Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-14707

systemd: remove PermissionsStartOnly=true (by removing environment _WSREP_START_POSITION)

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Open (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Fix Version/s: 10.3
    • Component/s: None
    • Labels:
      None

      Description

      MDEV-10004 introduced _WSREP_START_POSITION{,%I} as a mechanism to store the mysqld arguments required to recover after crashes. This 'systemctl set-environment' is the only operations that requires PermissionsStartOnly=true in the service file.

      If we could replace this with another mechanism we can run as the ordinary User= and make the scripts less vulnerable to CVEs.

      This will also enable a multi-instance where each user is different without the complication of re-acquiring the systemd user for the service.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                danblack Daniel Black
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: