From 6fd6da88524c1b0a3997e9431333cf36d2c1c366 Mon Sep 17 00:00:00 2001
From: mhoellein <mario@hoellein.online>
Date: Wed, 8 Jul 2020 21:54:05 +0200
Subject: [PATCH] saving uncommitted changes in /etc prior to apt run

---
 .etckeeper                                |   9 ++
 mysql/conf.d/mysql.cnf                    |   1 +
 mysql/conf.d/mysqldump.cnf                |   4 +
 mysql/debian-start                        |  42 +--------
 mysql/debian.cnf                          |   8 +-
 mysql/mariadb.cnf                         |  21 +++++
 mysql/my.cnf                              |   1 +
 mysql/my.cnf.fallback                     |  23 +++++
 mysql/mysql.cnf                           |  21 +++++
 mysql/mysql.conf.d/mysqld.cnf             | 105 ++++++++++++++++++++++
 mysql/mysql.conf.d/mysqld_safe_syslog.cnf |   2 +
 11 files changed, 193 insertions(+), 44 deletions(-)
 create mode 100644 mysql/conf.d/mysql.cnf
 create mode 100644 mysql/conf.d/mysqldump.cnf
 create mode 100644 mysql/mariadb.cnf
 create mode 120000 mysql/my.cnf
 create mode 100644 mysql/my.cnf.fallback
 create mode 100644 mysql/mysql.cnf
 create mode 100644 mysql/mysql.conf.d/mysqld.cnf
 create mode 100644 mysql/mysql.conf.d/mysqld_safe_syslog.cnf

diff --git a/.etckeeper b/.etckeeper
index 3b177e3fd..a2de4da44 100755
--- a/.etckeeper
+++ b/.etckeeper
@@ -5853,9 +5853,18 @@ maybe chmod 0755 'monit/conf-available'
 maybe chmod 0755 'monit/monitrc.d'
 maybe chmod 0644 'monit/monitrc.d/fail2ban'
 maybe chmod 0755 'mysql'
+maybe chmod 0755 'mysql/conf.d'
+maybe chmod 0644 'mysql/conf.d/mysql.cnf'
+maybe chmod 0644 'mysql/conf.d/mysqldump.cnf'
 maybe chmod 0755 'mysql/debian-start'
 maybe chmod 0600 'mysql/debian.cnf'
+maybe chmod 0644 'mysql/mariadb.cnf'
 maybe chmod 0755 'mysql/mariadb.conf.d'
+maybe chmod 0644 'mysql/my.cnf.fallback'
+maybe chmod 0644 'mysql/mysql.cnf'
+maybe chmod 0755 'mysql/mysql.conf.d'
+maybe chmod 0644 'mysql/mysql.conf.d/mysqld.cnf'
+maybe chmod 0644 'mysql/mysql.conf.d/mysqld_safe_syslog.cnf'
 maybe chmod 0755 'myssl'
 maybe chmod 0600 'myssl/dh2048.pem'
 maybe chmod 0755 'nagios-plugins'
diff --git a/mysql/conf.d/mysql.cnf b/mysql/conf.d/mysql.cnf
new file mode 100644
index 000000000..22b052d9f
--- /dev/null
+++ b/mysql/conf.d/mysql.cnf
@@ -0,0 +1 @@
+[mysql]
diff --git a/mysql/conf.d/mysqldump.cnf b/mysql/conf.d/mysqldump.cnf
new file mode 100644
index 000000000..38310a9b7
--- /dev/null
+++ b/mysql/conf.d/mysqldump.cnf
@@ -0,0 +1,4 @@
+[mysqldump]
+quick
+quote-names
+max_allowed_packet	= 16M
diff --git a/mysql/debian-start b/mysql/debian-start
index 7de59ce1f..8be72eac2 100755
--- a/mysql/debian-start
+++ b/mysql/debian-start
@@ -1,43 +1,5 @@
 #!/bin/bash
-#
-# This script is executed by "/etc/init.d/mysql" on every (re)start.
-#
-# Changes to this file will be preserved when updating the Debian package.
-#
-# NOTE: This file is read only by the traditional SysV init script, not systemd.
-#
-
-source /usr/share/mysql/debian-start.inc.sh
-
-if [ -f /etc/default/mysql ]; then
-  . /etc/default/mysql
-fi
-
-MYSQL="/usr/bin/mysql --defaults-file=/etc/mysql/debian.cnf"
-MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf"
-# Don't run full mysql_upgrade on every server restart, use --version-check to do it only once
-MYUPGRADE="/usr/bin/mysql_upgrade --defaults-extra-file=/etc/mysql/debian.cnf --version-check"
-MYCHECK="/usr/bin/mysqlcheck --defaults-file=/etc/mysql/debian.cnf"
-MYCHECK_SUBJECT="WARNING: mysqlcheck has found corrupt tables"
-MYCHECK_PARAMS="--all-databases --fast --silent"
-MYCHECK_RCPT="${MYCHECK_RCPT:-root}"
-
-## Checking for corrupt, not cleanly closed (only for MyISAM and Aria engines) and upgrade needing tables.
-
-# The following commands should be run when the server is up but in background
-# where they do not block the server start and in one shell instance so that
-# they run sequentially. They are supposed not to echo anything to stdout.
-# If you want to disable the check for crashed tables comment
-# "check_for_crashed_tables" out.
-# (There may be no output to stdout inside the background process!)
-
-# Need to ignore SIGHUP, as otherwise a SIGHUP can sometimes abort the upgrade
-# process in the middle.
-trap "" SIGHUP
-(
-  upgrade_system_tables_if_necessary;
-  check_root_accounts;
-  check_for_crashed_tables;
-) >&2 &
 
+# Change to no-op as detailed in
+# https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1577712
 exit 0
diff --git a/mysql/debian.cnf b/mysql/debian.cnf
index 312bc71b9..ada333176 100644
--- a/mysql/debian.cnf
+++ b/mysql/debian.cnf
@@ -1,11 +1,11 @@
 # Automatically generated for Debian scripts. DO NOT TOUCH!
 [client]
 host     = localhost
-user     = root
-password = 
+user     = debian-sys-maint
+password = nsbVe6wGkLWn0pxJ
 socket   = /var/run/mysqld/mysqld.sock
 [mysql_upgrade]
 host     = localhost
-user     = root
-password = 
+user     = debian-sys-maint
+password = nsbVe6wGkLWn0pxJ
 socket   = /var/run/mysqld/mysqld.sock
diff --git a/mysql/mariadb.cnf b/mysql/mariadb.cnf
new file mode 100644
index 000000000..ce726b115
--- /dev/null
+++ b/mysql/mariadb.cnf
@@ -0,0 +1,21 @@
+#
+# The MySQL database server configuration file.
+#
+# You can copy this to one of:
+# - "/etc/mysql/my.cnf" to set global options,
+# - "~/.my.cnf" to set user-specific options.
+# 
+# One can use all long options that the program supports.
+# Run program with --help to get a list of available options and with
+# --print-defaults to see which it would actually understand and use.
+#
+# For explanations see
+# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
+
+#
+# * IMPORTANT: Additional settings that can override those from this file!
+#   The files must end with '.cnf', otherwise they'll be ignored.
+#
+
+!includedir /etc/mysql/conf.d/
+!includedir /etc/mysql/mysql.conf.d/
diff --git a/mysql/my.cnf b/mysql/my.cnf
new file mode 120000
index 000000000..18bea1353
--- /dev/null
+++ b/mysql/my.cnf
@@ -0,0 +1 @@
+/etc/alternatives/my.cnf
\ No newline at end of file
diff --git a/mysql/my.cnf.fallback b/mysql/my.cnf.fallback
new file mode 100644
index 000000000..92747d88d
--- /dev/null
+++ b/mysql/my.cnf.fallback
@@ -0,0 +1,23 @@
+#
+# The MySQL database server configuration file.
+#
+# You can copy this to one of:
+# - "/etc/mysql/my.cnf" to set global options,
+# - "~/.my.cnf" to set user-specific options.
+# 
+# One can use all long options that the program supports.
+# Run program with --help to get a list of available options and with
+# --print-defaults to see which it would actually understand and use.
+#
+# For explanations see
+# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
+
+# This will be passed to all mysql clients
+# It has been reported that passwords should be enclosed with ticks/quotes
+# escpecially if they contain "#" chars...
+# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
+
+# Here is entries for some specific programs
+# The following values assume you have at least 32M ram
+
+!includedir /etc/mysql/conf.d/
diff --git a/mysql/mysql.cnf b/mysql/mysql.cnf
new file mode 100644
index 000000000..ce726b115
--- /dev/null
+++ b/mysql/mysql.cnf
@@ -0,0 +1,21 @@
+#
+# The MySQL database server configuration file.
+#
+# You can copy this to one of:
+# - "/etc/mysql/my.cnf" to set global options,
+# - "~/.my.cnf" to set user-specific options.
+# 
+# One can use all long options that the program supports.
+# Run program with --help to get a list of available options and with
+# --print-defaults to see which it would actually understand and use.
+#
+# For explanations see
+# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
+
+#
+# * IMPORTANT: Additional settings that can override those from this file!
+#   The files must end with '.cnf', otherwise they'll be ignored.
+#
+
+!includedir /etc/mysql/conf.d/
+!includedir /etc/mysql/mysql.conf.d/
diff --git a/mysql/mysql.conf.d/mysqld.cnf b/mysql/mysql.conf.d/mysqld.cnf
new file mode 100644
index 000000000..b4aa9dbc5
--- /dev/null
+++ b/mysql/mysql.conf.d/mysqld.cnf
@@ -0,0 +1,105 @@
+#
+# The MySQL database server configuration file.
+#
+# You can copy this to one of:
+# - "/etc/mysql/my.cnf" to set global options,
+# - "~/.my.cnf" to set user-specific options.
+# 
+# One can use all long options that the program supports.
+# Run program with --help to get a list of available options and with
+# --print-defaults to see which it would actually understand and use.
+#
+# For explanations see
+# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
+
+# This will be passed to all mysql clients
+# It has been reported that passwords should be enclosed with ticks/quotes
+# escpecially if they contain "#" chars...
+# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
+
+# Here is entries for some specific programs
+# The following values assume you have at least 32M ram
+
+[mysqld_safe]
+socket		= /var/run/mysqld/mysqld.sock
+nice		= 0
+
+[mysqld]
+#
+# * Basic Settings
+#
+user		= mysql
+pid-file	= /var/run/mysqld/mysqld.pid
+socket		= /var/run/mysqld/mysqld.sock
+port		= 3306
+basedir		= /usr
+datadir		= /var/lib/mysql
+tmpdir		= /tmp
+lc-messages-dir	= /usr/share/mysql
+skip-external-locking
+#
+# Instead of skip-networking the default is now to listen only on
+# localhost which is more compatible and is not less secure.
+bind-address		= 127.0.0.1
+#
+# * Fine Tuning
+#
+key_buffer_size		= 16M
+max_allowed_packet	= 16M
+thread_stack		= 192K
+thread_cache_size       = 8
+# This replaces the startup script and checks MyISAM tables if needed
+# the first time they are touched
+myisam-recover-options  = BACKUP
+#max_connections        = 100
+#table_open_cache       = 64
+#thread_concurrency     = 10
+#
+# * Query Cache Configuration
+#
+query_cache_limit	= 1M
+query_cache_size        = 16M
+#
+# * Logging and Replication
+#
+# Both location gets rotated by the cronjob.
+# Be aware that this log type is a performance killer.
+# As of 5.1 you can enable the log at runtime!
+#general_log_file        = /var/log/mysql/mysql.log
+#general_log             = 1
+#
+# Error log - should be very few entries.
+#
+log_error = /var/log/mysql/error.log
+#
+# Here you can see queries with especially long duration
+#slow_query_log		= 1
+#slow_query_log_file	= /var/log/mysql/mysql-slow.log
+#long_query_time = 2
+#log-queries-not-using-indexes
+#
+# The following can be used as easy to replay backup logs or for replication.
+# note: if you are setting up a replication slave, see README.Debian about
+#       other settings you may need to change.
+#server-id		= 1
+#log_bin			= /var/log/mysql/mysql-bin.log
+expire_logs_days	= 10
+max_binlog_size   = 100M
+#binlog_do_db		= include_database_name
+#binlog_ignore_db	= include_database_name
+#
+# * InnoDB
+#
+# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
+# Read the manual for more InnoDB related options. There are many!
+#
+# * Security Features
+#
+# Read the manual, too, if you want chroot!
+# chroot = /var/lib/mysql/
+#
+# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
+#
+# ssl-ca=/etc/mysql/cacert.pem
+# ssl-cert=/etc/mysql/server-cert.pem
+# ssl-key=/etc/mysql/server-key.pem
diff --git a/mysql/mysql.conf.d/mysqld_safe_syslog.cnf b/mysql/mysql.conf.d/mysqld_safe_syslog.cnf
new file mode 100644
index 000000000..3b0445d6b
--- /dev/null
+++ b/mysql/mysql.conf.d/mysqld_safe_syslog.cnf
@@ -0,0 +1,2 @@
+[mysqld_safe]
+syslog
-- 
2.43.0