Created attachment 445136 [details, diff] /etc/init.d/mysql read mysql user from my.conf set mysql user in my.cnf: user = other_mysql_user /etc/init.d/mysql script ignore it, and always use 'mysql', hardcoded in: checkpath -d --owner mysql:mysql --mode 0755 "$piddir" mysqld can't start because "Permission denied" for pid-file and other files.
Pull request created for this and related issues: https://github.com/gentoo/gentoo/pull/8151
Created attachment 528594 [details, diff] PR patch of files/init.d-2.2 (In reply to Anthony Ryan from comment #1) > Pull request created for this and related issues: > https://github.com/gentoo/gentoo/pull/8151 For reference, the attached is what basically the PR is about. In IRC, the author claims that Galera is broken on Gentoo Hardened. Could someone else in the MySQL team more familiar with such a situation comment on these issues? I don't see a point in either suggestion personally. More insight is needed.
Here's a completely untested patch that tries to workaround the root problem. Apply it and with mysqld with --dumpable: https://dev.gentoo.org/~robbat2/mariadb-10.3.5_rc-prctl-dumpable.patch The real root problem fix would be to fix wsrep_sst_rsync, so that it doesn't bail out when it thinks mysqld isn't running under KSPP w/ hidepid=2.
PR patch: dev-db/mysql-init-scripts update init.d script for other than default running user https://github.com/gentoo/gentoo/pull/11643
file_593046.txt is invalid. --user "${user}" are not needed. because this: https://github.com/gentoo/gentoo/pull/8151#issuecomment-384783074 "This change breaks parts of mysqld that need root privileges during startup (before the setuid fires)." mysqld drop privileges to user according to my.cnf
