emerge --config mysql doesn't create the database system tables mysqld.log reports a stack smashing attack so I guess this is a hardened issue. Reproducible: Always Steps to Reproduce: emerge --config =dev-db/mysql-5.0.60-r1 Actual Results: Creating the mysql database and setting proper permissions on it ... Insert a password for the mysql 'root' user Avoid ["'\_%] characters in the password > Retype the password > ERROR: dev-db/mysql-5.0.60-r1 failed. Call stack: ebuild.sh, line 49: Called pkg_config environment, line 3334: Called mysql_pkg_config environment, line 3034: Called die The specific snippet of code: die "Failed to run mysql_install_db. Please review /var/log/mysql/mysqld.err AND ${TMPDIR}/mysql_install_db.log"; The die message: Failed to run mysql_install_db. Please review /var/log/mysql/mysqld.err AND /var/tmp/portage/dev-db/mysql-5.0.60-r1/temp/mysql_install_db.log If you need support, post the topmost build error, and the call stack if relevant. A complete build log is located at '/var/tmp/portage/dev-db/mysql-5.0.60-r1/temp/build.log'. The ebuild environment file is located at '/var/tmp/portage/dev-db/mysql-5.0.60-r1/temp/environment'. This ebuild is from an overlay: '/var/db/pkg/' ----------> mysql_install_db.log Installing MySQL system tables... 081106 22:31:08 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295 081106 22:31:08 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295 //usr/bin/mysql_install_db: line 433: 13136 Done { echo "use mysql;"; cat $create_system_tables $fill_system_tables; } 13138 | eval "$filter_cmd_line" 13140 Killed | $mysqld_install_cmd_line > /dev/null Installation of system tables failed! ----------> mysqld.err 081106 22:31:08 [Warning] No argument was provided to --log-bin, and --log-bin-index was not used; so replication may break when this MySQL server acts as a master and has his hostname changed!! Please use '--log-bin=mysqld-bin' to avoid this problem. *** stack smashing detected ***: mysqld - terminated mysqld: stack smashing attack in function int mysql_prepare_table(THD*, HA_CREATE_INFO*, Alter_info*, bool, uint*, handler*, KEY**, uint*, int) - terminated Report to http://bugs.gentoo.org/ Portage 2.1.4.5 (hardened/linux/x86/2008.0/server, gcc-3.4.6, glibc-2.6.1-r0, 2.6.25-hardened-r8 i686) ================================================================= System uname: 2.6.25-hardened-r8 i686 AMD Athlon(tm) XP 1600+ Timestamp of tree: Thu, 06 Nov 2008 13:16:01 +0000 ccache version 2.4 [enabled] app-shells/bash: 3.2_p17-r1 dev-lang/python: 2.4.4-r6 dev-python/pycrypto: 2.0.1-r6 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.61-r1 sys-devel/automake: 1.10 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.24 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=athlon-xp -O2 -pipe -fforce-addr -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/terminfo /etc/udev/rules.d" CXXFLAGS="" DISTDIR="/usr/portage/distfiles" FEATURES="ccache collision-protect distlocks metadata-transfer sandbox sfperms strict stricter test unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://ftp.spline.inf.fu-berlin.de/mirrors/gentoo/ " LDFLAGS="-Wl,-O1" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="acl apache2 berkdb bzip2 cli cracklib crypt cups dri gdbm gpm hardened iconv isdnlog ldap mailwrapper midi mudflap mysql ncurses nptl nptlonly openmp pam pcre perl pic pppd python readline reflection session snmp spl ssl sysfs tcpd truetype unicode urandom x86 xml xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 i810 imstt intel mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY PID TTY STAT TIME COMMAND 1 ? Ss 0:00 init [3] 2 ? S< 0:00 [kthreadd] 3 ? S< 0:00 [ksoftirqd/0] 4 ? S< 0:01 [events/0] 5 ? S< 0:00 [khelper] 43 ? S< 0:00 [kblockd/0] 45 ? S< 0:00 [kacpid] 46 ? S< 0:00 [kacpi_notify] 100 ? S< 0:00 [ata/0] 101 ? S< 0:00 [ata_aux] 103 ? S< 0:00 [kseriod] 145 ? S 0:00 [pdflush] 146 ? S< 0:00 [kswapd0] 191 ? S< 0:00 [aio/0] 310 ? S< 0:00 [scsi_eh_0] 344 ? S< 0:00 [kpsmoused] 363 ? S< 0:00 [edac-poller] 369 ? S< 0:00 [kjournald] 461 ? S<s 0:00 /sbin/udevd --daemon 1241 ? S< 0:00 [kjournald] 1242 ? S< 0:00 [kjournald] 1243 ? S< 0:00 [kjournald] 1244 ? S< 0:00 [kjournald] 1245 ? S< 0:00 [kjournald] 2740 ? Ss 0:00 metalog [MASTER] 2741 ? S 0:00 metalog [KERNEL] 3274 ? Ss 0:00 /usr/sbin/cron 3342 tty2 Ss 0:00 /bin/login -- 3344 tty3 Ss+ 0:00 /sbin/agetty 38400 tty3 linux 3346 tty4 Ss+ 0:00 /sbin/agetty 38400 tty4 linux 3347 tty5 Ss+ 0:00 /sbin/agetty 38400 tty5 linux 3348 tty6 Ss+ 0:00 /sbin/agetty 38400 tty6 linux 12346 tty1 Ss 0:00 /bin/login -- 12564 ? S 0:00 [pdflush] 12616 tty1 R 0:00 -bash 13237 tty2 S+ 0:00 -bash 13375 ? Ss 0:00 /usr/sbin/gpm -m /dev/psaux -t imps2 -l "a-zA-Z0-9_.:~/\300-\326\330-\366\370-\377" 22887 tty1 R+ 0:00 ps -ax
Looks a lot like bug #200741.
On a lark, if you turn off PaX/grsec, does it go away? The Gentoo infrastructure team has been running hardened boxes with mysql for a long time and we haven't seen this issue.
Also using mysql on hardened for quite a few years now.
It works with (gcc-config) i868-pc-linux-gnu-hardenednopie and nopiessp. I get an "Aborting sue to QA concerns: textrels" when using hardenednossp.
Created attachment 170998 [details] appending as requested in build.log (hardenednossp) 7z-ipped due to size (23MB)
I just found out that the CXXFLAGS aren't set. I had CXXFLAGS="$(CFLAGS)" in my make.conf which obviously is the same as CXXFLAGS="". Sorry! setting status to RESOVED-INVALID
