Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.4.27
Description
1. make a backup
sudo mariadb-backup --backup -utest_user -p*****--target-dir b01
|
|
2. stop server
sudo systemctl stop mariadb.service
|
|
3. Remove data dir as instructed in the doc
sudo rm -rf /var/lib/mysql
|
|
4. prepare and copy back backup
sudo mariadb-backup --prepare --target-dir b01
|
sudo mariadb-backup --copy-back --target-dir b01
|
5. Set owner for data dir
sudo chown mysql:mysql -R /var/lib/mysql
|
6. Start server
sudo systemctl start mariadb.service
|
Result:
[vagrant@build ~]$ sudo systemctl restart mariadb.service
|
Job for mariadb.service failed because the control process exited with error code.
|
See "systemctl status mariadb.service" and "journalctl -xe" for details.
|
[vagrant@build ~]$ systemctl status mariadb.service
|
● mariadb.service - MariaDB 10.4.27-18 database server
|
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; disabled; vendor preset: disabled)
|
Drop-In: /etc/systemd/system/mariadb.service.d
|
└─migrated-from-my.cnf-settings.conf
|
Active: failed (Result: exit-code) since Wed 2022-11-30 15:01:44 CET; 1s ago
|
Docs: man:mysqld(8)
|
https://mariadb.com/kb/en/library/systemd/
|
Process: 20670 ExecStartPost=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
|
Process: 21116 ExecStart=/usr/sbin/mysqld $MYSQLD_OPTS $_WSREP_NEW_CLUSTER $_WSREP_START_POSITION (code=exited, status=1/FAILURE)
|
Process: 21016 ExecStartPre=/bin/sh -c [ ! -e /usr/bin/galera_recovery ] && VAR= || VAR=`cd /usr/bin/..; /usr/bin/galera_recovery`; [ $? -eq 0 ] && systemctl set-environment _WSREP_START_POSITION=$VAR || exit 1 (code=exited, status=0/SUCCESS)
|
Process: 21014 ExecStartPre=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
|
Main PID: 21116 (code=exited, status=1/FAILURE)
|
Status: "MariaDB server is down"
|
|
setting Selinux to permissive mode fixes the problem:
[vagrant@build ~]$ sudo setenforce 0
|
[vagrant@build ~]$ sudo systemctl restart mariadb.service
|
[vagrant@build ~]$ systemctl status mariadb.service
|
● mariadb.service - MariaDB 10.4.27-18 database server
|
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; disabled; vendor preset: disabled)
|
Drop-In: /etc/systemd/system/mariadb.service.d
|
└─migrated-from-my.cnf-settings.conf
|
Active: active (running) since Wed 2022-11-30 15:04:03 CET; 4s ago
|
Docs: man:mysqld(8)
|
https://mariadb.com/kb/en/library/systemd/
|
Process: 21487 ExecStartPost=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
|
Process: 21318 ExecStartPre=/bin/sh -c [ ! -e /usr/bin/galera_recovery ] && VAR= || VAR=`cd /usr/bin/..; /usr/bin/galera_recovery`; [ $? -eq 0 ] && systemctl set-environment _WSREP_START_POSITION=$VAR || exit 1 (code=exited, status=0/SUCCESS)
|
Process: 21316 ExecStartPre=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
|
Main PID: 21418 (mysqld)
|
Status: "Taking your SQL requests now..."
|
Tasks: 38 (limit: 49492)
|
Memory: 74.2M
|
CGroup: /system.slice/mariadb.service
|
└─21418 /usr/sbin/mysqld
|
|
tested with RHEL8
Attachments
Activity
chcon -R -t mysqld_db_t /var/lib/mysql
|
after `mariadb-install-db` fixes the problem
10.4 seems to have mariadb-backup as a symlink to mariabackup. The fcontext of mariabackup per support-files/policy/selinux/mariadb-server.fc is list as system_u:object_r:mysqld_exec_t. Is this the case where its installed ls -laZ /usr/sbin/maria*?
If you manually apply this context to the exe does it backup/restore correctly?
Are the fcontext's actually installed sudo semanage fcontext --list | grep mysqld?
Is the mariadb module installed sudo semanage module --list|grep mariadb?
10.4:
[vagrant@build ~]$ sudo ls -laZ /usr/bin/mariadb-backup
|
lrwxrwxrwx. 1 root root system_u:object_r:bin_t:s0 11 Nov 2 15:02 /usr/bin/mariadb-backup -> mariabackup
|
[vagrant@build ~]$ sudo ls -laZ /usr/bin/mariabackup
|
-rwxr-xr-x. 1 root root system_u:object_r:bin_t:s0 23923000 Nov 2 15:06 /usr/bin/mariabackup
|
|
|
[vagrant@build ~]$ sudo ls -laZ /usr/bin/mariadb-install-db
|
lrwxrwxrwx. 1 root root system_u:object_r:bin_t:s0 16 Nov 2 15:00 /usr/bin/mariadb-install-db -> mysql_install_db
|
[vagrant@build ~]$ sudo ls -laZ /usr/bin/mysql_install_db
|
-rwxr-xr-x. 1 root root system_u:object_r:bin_t:s0 21968 Nov 2 13:27 /usr/bin/mysql_install_db
|
|
10.6:
[vagrant@build ~]$ sudo ls -laZ /usr/bin/mariadb-backup
|
-rwxr-xr-x. 1 root root system_u:object_r:bin_t:s0 25294448 Nov 3 13:34 /usr/bin/mariadb-backup
|
|
|
[vagrant@build ~]$ sudo ls -laZ /usr/bin/mariadb-install-db
|
-rwxr-xr-x. 1 root root system_u:object_r:bin_t:s0 22061 Nov 3 11:10 /usr/bin/mariadb-install-db
|
|
|
|
module is installed for both 10.6 and 10.4:
[vagrant@build ~]$ sudo semanage module --list|grep mariadb
|
mariadb 400 pp
|
[vagrant@build ~]$ sudo semanage module --list|grep mysql
|
mysql 100 pp
|
|
sudo semanage fcontext --list | grep mysqld also alse the same for 10.4 nd 10.6
/etc/my\.cnf regular file system_u:object_r:mysqld_etc_t:s0
|
/etc/my\.cnf\.d(/.*)? all files system_u:object_r:mysqld_etc_t:s0
|
/etc/mysql(/.*)? all files system_u:object_r:mysqld_etc_t:s0
|
/etc/rc\.d/init\.d/mysqld regular file system_u:object_r:mysqld_initrc_exec_t:s0
|
/home/[^/]+/\.my\.cnf regular file unconfined_u:object_r:mysqld_home_t:s0
|
/root/\.my\.cnf regular file system_u:object_r:mysqld_home_t:s0
|
/usr/bin/mysql_upgrade regular file system_u:object_r:mysqld_exec_t:s0
|
/usr/bin/mysqld_safe regular file system_u:object_r:mysqld_safe_exec_t:s0
|
/usr/bin/mysqld_safe_helper regular file system_u:object_r:mysqld_exec_t:s0
|
/usr/lib/systemd/system/mariadb.* regular file system_u:object_r:mysqld_unit_file_t:s0
|
/usr/lib/systemd/system/mysqld.* regular file system_u:object_r:mysqld_unit_file_t:s0
|
/usr/libexec/mysqld regular file system_u:object_r:mysqld_exec_t:s0
|
/usr/libexec/mysqld_safe-scl-helper regular file system_u:object_r:mysqld_safe_exec_t:s0
|
/usr/sbin/mysqld(-max|-debug)? regular file system_u:object_r:mysqld_exec_t:s0
|
/usr/sbin/ndbd regular file system_u:object_r:mysqld_exec_t:s0
|
/var/lib/mysql(-files|-keyring)?(/.*)? all files system_u:object_r:mysqld_db_t:s0
|
/var/lib/mysql/mysql\.sock socket system_u:object_r:mysqld_var_run_t:s0
|
/var/log/mariadb(/.*)? all files system_u:object_r:mysqld_log_t:s0
|
/var/log/mysql(/.*)? all files system_u:object_r:mysqld_log_t:s0
|
/var/log/mysql.* regular file system_u:object_r:mysqld_log_t:s0
|
/var/run/mariadb(/.*)? all files system_u:object_r:mysqld_var_run_t:s0
|
/var/run/mysql(/.*)? all files system_u:object_r:mysqld_var_run_t:s0
|
/var/run/mysqld(/.*)? all files system_u:object_r:mysqld_var_run_t:s0
|
/var/run/mysqld/mysqlmanager.* regular file system_u:object_r:mysqlmanagerd_var_run_t:s0
|
|
it is reproducible only for 10.4 (the version where 'mariadb' is the symlink to 'mysql')
the solution Is to add to the documentation:
for 10.4 after restoring backup please execute `chcon -R -t mysqld_db_t /var/lib/mysql`
(in the document https://mariadb.com/kb/en/full-backup-and-restore-with-mariabackup/#restoring-the-backup in the section "Then, you may need to fix the file permissions." for 10.,4 in addition to "chown -R mysql:mysql /var/lib/mysql/" also SELinux permission have to be fixed with `chcon -R -t mysqld_db_t /var/lib/mysql`
it is reproducible also without backup:
sudo systemctl stop mariadb.servicesudo rm -rf /var/lib/mysqlsudo mariadb-install-dbsudo chown mysql:mysql -R /var/lib/mysqlsudo systemctl start mariadb.service