[MDEV-10477] MariaDB Galera Cluster on EC2 - rsync error Created: 2016-08-01  Updated: 2017-07-12  Resolved: 2017-07-12

Status: Closed
Project: MariaDB Server
Component/s: Galera SST
Affects Version/s: 10.1.16
Fix Version/s: N/A

Type: Bug Priority: Major
Reporter: Peter Bulman Assignee: Sachin Setiya (Inactive)
Resolution: Not a Bug Votes: 0
Labels: galera, rsync, sst, wsrep
Environment:

RHEL7.2 AWS EC2

Attachments: Text File node1_cnf.txt     Text File node1_log.txt     Text File node2_cnf.txt     Text File node2_log.txt    

 Description   

I am trying to create a simple two node cluster; on joining node 2 to the cluster there are errors in the log of node 1. looks to be an rsync permission error on node 1. I am running node 1 and node 2 under the default ec2-user with sudo, whilst setting --user=root. the error on node 1 says:
2016-08-01 12:21:12 139905883698944 [Note] WSREP: Tables flushed.
rsync: open "ibdata1" (in rsync_sst) failed: Permission denied (13)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1052) [sender=3.0.9]
WSREP_SST: [ERROR] rsync returned code 23: (20160801 12:21:13.022)
2016-08-01 12:21:13 139905883698944 [ERROR] WSREP: Failed to read from: wsrep_sst_rsync --role 'donor' --address '<node2_ip>:4444/rsync_sst' --socket '/var/lib/mysql/mysql.sock' --datadir '/var/lib/mysql/' '' --gtid '3a3e195f-57f1-11e6-92fd-5a5896716e64:0' --gtid-domain-id '0'

How to configure this such that rsync replication works?

thanks

 Comments   
Comment by Peter Bulman [ 2016-08-02 ]

further to the above config i have setup key based access for the mysql user between the 2 nodes and have manually verified that rsync works without password between both nodes for the /var/lib/mysql/ibdata1 file.
I have also disabled selinux.
the error is same as before

Comment by Peter Bulman [ 2016-08-02 ]

having now run:
>sudo chown -R mysql:mysql /var/lib/mysql
and running the database as mysql instead of as root this now looks to be working

Comment by Andrii Nikitin (Inactive) [ 2017-07-12 ]

I did experiment with this and can confirm that rsync under root will not be able to receive files, unless directory is writeable for everyone. (probably protection from mistake / unexperienced users).

root@d1e7c521d3a4 xxx]# ps auxw | grep rsync                             
root      3132  0.0  0.0  11028   364 ?        Ss   04:40   0:00 rsync --daemon --address 172.17.0.2 --port 4445 --config /xxx/rsync_sst.conf
 
[root@d1e7c521d3a4 yyy]# rsync a rsync://172.17.0.2:4445/xxx
 
rsync: mkstemp ".a.xusrpf" (in xxx) failed: Permission denied (13)

The error has gone once I put into rsync_sst.conf file:
uid = root
gid = root

[root@d1e7c521d3a4 yyy]# vim ../xxx/rsync_sst.conf 
[root@d1e7c521d3a4 yyy]# rsync a rsync://172.17.0.2:4445/xxx
 
[root@d1e7c521d3a4 yyy]# exit

I don't think this behaviour should be changed; if somebody really wants to receive files with root - they should either adjust wsrep_sst_rsync script with command below (or use custom one):
[ "$(whoami)" != root ] || sed -i '/read only = no/s/.*/&\nuid = root\ngid = root\n/' wsrep_sst_rsync

Generated at Thu Feb 08 07:42:31 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.