_msg "Stopping MariaDB database server" "mysqld" + if ! mysqld_status check_dead nowarn; then + set +e + shutdown_out=`$MYADMIN shutdown 2>&1`; r=$? + set -e + if [ "$r" -ne 0 ]; then + log_end_msg 1 + [ "$VERBOSE" != "no" ] && log_failure_msg "Error: $shutdown_out" + log_daemon_msg "Killing MariaDB database server by signal" "mysqld" + killall -15 mysqld + server_down= + for i in `seq 1 600`; do + sleep 1 + if mysqld_status check_dead nowarn; then server_down=1; break; fi + done + if test -z "$server_down"; then killall -9 mysqld; fi + fi + fi + + if ! mysqld_status check_dead warn; then + log_end_msg 1 + log_failure_msg "Please stop MariaDB manually and read /usr/share/doc/mariadb-server-10.3/README.Debian.gz!" + exit -1 + else + log_end_msg 0 + fi + ;; 'restart') - set +e; $SELF stop; set -e - $SELF start - ;; + set +e; $SELF stop; set -e + shift + $SELF start "${@}" + ;; 'reload'|'force-reload') - log_daemon_msg "Reloading MySQL database server" "mysqld" - $MYADMIN reload - log_end_msg 0 - ;; + log_daemon_msg "Reloading MariaDB database server" "mysqld" + $MYADMIN reload + log_end_msg 0 + ;; 'status') - if mysqld_status check_alive nowarn; then - log_action_msg "$($MYADMIN version)" - else - log_action_msg "MySQL is stopped." - exit 3 - fi - ;; + if mysqld_status check_alive nowarn; then + log_action_msg "$($MYADMIN version)" + else + log_action_msg "MariaDB is stopped." + exit 3 + fi + ;; *) - echo "Usage: $SELF start|stop|restart|reload|force-reload|status" - exit 1 - ;; + echo "Usage: $SELF start|stop|restart|reload|force-reload|status" + exit 1 + ;; esac - -# Some success paths end up returning non-zero so exit 0 explicitly. See -# bug #739846. -exit 0 diff --git a/logcheck/ignore.d.paranoid/mariadb-server-10_3 b/logcheck/ignore.d.paranoid/mariadb-server-10_3 new file mode 100644 index 00000000..00cc5c3e --- /dev/null +++ b/logcheck/ignore.d.paranoid/mariadb-server-10_3 @@ -0,0 +1,9 @@ +/etc/init.d/mysql\[[0-9]+\]: Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists\!$ +/etc/init.d/mysql\[[0-9]+\]: '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$ +/etc/mysql/debian-start\[[0-9]+\]: Checking for crashed MySQL tables\.$ +mysqld\[[0-9]+\]: $ +mysqld\[[0-9]+\]: Version: .* socket: '/var/run/mysqld/mysqld.sock' port: 3306$ +mysqld\[[0-9]+\]: Warning: Ignoring user change to 'mysql' because the user was set to 'mysql' earlier on the command line$ +mysqld_safe\[[0-9]+\]: started$ +usermod\[[0-9]+\]: change user `mysql' GID from `([0-9]+)' to `\1'$ +usermod\[[0-9]+\]: change user `mysql' shell from `/bin/false' to `/bin/false'$ diff --git a/logcheck/ignore.d.server/mariadb-server-10_3 b/logcheck/ignore.d.server/mariadb-server-10_3 new file mode 100644 index 00000000..a0b4792e --- /dev/null +++ b/logcheck/ignore.d.server/mariadb-server-10_3 @@ -0,0 +1,32 @@ +/etc/init.d/mysql\[[0-9]+\]: [0-9]+ processes alive and '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$ +/etc/init.d/mysql\[[0-9]+\]: Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists\!$ +/etc/init.d/mysql\[[0-9]+\]: '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$ +/etc/mysql/debian-start\[[0-9]+\]: Checking for crashed MySQL tables\.$ +mysqld\[[0-9]+\]: ?$ +mysqld\[[0-9]+\]: .*InnoDB: Shutdown completed +mysqld\[[0-9]+\]: .*InnoDB: Started; +mysqld\[[0-9]+\]: .*InnoDB: Starting shutdown\.\.\.$ +mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: Normal shutdown$ +mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: ready for connections\.$ +mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: Shutdown complete$ +mysqld\[[0-9]+\]: /usr/sbin/mysqld: ready for connections\.$ +mysqld\[[0-9]+\]: .*/usr/sbin/mysqld: Shutdown Complete$ +mysqld\[[0-9]+\]: Version: .* socket +mysqld\[[0-9]+\]: Warning: Ignoring user change to 'mysql' because the user was set to 'mysql' earlier on the command line$ +mysqld_safe\[[0-9]+\]: ?$ +mysqld_safe\[[0-9]+\]: able to use the new GRANT command!$ +mysqld_safe\[[0-9]+\]: ended$ +mysqld_safe\[[0-9]+\]: http://www.mysql.com$ +mysqld_safe\[[0-9]+\]: NOTE: If you are upgrading from a MySQL <= 3.22.10 you should run$ +mysqld_safe\[[0-9]+\]: PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !$ +mysqld_safe\[[0-9]+\]: Please report any problems at http://mariadb.org/jira$ +mysqld_safe\[[0-9]+\]: See the manual for more instructions.$ +mysqld_safe\[[0-9]+\]: started$ +mysqld_safe\[[0-9]+\]: Support MySQL by buying support/licenses at https://order.mysql.com$ +mysqld_safe\[[0-9]+\]: The latest information about MySQL is available on the web at$ +mysqld_safe\[[0-9]+\]: the /usr/bin/mysql_fix_privilege_tables. Otherwise you will not be$ +mysqld_safe\[[0-9]+\]: To do so, start the server, then issue the following commands:$ +mysqld_safe\[[0-9]+\]: /usr/bin/mysqladmin -u root -h app109 password 'new-password'$ +mysqld_safe\[[0-9]+\]: /usr/bin/mysqladmin -u root password 'new-password'$ +usermod\[[0-9]+\]: change user `mysql' GID from `([0-9]+)' to `\1'$ +usermod\[[0-9]+\]: change user `mysql' shell from `/bin/false' to `/bin/false'$ diff --git a/logcheck/ignore.d.workstation/mariadb-server-10_3 b/logcheck/ignore.d.workstation/mariadb-server-10_3 new file mode 100644 index 00000000..a0b4792e --- /dev/null +++ b/logcheck/ignore.d.workstation/mariadb-server-10_3 @@ -0,0 +1,32 @@ +/etc/init.d/mysql\[[0-9]+\]: [0-9]+ processes alive and '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$ +/etc/init.d/mysql\[[0-9]+\]: Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists\!$ +/etc/init.d/mysql\[[0-9]+\]: '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$ +/etc/mysql/debian-start\[[0-9]+\]: Checking for crashed MySQL tables\.$ +mysqld\[[0-9]+\]: ?$ +mysqld\[[0-9]+\]: .*InnoDB: Shutdown completed +mysqld\[[0-9]+\]: .*InnoDB: Started; +mysqld\[[0-9]+\]: .*InnoDB: Starting shutdown\.\.\.$ +mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: Normal shutdown$ +mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: ready for connections\.$ +mysqld\[[0-9]+\]: .*\[Note\] /usr/sbin/mysqld: Shutdown complete$ +mysqld\[[0-9]+\]: /usr/sbin/mysqld: ready for connections\.$ +mysqld\[[0-9]+\]: .*/usr/sbin/mysqld: Shutdown Complete$ +mysqld\[[0-9]+\]: Version: .* socket +mysqld\[[0-9]+\]: Warning: Ignoring user change to 'mysql' because the user was set to 'mysql' earlier on the command line$ +mysqld_safe\[[0-9]+\]: ?$ +mysqld_safe\[[0-9]+\]: able to use the new GRANT command!$ +mysqld_safe\[[0-9]+\]: ended$ +mysqld_safe\[[0-9]+\]: http://www.mysql.com$ +mysqld_safe\[[0-9]+\]: NOTE: If you are upgrading from a MySQL <= 3.22.10 you should run$ +mysqld_safe\[[0-9]+\]: PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !$ +mysqld_safe\[[0-9]+\]: Please report any problems at http://mariadb.org/jira$ +mysqld_safe\[[0-9]+\]: See the manual for more instructions.$ +mysqld_safe\[[0-9]+\]: started$ +mysqld_safe\[[0-9]+\]: Support MySQL by buying support/licenses at https://order.mysql.com$ +mysqld_safe\[[0-9]+\]: The latest information about MySQL is available on the web at$ +mysqld_safe\[[0-9]+\]: the /usr/bin/mysql_fix_privilege_tables. Otherwise you will not be$ +mysqld_safe\[[0-9]+\]: To do so, start the server, then issue the following commands:$ +mysqld_safe\[[0-9]+\]: /usr/bin/mysqladmin -u root -h app109 password 'new-password'$ +mysqld_safe\[[0-9]+\]: /usr/bin/mysqladmin -u root password 'new-password'$ +usermod\[[0-9]+\]: change user `mysql' GID from `([0-9]+)' to `\1'$ +usermod\[[0-9]+\]: change user `mysql' shell from `/bin/false' to `/bin/false'$ diff --git a/logrotate.d/mysql-server b/logrotate.d/mysql-server index 2d9c71a7..4111a276 100644 --- a/logrotate.d/mysql-server +++ b/logrotate.d/mysql-server @@ -1,8 +1,8 @@ -# - I put everything in one block and added sharedscripts, so that mysql gets +# - I put everything in one block and added sharedscripts, so that mysql gets # flush-logs'd only once. # Else the binary logs would automatically increase by n times every day. # - The error log is obsolete, messages go to syslog now. -/var/log/mysql.log /var/log/mysql/*log { +/var/log/mysql/mysql.log /var/log/mysql/mysql-slow.log /var/log/mysql/mariadb-slow.log /var/log/mysql/error.log { daily rotate 7 missingok @@ -10,18 +10,11 @@ compress sharedscripts postrotate - test -x /usr/bin/mysqladmin || exit 0 - # If this fails, check debian.conf! - MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf" - if [ -z "`$MYADMIN ping 2>/dev/null`" ]; then - # Really no mysqld or rather a missing debian-sys-maint user? - # If this occurs and is not a error please report a bug. - #if ps cax | grep -q mysqld; then - if killall -q -s0 -umysql mysqld; then - exit 1 - fi - else - $MYADMIN flush-logs - fi + test -x /usr/bin/mysqladmin || exit 0 + if [ -f `my_print_defaults --mysqld | grep -oP "pid-file=\K[^$]+"` ]; then + # If this fails, check debian.conf! + mysqladmin --defaults-file=/etc/mysql/debian.cnf --local flush-error-log \ + flush-engine-log flush-general-log flush-slow-log + fi endscript } diff --git a/mysql/conf.d/mysqld_safe_syslog.cnf b/mysql/conf.d/mysqld_safe_syslog.cnf index 3b0445d6..08984c17 100644 --- a/mysql/conf.d/mysqld_safe_syslog.cnf +++ b/mysql/conf.d/mysqld_safe_syslog.cnf @@ -1,2 +1,3 @@ [mysqld_safe] +skip_log_error syslog diff --git a/mysql/debian-start b/mysql/debian-start index 8be72eac..7940bbe6 100755 --- a/mysql/debian-start +++ b/mysql/debian-start @@ -1,5 +1,42 @@ #!/bin/bash +# +# This script is executed by "/etc/init.d/mysql" on every (re)start. +# +# Changes to this file will be preserved when updating the Debian package. +# +# NOTE: This file is read only by the traditional SysV init script, not systemd. +# + +source /usr/share/mysql/debian-start.inc.sh + +if [ -f /etc/default/mysql ]; then + . /etc/default/mysql +fi + +MYSQL="/usr/bin/mysql --defaults-file=/etc/mysql/debian.cnf" +MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf" +MYUPGRADE="/usr/bin/mysql_upgrade --defaults-extra-file=/etc/mysql/debian.cnf --version-check" +MYCHECK="/usr/bin/mysqlcheck --defaults-file=/etc/mysql/debian.cnf" +MYCHECK_SUBJECT="WARNING: mysqlcheck has found corrupt tables" +MYCHECK_PARAMS="--all-databases --fast --silent" +MYCHECK_RCPT="${MYCHECK_RCPT:-root}" + +## Checking for corrupt, not cleanly closed (only for MyISAM and Aria engines) and upgrade needing tables. + +# The following commands should be run when the server is up but in background +# where they do not block the server start and in one shell instance so that +# they run sequentially. They are supposed not to echo anything to stdout. +# If you want to disable the check for crashed tables comment +# "check_for_crashed_tables" out. +# (There may be no output to stdout inside the background process!) + +# Need to ignore SIGHUP, as otherwise a SIGHUP can sometimes abort the upgrade +# process in the middle. +trap "" SIGHUP +( + upgrade_system_tables_if_necessary; + check_root_accounts; + check_for_crashed_tables; +) >&2 & -# Change to no-op as detailed in -# https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1577712 exit 0 diff --git a/mysql/mariadb.cnf b/mysql/mariadb.cnf new file mode 100644 index 00000000..da21212f --- /dev/null +++ b/mysql/mariadb.cnf @@ -0,0 +1,19 @@ +# MariaDB-specific config file. +# Read by /etc/mysql/my.cnf + +[client] +# Default is Latin1, if you need UTF-8 set this (also in server section) +#default-character-set = utf8 + +[mysqld] +# +# * Character sets +# +# Default is Latin1, if you need UTF-8 set all this (also in client section) +# +#character-set-server = utf8 +#collation-server = utf8_general_ci +#character_set_server = utf8 +#collation_server = utf8_general_ci +# Import all .cnf files from configuration directory +!includedir /etc/mysql/mariadb.conf.d/ diff --git a/rc0.d/K02bind9 b/rc0.d/K04bind9 similarity index 100% rename from rc0.d/K02bind9 rename to rc0.d/K04bind9 diff --git a/rc0.d/K04sendsigs b/rc0.d/K05sendsigs similarity index 100% rename from rc0.d/K04sendsigs rename to rc0.d/K05sendsigs diff --git a/rc0.d/K05rsyslog b/rc0.d/K06rsyslog similarity index 100% rename from rc0.d/K05rsyslog rename to rc0.d/K06rsyslog diff --git a/rc0.d/K06umountnfs.sh b/rc0.d/K07umountnfs.sh similarity index 100% rename from rc0.d/K06umountnfs.sh rename to rc0.d/K07umountnfs.sh diff --git a/rc0.d/K07nfs-common b/rc0.d/K08nfs-common similarity index 100% rename from rc0.d/K07nfs-common rename to rc0.d/K08nfs-common diff --git a/rc0.d/K07rpcbind b/rc0.d/K08rpcbind similarity index 100% rename from rc0.d/K07rpcbind rename to rc0.d/K08rpcbind diff --git a/rc0.d/K08hwclock.sh b/rc0.d/K09hwclock.sh similarity index 100% rename from rc0.d/K08hwclock.sh rename to rc0.d/K09hwclock.sh diff --git a/rc0.d/K08networking b/rc0.d/K09networking similarity index 100% rename from rc0.d/K08networking rename to rc0.d/K09networking diff --git a/rc0.d/K09umountfs b/rc0.d/K10umountfs similarity index 100% rename from rc0.d/K09umountfs rename to rc0.d/K10umountfs diff --git a/rc0.d/K10umountroot b/rc0.d/K11umountroot similarity index 100% rename from rc0.d/K10umountroot rename to rc0.d/K11umountroot diff --git a/rc0.d/K11casper b/rc0.d/K12casper similarity index 100% rename from rc0.d/K11casper rename to rc0.d/K12casper diff --git a/rc0.d/K12halt b/rc0.d/K13halt similarity index 100% rename from rc0.d/K12halt rename to rc0.d/K13halt diff --git a/rc1.d/K02bind9 b/rc1.d/K04bind9 similarity index 100% rename from rc1.d/K02bind9 rename to rc1.d/K04bind9 diff --git a/rc1.d/K05rsyslog b/rc1.d/K06rsyslog similarity index 100% rename from rc1.d/K05rsyslog rename to rc1.d/K06rsyslog diff --git a/rc1.d/K07nfs-common b/rc1.d/K08nfs-common similarity index 100% rename from rc1.d/K07nfs-common rename to rc1.d/K08nfs-common diff --git a/rc1.d/K07rpcbind b/rc1.d/K08rpcbind similarity index 100% rename from rc1.d/K07rpcbind rename to rc1.d/K08rpcbind diff --git a/rc2.d/K02bind9 b/rc2.d/K04bind9 similarity index 100% rename from rc2.d/K02bind9 rename to rc2.d/K04bind9 diff --git a/rc3.d/K02bind9 b/rc3.d/K04bind9 similarity index 100% rename from rc3.d/K02bind9 rename to rc3.d/K04bind9 diff --git a/rc4.d/K02bind9 b/rc4.d/K04bind9 similarity index 100% rename from rc4.d/K02bind9 rename to rc4.d/K04bind9 diff --git a/rc5.d/K02bind9 b/rc5.d/K04bind9 similarity index 100% rename from rc5.d/K02bind9 rename to rc5.d/K04bind9 diff --git a/rc6.d/K02bind9 b/rc6.d/K04bind9 similarity index 100% rename from rc6.d/K02bind9 rename to rc6.d/K04bind9 diff --git a/rc6.d/K04sendsigs b/rc6.d/K05sendsigs similarity index 100% rename from rc6.d/K04sendsigs rename to rc6.d/K05sendsigs diff --git a/rc6.d/K05rsyslog b/rc6.d/K06rsyslog similarity index 100% rename from rc6.d/K05rsyslog rename to rc6.d/K06rsyslog diff --git a/rc6.d/K06umountnfs.sh b/rc6.d/K07umountnfs.sh similarity index 100% rename from rc6.d/K06umountnfs.sh rename to rc6.d/K07umountnfs.sh diff --git a/rc6.d/K07nfs-common b/rc6.d/K08nfs-common similarity index 100% rename from rc6.d/K07nfs-common rename to rc6.d/K08nfs-common diff --git a/rc6.d/K07rpcbind b/rc6.d/K08rpcbind similarity index 100% rename from rc6.d/K07rpcbind rename to rc6.d/K08rpcbind diff --git a/rc6.d/K08hwclock.sh b/rc6.d/K09hwclock.sh similarity index 100% rename from rc6.d/K08hwclock.sh rename to rc6.d/K09hwclock.sh diff --git a/rc6.d/K08networking b/rc6.d/K09networking similarity index 100% rename from rc6.d/K08networking rename to rc6.d/K09networking diff --git a/rc6.d/K09umountfs b/rc6.d/K10umountfs similarity index 100% rename from rc6.d/K09umountfs rename to rc6.d/K10umountfs diff --git a/rc6.d/K10umountroot b/rc6.d/K11umountroot similarity index 100% rename from rc6.d/K10umountroot rename to rc6.d/K11umountroot diff --git a/rc6.d/K11casper b/rc6.d/K12casper similarity index 100% rename from rc6.d/K11casper rename to rc6.d/K12casper diff --git a/rc6.d/K12reboot b/rc6.d/K13reboot similarity index 100% rename from rc6.d/K12reboot rename to rc6.d/K13reboot diff --git a/systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf b/systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf new file mode 100644 index 00000000..6712fa96 --- /dev/null +++ b/systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf @@ -0,0 +1,11 @@ +# converted using /usr/bin/mariadb-service-convert +# + +[Service] + +User=mysql +StandardOutput=syslog +StandardError=syslog +SyslogFacility=daemon +SyslogLevel=err +SyslogIdentifier=mysqld diff --git a/systemd/system/multi-user.target.wants/mariadb.service b/systemd/system/multi-user.target.wants/mariadb.service new file mode 120000 index 00000000..fd9e114a --- /dev/null +++ b/systemd/system/multi-user.target.wants/mariadb.service @@ -0,0 +1 @@ +/lib/systemd/system/mariadb.service \ No newline at end of file diff --git a/systemd/system/mysql.service b/systemd/system/mysql.service new file mode 120000 index 00000000..fd9e114a --- /dev/null +++ b/systemd/system/mysql.service @@ -0,0 +1 @@ +/lib/systemd/system/mariadb.service \ No newline at end of file diff --git a/systemd/system/mysqld.service b/systemd/system/mysqld.service new file mode 120000 index 00000000..fd9e114a --- /dev/null +++ b/systemd/system/mysqld.service @@ -0,0 +1 @@ +/lib/systemd/system/mariadb.service \ No newline at end of file -- 2.43.0