Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-14707

systemd: remove PermissionsStartOnly=true (by removing environment _WSREP_START_POSITION)

Details

    Description

      MDEV-10004 introduced _WSREP_START_POSITION{,%I} as a mechanism to store the mysqld arguments required to recover after crashes. This 'systemctl set-environment' is the only operations that requires PermissionsStartOnly=true in the service file.

      If we could replace this with another mechanism we can run as the ordinary User= and make the scripts less vulnerable to CVEs.

      This will also enable a multi-instance where each user is different without the complication of re-acquiring the systemd user for the service.

      Attachments

        Issue Links

          Activity

            danblack Daniel Black added a comment - - edited

            Seems Debian has the following (from: cmake/systemd.cmake) which needs to be accounted for without PermissionsStartOnly=true:

            SYSTEMD_EXECSTARTPRE ExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d /var/run/mysqld
            

            This looks like it will be handled with tmpfiles.conf and should be removed.

            And:

            SYSTEMD_EXECSTARTPOST "ExecStartPost=/etc/mysql/debian-start"
            

            Option 1

            (from ./debian/additions/debian-start),
            To make debian-start work, change the permissions/ownership as follows during installation:
            chgrp mysql /etc/mysql/debian.cnf && chmod g+r /etc/mysql/debian.cnf

            Also a SQL user```mysql`` with unix socket auth system user should be created and listed in /etc/mysql/debian.cnf

            Option 2

            Alternately Debian could inject PermissionsStartOnly=true into SYSTEMD_EXECSTARTPRE and not change anything.

            Which parts of this are or are not acceptable otto or oerdnj?

            danblack Daniel Black added a comment - - edited Seems Debian has the following (from: cmake/systemd.cmake) which needs to be accounted for without PermissionsStartOnly=true: SYSTEMD_EXECSTARTPRE ExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d /var/run/mysqld This looks like it will be handled with tmpfiles.conf and should be removed. And: SYSTEMD_EXECSTARTPOST "ExecStartPost=/etc/mysql/debian-start" Option 1 (from ./debian/additions/debian-start), To make debian-start work, change the permissions/ownership as follows during installation: chgrp mysql /etc/mysql/debian.cnf && chmod g+r /etc/mysql/debian.cnf Also a SQL user```mysql`` with unix socket auth system user should be created and listed in /etc/mysql/debian.cnf Option 2 Alternately Debian could inject PermissionsStartOnly=true into SYSTEMD_EXECSTARTPRE and not change anything. Which parts of this are or are not acceptable otto or oerdnj ?
            danblack Daniel Black added a comment -

            So I think the wsrep_start_position could be written to a datadir file however we'll need to ensure the sst mechanisms like rsync don't copy it.

            Implementing the mysqld --wsrep_start_position_init=file and handling this in wsrep_start_position_

            {init,valid}

            might be easier than too much scripting in the systemd service file.

            danblack Daniel Black added a comment - So I think the wsrep_start_position could be written to a datadir file however we'll need to ensure the sst mechanisms like rsync don't copy it. Implementing the mysqld --wsrep_start_position_init=file and handling this in wsrep_start_position_ {init,valid} might be easier than too much scripting in the systemd service file.
            faust Faustin Lammler added a comment - `PermissionsStartOnly=` is deprecated see: https://github.com/systemd/systemd/pull/10802#issuecomment-439446299 Use of prefix is now suggested, see https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart=
            danblack Daniel Black added a comment -

            MDEV-19210 can remove the need entirely.

            danblack Daniel Black added a comment - MDEV-19210 can remove the need entirely.
            danblack Daniel Black added a comment - was removed https://github.com/MariaDB/server/commit/aeffec60f6864bae5af04dac1184f2a0f2c77f38

            People

              danblack Daniel Black
              danblack Daniel Black
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.