* [gentoo-commits] repo/gentoo:master commit in: dev-db/mysql-init-scripts/files/
@ 2016-09-12 14:37 Brian Evans
0 siblings, 0 replies; 2+ messages in thread
From: Brian Evans @ 2016-09-12 14:37 UTC (permalink / raw
To: gentoo-commits
commit: 5e67d8c604f6e080816f0e532be8fef5f666e29d
Author: Brian Evans <grknight <AT> gentoo <DOT> org>
AuthorDate: Mon Sep 12 14:22:25 2016 +0000
Commit: Brian Evans <grknight <AT> gentoo <DOT> org>
CommitDate: Mon Sep 12 14:37:25 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5e67d8c6
dev-db/mysql-init-scripts: Comment out a systemd option NoNewPrivileges=true
Upstream bug https://jira.mariadb.org/browse/MDEV-10404 mentions that SELinux
currently does not handle this change properly.
Comment it out for now with a note
No revbump for this file as most users are unaffected
Package-Manager: portage-2.3.0
dev-db/mysql-init-scripts/files/mysqld-v2.service | 4 +++-
dev-db/mysql-init-scripts/files/mysqld_at-v2.service | 4 +++-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/dev-db/mysql-init-scripts/files/mysqld-v2.service b/dev-db/mysql-init-scripts/files/mysqld-v2.service
index 056b413..641abf7 100644
--- a/dev-db/mysql-init-scripts/files/mysqld-v2.service
+++ b/dev-db/mysql-init-scripts/files/mysqld-v2.service
@@ -32,7 +32,9 @@ CapabilityBoundingSet=CAP_IPC_LOCK
# Prevent writes to /usr, /boot, and /etc
ProtectSystem=full
-NoNewPrivileges=true
+# Currently has issues with SELinux https://jira.mariadb.org/browse/MDEV-10404
+# This is safe to uncomment when not using SELinux
+#NoNewPrivileges=true
PrivateDevices=true
diff --git a/dev-db/mysql-init-scripts/files/mysqld_at-v2.service b/dev-db/mysql-init-scripts/files/mysqld_at-v2.service
index 770a2e8..26964ea 100644
--- a/dev-db/mysql-init-scripts/files/mysqld_at-v2.service
+++ b/dev-db/mysql-init-scripts/files/mysqld_at-v2.service
@@ -30,7 +30,9 @@ CapabilityBoundingSet=CAP_IPC_LOCK
# Prevent writes to /usr, /boot, and /etc
ProtectSystem=full
-NoNewPrivileges=true
+# Currently has issues with SELinux https://jira.mariadb.org/browse/MDEV-10404
+# This is safe to uncomment when not using SELinux
+#NoNewPrivileges=true
PrivateDevices=true
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-db/mysql-init-scripts/files/
@ 2017-07-24 14:04 Brian Evans
0 siblings, 0 replies; 2+ messages in thread
From: Brian Evans @ 2017-07-24 14:04 UTC (permalink / raw
To: gentoo-commits
commit: d97f1c09eb25b28a65aedafa11a0c850a6438c7d
Author: Brian Evans <grknight <AT> gentoo <DOT> org>
AuthorDate: Mon Jul 24 14:04:21 2017 +0000
Commit: Brian Evans <grknight <AT> gentoo <DOT> org>
CommitDate: Mon Jul 24 14:04:21 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d97f1c09
dev-db/mysql-init-scripts: Minor refinements to the 2.2 init scripts
Package-Manager: Portage-2.3.6, Repoman-2.3.3
dev-db/mysql-init-scripts/files/init.d-2.2 | 10 +++++-----
dev-db/mysql-init-scripts/files/init.d-s6-2.2 | 12 ++++++------
2 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/dev-db/mysql-init-scripts/files/init.d-2.2 b/dev-db/mysql-init-scripts/files/init.d-2.2
index f798052bb37..d217744de9c 100644
--- a/dev-db/mysql-init-scripts/files/init.d-2.2
+++ b/dev-db/mysql-init-scripts/files/init.d-2.2
@@ -2,7 +2,11 @@
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-extra_commands="checkconfig bootstrap_galera"
+extra_commands="checkconfig"
+extra_stopped_commands="boostrap_galera"
+
+description_checkconfig="Verify the server's configuration"
+description_boostrap_galera="Start a new Galera cluster with this server as the initial node"
depend() {
use net.lo
@@ -27,10 +31,6 @@ mysql_svcname() {
stringContain() { [ -z "${2##*$1*}" ] && [ -z "$1" -o -n "$2" ]; }
bootstrap_galera() {
- if ! service_stopped ; then
- eerror "The server cannot be running to perform this action"
- return 1
- fi
MY_ARGS="--wsrep-new-cluster ${MY_ARGS}"
mark_service_starting
if start ; then
diff --git a/dev-db/mysql-init-scripts/files/init.d-s6-2.2 b/dev-db/mysql-init-scripts/files/init.d-s6-2.2
index 6e7bce3d9f1..427061aa990 100644
--- a/dev-db/mysql-init-scripts/files/init.d-s6-2.2
+++ b/dev-db/mysql-init-scripts/files/init.d-s6-2.2
@@ -25,13 +25,9 @@ mysql_svcname() {
stringContain() { [ -z "${2##*$1*}" ] && [ -z "$1" -o -n "$2" ]; }
bootstrap_galera() {
- if ! service_stopped ; then
- eerror "The server cannot be running to perform this action"
- return 1
- fi
MY_ARGS="--wsrep-new-cluster ${MY_ARGS}"
mark_service_starting
- if start ; then
+ if start_pre && start ; then
mark_service_started
return 0
else
@@ -41,7 +37,11 @@ bootstrap_galera() {
}
-extra_commands="checkconfig boostrap_galera"
+extra_commands="checkconfig"
+extra_stopped_commands="boostrap_galera"
+
+description_checkconfig="Verify the server's configuration"
+description_boostrap_galera="Start a new Galera cluster with this server as the initial node"
supervisor=s6
name=$(mysql_svcname)
s6_service_timeout_stop="$((1000*${STOP_TIMEOUT:-120}))"
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-07-24 14:04 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-09-12 14:37 [gentoo-commits] repo/gentoo:master commit in: dev-db/mysql-init-scripts/files/ Brian Evans
-- strict thread matches above, loose matches on Subject: below --
2017-07-24 14:04 Brian Evans
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox