Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-22198

Different behaviours for skip-symbolic-links and secure_file_priv

    XMLWordPrintable

    Details

      Description

      Folks,

      Working on defining configurations for CentOS and Debian, I see differences on both systems concerning two system variables as seen below:

      #
      #: CentOS and RPM packages setup with YUM
      #
      [ansible@opmdb01 my.cnf.d]$ cat /etc/redhat-release
      CentOS Linux release 7.7.1908 (Core)
      [ansible@opmdb01 my.cnf.d]$ rpm -qa | grep -i mariadb
      MariaDB-common-10.4.12-1.el7.centos.x86_64
      MariaDB-compat-10.4.12-1.el7.centos.x86_64
      MariaDB-client-10.4.12-1.el7.centos.x86_64
      MariaDB-server-10.4.12-1.el7.centos.x86_64
      MariaDB-backup-10.4.12-1.el7.centos.x86_64
      [ansible@opmdb01 my.cnf.d]$ cat server.cnf | egrep 'secure_file|symbolic' #: defined under the [mysqld] section
      skip-symbolic-links
      secure_file_priv='/tmp'
      [ansible@opmdb01 my.cnf.d]$ mariadb -e 'select @@global.have_symlink, @@global.secure_file_priv'
      +-----------------------+---------------------------+
      | @@global.have_symlink | @@global.secure_file_priv |
      +-----------------------+---------------------------+
      | DISABLED              | /tmp/                     |
      +-----------------------+---------------------------+
       
      #: server.cnf on CentOS 7.7
      [mysqld]
      plugin_maturity="beta"
      user=mysql
      basedir=/usr
      datadir=/var/lib/mysql
      socket=/var/lib/mysql/mysql.sock
      server_id=1
      report_host=opmdb01
      binlog_format=ROW
      default_storage_engine=InnoDB
      innodb_autoinc_lock_mode=2
      log_bin=/var/lib/mysql/mariadb-bin.log
      log_bin_index=/var/lib/mysql/mariadb-bin.index
      relay_log=/var/lib/mysql/mariadb-relay.log
      relay_log_index=mariadb-relay.index
      log_error=/tmp/mysqld.err
      log_slave_updates=1
      gtid_strict_mode=1
      bind-address=0.0.0.0
       
      skip-symbolic-links
      secure_file_priv='/tmp'
       
      [mysql]
      socket=/var/lib/mysql/mysql.sock
      prompt="\H [\d]>\_"
       
      #
      #: Debian 9 and DEB packages setup with APT
      #
      root@opmdb02:/etc/mysql/conf.d# lsb_release -a
      No LSB modules are available.
      Distributor ID:	Debian
      Description:	Debian GNU/Linux 9.12 (stretch)
      Release:	9.12
      Codename:	stretch
       
      root@opmdb02:/etc/mysql/conf.d# dpkg -l | grep -i mariadb | awk '{print $2,$3}'
      libdbd-mysql-perl 4.041-2
      libmariadb3:amd64 1:10.4.12+maria~stretch
      libmariadbclient18 1:10.4.12+maria~stretch
      mariadb-backup 1:10.4.12+maria~stretch
      mariadb-client 1:10.4.12+maria~stretch
      mariadb-client-10.1 10.1.44-0+deb9u1
      mariadb-client-10.4 1:10.4.12+maria~stretch
      mariadb-client-core-10.4 1:10.4.12+maria~stretch
      mariadb-common 1:10.4.12+maria~stretch
      mariadb-server 1:10.4.12+maria~stretch
      mariadb-server-10.4 1:10.4.12+maria~stretch
      mariadb-server-core-10.4 1:10.4.12+maria~stretch
       
      root@opmdb02:/etc/mysql/conf.d# cat server.cnf | egrep 'secure_file|symbolic'
      skip-symbolic-links
      secure_file_priv='/tmp'
      root@opmdb02:/etc/mysql/conf.d# mariadb -e 'select @@global.secure_file_priv, @@global.have_symlink'
      +---------------------------+-----------------------+
      | @@global.secure_file_priv | @@global.have_symlink |
      +---------------------------+-----------------------+
      | NULL                      | YES                   |
      +---------------------------+-----------------------+
       
      #: server.cnf on Debain 9
      [mysqld]
      user=mysql
      basedir=/usr
      datadir=/var/lib/mysql
      socket=/var/lib/mysql/mysql.sock
      server_id=2
      report_host=opmdb02
      binlog_format=ROW
      default_storage_engine=InnoDB
      innodb_autoinc_lock_mode=2
      log_bin=/var/lib/mysql/mariadb-bin.log
      log_bin_index=/var/lib/mysql/mariadb-bin.index
      relay_log=/var/lib/mysql/mariadb-relay.log
      relay_log_index=mariadb-relay.index
      log_error=/tmp/mysqld.err
      log_slave_updates=1
      gtid_strict_mode=1
      bind-address=0.0.0.0
       
      skip-symbolic-links
      secure_file_priv='/tmp'
       
      [mysql]
      socket=/var/lib/mysql/mysql.sock
      prompt="\H [\d]>\_"
      

      Are there any issues on it or am I missing something? Thanks!

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            wagnerbianchi Wagner Bianchi
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: