[MDEV-27980] file-key-management plugin disabled in mysql_install_db breaks automated deployments (and container initialization) - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Blocker
Resolution: Fixed
Affects Version/s: 10.2.43, 10.3.34, 10.4.24, 10.5.15, 10.6.7, 10.7.3, 10.8.2
Fix Version/s: 10.2.44, 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4
Component/s: Scripts & Clients
Labels:
- regression

Description

As noted by https://github.com/MariaDB/mariadb-docker/issues/417, the disabling of the file-key-management plugin in mysql_install_db prevents upgrades or the initialization of containers with encryption.

This was caused by commit:

https://github.com/MariaDB/server/commit/e99d3da6381023395c86f679bb76b00b4385dc2d

This is excessively brutal as the file-key-management-filename may actually be set using scripts and automation (like Ansible) that will deploy a configuration before starting a service.

As mysql_install_db creates InnoDB tables, a user specified innodb_encrypt_tables = ON will cause the installation to fail. With file-key-management plugin explicitly disabled, the only innodb system table space encryption is available with another encryption plugin, or using mysqld --bootstrap directly.

Attachments

Issue Links

links to

bitnami mariadb workaround

Activity

People

Assignee:: Sergei Golubchik

Reporter:: Daniel Black

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 2022-03-02 03:44

Updated:: 2022-04-13 01:41

Resolved:: 2022-03-21 10:47

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.