Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 593046

Summary: dev-db/mysql-init-scripts /etc/init.d/mysql ignore 'user' paramater from my.cnf
Product: Gentoo Linux Reporter: Dmitry A. Bakshaev <dab1818>
Component: Current packagesAssignee: Gentoo Linux MySQL bugs team <mysql-bugs>
Status: IN_PROGRESS ---    
Severity: normal CC: anthonyryan1
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also:
Package list:
Runtime testing required: ---
Attachments: /etc/init.d/mysql read mysql user from my.conf
PR patch of files/init.d-2.2

Description Dmitry A. Bakshaev 2016-09-07 13:58:34 UTC
Created attachment 445136 [details, diff]
/etc/init.d/mysql read mysql user from my.conf

set mysql user in my.cnf:
user = other_mysql_user

/etc/init.d/mysql script ignore it, and always use 'mysql',
hardcoded in:
checkpath -d --owner mysql:mysql --mode 0755 "$piddir"

mysqld can't start because "Permission denied" for pid-file and other files.
Comment 1 Anthony Ryan 2018-04-26 16:00:24 UTC
Pull request created for this and related issues:
Comment 2 Brian Evans (RETIRED) gentoo-dev 2018-04-26 17:22:46 UTC
Created attachment 528594 [details, diff]
PR patch of files/init.d-2.2

(In reply to Anthony Ryan from comment #1)
> Pull request created for this and related issues:

For reference, the attached is what basically the PR is about.

In IRC, the author claims that Galera is broken on Gentoo Hardened.

Could someone else in the MySQL team more familiar with such a situation comment on these issues?

I don't see a point in either suggestion personally.  More insight is needed.
Comment 3 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2018-04-26 23:31:42 UTC
Here's a completely untested patch that tries to workaround the root problem. Apply it and with mysqld with --dumpable:

The real root problem fix would be to fix wsrep_sst_rsync, so that it doesn't bail out when it thinks mysqld isn't running under KSPP w/ hidepid=2.
Comment 4 Jan Hudoba 2019-04-14 10:32:23 UTC
PR patch:
dev-db/mysql-init-scripts update init.d script for other than default running user
Comment 5 Dmitry A. Bakshaev 2020-04-19 11:51:09 UTC
file_593046.txt is invalid.
--user "${user}" are not needed.
because this:
"This change breaks parts of mysqld that need root privileges during startup (before the setuid fires)."

mysqld drop privileges to user according to my.cnf