Skip to content

Commit 19e46ed

Browse files
committed
Merge branch 'mysql-5.6' into mysql-5.7
2 parents cbebdb3 + e34a407 commit 19e46ed

File tree

1 file changed

+37
-12
lines changed

1 file changed

+37
-12
lines changed

packaging/deb-in/extra/mysql-helpers

Lines changed: 37 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,7 @@ get_mysql_option() {
5050

5151
# Check if server is running
5252
get_running () {
53+
MYSQLDATA=$(get_mysql_option mysqld datadir "/var/lib/mysql")
5354
PIDFILE=$(get_mysql_option mysqld_safe pid-file "")
5455
if [ -z "$PIDFILE" ]; then
5556
PIDFILE=$(get_mysql_option mysqld pid-file "$MYSQLDATA/$(hostname).pid")
@@ -74,10 +75,10 @@ run_init_sql() {
7475
# Verify that everything the server needs to run is set up
7576
verify_ready() {
7677

77-
MYSQLDATA=/var/lib/mysql
78-
MYSQLFILES=/var/lib/mysql-files
79-
MYSQLKEYRING=/var/lib/mysql-keyring
80-
MYSQLLOG=/var/log/mysql
78+
MYSQLDATA=$(get_mysql_option mysqld datadir "/var/lib/mysql")
79+
MYSQLFILES=$(get_mysql_option mysqld secure-file-priv "/var/lib/mysql-files")
80+
MYSQLKEYRING=$(dirname $(get_mysql_option mysqld keyring-file-data "/var/lib/mysql-keyring/keyring"))
81+
MYSQLLOG=$(dirname $(get_mysql_option mysqld log-error "/var/log/mysql/error.log"))
8182
MYSQLRUN=/var/run/mysqld
8283

8384
if ! getent group mysql >/dev/null; then
@@ -87,22 +88,46 @@ verify_ready() {
8788
if ! getent passwd mysql >/dev/null; then
8889
adduser --ingroup mysql --system --disabled-login --no-create-home --home ${MYSQLDATA} --shell /bin/false --gecos "MySQL Server" mysql >/dev/null
8990
fi
90-
91+
ERROR_FLAG=0
9192
if [ ! -d ${MYSQLDATA} -a ! -L ${MYSQLDATA} ]; then
92-
install -d -m0750 -omysql -gmysql ${MYSQLDATA}
93+
if [ "$(dirname "${MYSQLDATA}")" = "/var/lib" ]; then
94+
install -d -m0750 -omysql -gmysql ${MYSQLDATA}
95+
else
96+
echo "Error: Datadir ${MYSQLDATA} does not exist. For security reasons the service will not automatically create directories outside /var/lib.."
97+
ERROR_FLAG=1
98+
fi
9399
fi
94100

95101
if [ ! -d ${MYSQLFILES} -a ! -L ${MYSQLFILES} ]; then
96-
install -d -m0770 -omysql -gmysql ${MYSQLFILES}
102+
if [ "$(dirname "${MYSQLFILES}")" = "/var/lib" -o ${MYSQLFILES} = NULL ]; then
103+
install -d -m0770 -omysql -gmysql ${MYSQLFILES}
104+
else
105+
echo "Error: Secure-file-priv dir ${MYSQLFILES} does not exist. For security reasons the service will not automatically create directories outside /var/lib."
106+
ERROR_FLAG=1
107+
fi
97108
fi
98109

99110
if [ ! -d ${MYSQLKEYRING} -a ! -L ${MYSQLKEYRING} ]; then
100-
install -d -m0750 -omysql -gmysql ${MYSQLKEYRING}
111+
if [ "$(dirname "${MYSQLKEYRING}")" = "/var/lib" ]; then
112+
install -d -m0750 -omysql -gmysql ${MYSQLKEYRING}
113+
else
114+
echo "Warning: Keyring dir ${MYSQLKEYRING} does not exist. For security reasons the service will not automatically create directories outside /var/lib. The server may not start correctly."
115+
fi
101116
fi
102117

103118
if [ ! -d ${MYSQLLOG} -a ! -L ${MYSQLLOG} ]; then
104-
install -d -m0750 -omysql -gadm ${MYSQLLOG}
105-
install /dev/null -m0640 -omysql -gadm ${MYSQLLOG}/error.log
119+
if [ "$(dirname "${MYSQLLOG}")" = "/var/log" ]; then
120+
install -d -m0750 -omysql -gadm ${MYSQLLOG}
121+
install /dev/null -m0640 -omysql -gadm ${MYSQLLOG}/error.log
122+
else
123+
echo "Error: Log dir ${MYSQLLOG} does not exist. For security reasons the service will not automatically create directories outside /var/log."
124+
ERROR_FLAG=1
125+
fi
126+
fi
127+
128+
if [ ${ERROR_FLAG} = 1 ]; then
129+
echo "Errors found. Aborting."
130+
exit 1
106131
fi
107132

108133
if [ ! -d ${MYSQLRUN} -a ! -L ${MYSQLRUN} ]; then
@@ -112,8 +137,8 @@ verify_ready() {
112137

113138
# Verify the database exists and is ssl ready
114139
verify_database() {
115-
MYSQLDATA=/var/lib/mysql
116-
MYSQLFILES=/var/lib/mysql-files
140+
MYSQLDATA=$(get_mysql_option mysqld datadir "/var/lib/mysql")
141+
MYSQLFILES=$(get_mysql_option mysqld secure-file-priv "/var/lib/mysql-files")
117142

118143
if [ ! -d "${MYSQLDATA}/mysql" ] && [ -d "${MYSQLFILES}" ]; then
119144
su - mysql -s /bin/bash -c "mysqld --initialize-insecure > /dev/null"

0 commit comments

Comments
 (0)