[MDEV-14707] systemd: remove PermissionsStartOnly=true (by removing environment _WSREP_START_POSITION) Created: 2017-12-19  Updated: 2023-04-27

Status: Open
Project: MariaDB Server
Component/s: None
Fix Version/s: 10.4

Type: Task Priority: Major
Reporter: Daniel Black Assignee: Daniel Black
Resolution: Unresolved Votes: 0
Labels: systemd

Issue Links:
Relates
relates to MDEV-19210 use environment file in systemd units... In Testing
relates to MDEV-10004 Galera's pc.recovery process fails in... Closed
relates to MDEV-11494 galera_recovery script hard-codes the... Closed

 Description   

MDEV-10004 introduced _WSREP_START_POSITION{,%I} as a mechanism to store the mysqld arguments required to recover after crashes. This 'systemctl set-environment' is the only operations that requires PermissionsStartOnly=true in the service file.

If we could replace this with another mechanism we can run as the ordinary User= and make the scripts less vulnerable to CVEs.

This will also enable a multi-instance where each user is different without the complication of re-acquiring the systemd user for the service.

 Comments   
Comment by Daniel Black [ 2017-12-20 ]

Seems Debian has the following (from: cmake/systemd.cmake) which needs to be accounted for without PermissionsStartOnly=true:

SYSTEMD_EXECSTARTPRE ExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d /var/run/mysqld

This looks like it will be handled with tmpfiles.conf and should be removed.

And:

SYSTEMD_EXECSTARTPOST "ExecStartPost=/etc/mysql/debian-start"

Option 1

(from ./debian/additions/debian-start),
To make debian-start work, change the permissions/ownership as follows during installation:
chgrp mysql /etc/mysql/debian.cnf && chmod g+r /etc/mysql/debian.cnf

Also a SQL user```mysql`` with unix socket auth system user should be created and listed in /etc/mysql/debian.cnf

Option 2

Alternately Debian could inject PermissionsStartOnly=true into SYSTEMD_EXECSTARTPRE and not change anything.

Which parts of this are or are not acceptable otto or oerdnj?

Comment by Daniel Black [ 2018-02-22 ]

So I think the wsrep_start_position could be written to a datadir file however we'll need to ensure the sst mechanisms like rsync don't copy it.

Implementing the mysqld --wsrep_start_position_init=file and handling this in wsrep_start_position_

{init,valid}

might be easier than too much scripting in the systemd service file.

Comment by Faustin Lammler [ 2022-02-01 ]

`PermissionsStartOnly=` is deprecated see: https://github.com/systemd/systemd/pull/10802#issuecomment-439446299

Use of prefix is now suggested, see https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart=

Comment by Daniel Black [ 2022-02-02 ]

MDEV-19210 can remove the need entirely.

Generated at Thu Feb 08 08:15:39 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.