rpms/mariadb
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Add selinux policy

Browse Source 
Update to 10.1.14 (includes various bug fixes)
Add -h and --help options to galera_new_cluster
This commit is contained in:
Jakub Dorňák 2016-05-12 17:02:51 +02:00
parent 345174466b
commit 992cadbef3
4 changed files with 93 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
mariadb-galera-new-cluster-help.patch Normal file
View File

@ -0,0 +1,25 @@
--- mariadb-10.1.14/scripts/galera_new_cluster.sh.orig 2016-05-11 18:51:13.797926130 +0200
+++ mariadb-10.1.14/scripts/galera_new_cluster.sh 2016-05-11 19:19:41.195591769 +0200
@@ -5,6 +5,22 @@
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
+if [ "${1}" == "-h" -o "${1}" == "--help" ]; then
+ cat <<EOF
+
+Usage: ${0}
+
+ The script galera_new_cluster is used to bootstrap new Galera Cluster,
+ when all the nodes are down. Run galera_new_cluster on the first node only.
+ On the remaing nodes simply run 'service @DAEMON_NAME@ start'.
+
+ For more information on Galera Cluster configuration and usage see:
+ https://mariadb.com/kb/en/mariadb/getting-started-with-mariadb-galera-cluster/
+
+EOF
+ exit 0
+fi
+
VERSION="@VERSION@@MYSQL_SERVER_SUFFIX@"
COMPILATION_COMMENT="@COMPILATION_COMMENT@"

23
mariadb-server-galera.te Normal file
View File

@ -0,0 +1,23 @@
module mariadb-server-galera 1.0;
require {
type mysqld_t;
type rsync_exec_t;
type anon_inodefs_t;
type proc_net_t;
type kerberos_port_t;
class file { read execute execute_no_trans getattr open };
class tcp_socket { name_bind name_connect };
class process { setpgid siginh rlimitinh noatsecure };
}
# allow mysqld to run rsyncd
allow mysqld_t self:process setpgid;
allow mysqld_t rsync_exec_t:file { read execute execute_no_trans getattr open };
allow mysqld_t anon_inodefs_t:file getattr;
allow mysqld_t proc_net_t:file { read open };
# allow rsyncd to listen on port 4444
allow mysqld_t kerberos_port_t:tcp_socket { name_bind name_connect };

48
mariadb.spec
View File

@ -119,11 +119,11 @@
# Make long macros shorter # Make long macros shorter
%global sameevr %{epoch}:%{version}-%{release} %global sameevr %{epoch}:%{version}-%{release}
%global compatver 10.1 %global compatver 10.1
%global bugfixver 13 %global bugfixver 14
Name: mariadb Name: mariadb
Version: %{compatver}.%{bugfixver} Version: %{compatver}.%{bugfixver}
Release: 3%{?with_debug:.debug}%{?dist} Release: 1%{?with_debug:.debug}%{?dist}
Epoch: 1 Epoch: 1
Summary: A community developed branch of MySQL Summary: A community developed branch of MySQL
@ -157,6 +157,7 @@ Source52: rh-skipped-tests-ppc-s390.list
# TODO: clustercheck contains some hard-coded paths, these should be expanded using template system # TODO: clustercheck contains some hard-coded paths, these should be expanded using template system
Source70: clustercheck.sh Source70: clustercheck.sh
Source71: LICENSE.clustercheck Source71: LICENSE.clustercheck
Source72: mariadb-server-galera.te
# Comments for these patches are in the patch files # Comments for these patches are in the patch files
# Patches common for more mysql-like packages # Patches common for more mysql-like packages
@ -174,11 +175,11 @@ Patch30: %{pkgnamepatch}-errno.patch
Patch31: %{pkgnamepatch}-string-overflow.patch Patch31: %{pkgnamepatch}-string-overflow.patch
Patch32: %{pkgnamepatch}-basedir.patch Patch32: %{pkgnamepatch}-basedir.patch
Patch34: %{pkgnamepatch}-covscan-stroverflow.patch Patch34: %{pkgnamepatch}-covscan-stroverflow.patch
Patch36: %{pkgnamepatch}-ssltest.patch
Patch37: %{pkgnamepatch}-notestdb.patch Patch37: %{pkgnamepatch}-notestdb.patch
# Patches for galera # Patches for galera
Patch40: %{pkgnamepatch}-galera.cnf.patch Patch40: %{pkgnamepatch}-galera.cnf.patch
Patch41: %{pkgnamepatch}-galera-new-cluster-help.patch
BuildRequires: cmake BuildRequires: cmake
BuildRequires: libaio-devel BuildRequires: libaio-devel
@ -210,6 +211,7 @@ BuildRequires: perl(Test::More)
BuildRequires: perl(Time::HiRes) BuildRequires: perl(Time::HiRes)
# for running some openssl tests rhbz#1189180 # for running some openssl tests rhbz#1189180
BuildRequires: openssl BuildRequires: openssl
BuildRequires: selinux-policy-devel
%{?with_init_systemd:BuildRequires: systemd systemd-devel} %{?with_init_systemd:BuildRequires: systemd systemd-devel}
Requires: bash Requires: bash
@ -320,6 +322,8 @@ Group: Applications/Databases
Requires: %{name}-common%{?_isa} = %{sameevr} Requires: %{name}-common%{?_isa} = %{sameevr}
Requires: %{name}-server%{?_isa} = %{sameevr} Requires: %{name}-server%{?_isa} = %{sameevr}
Requires: galera >= 25.3.3 Requires: galera >= 25.3.3
Requires(post): libselinux-utils
Requires(post): policycoreutils-python
# obsoletion of mariadb-galera-server # obsoletion of mariadb-galera-server
Provides: mariadb-galera-server = %{sameevr} Provides: mariadb-galera-server = %{sameevr}
@ -553,9 +557,9 @@ MariaDB is a community developed branch of MySQL.
%patch31 -p1 %patch31 -p1
%patch32 -p1 %patch32 -p1
%patch34 -p1 %patch34 -p1
%patch36 -p1
%patch37 -p1 %patch37 -p1
%patch40 -p1 %patch40 -p1
%patch41 -p1
sed -i -e 's/2.8.7/2.6.4/g' cmake/cpack_rpm.cmake sed -i -e 's/2.8.7/2.6.4/g' cmake/cpack_rpm.cmake
@ -578,6 +582,13 @@ cp %{SOURCE2} %{SOURCE3} %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} \
%{SOURCE14} %{SOURCE15} %{SOURCE16} %{SOURCE17} %{SOURCE18} %{SOURCE19} \ %{SOURCE14} %{SOURCE15} %{SOURCE16} %{SOURCE17} %{SOURCE18} %{SOURCE19} \
%{SOURCE70} scripts %{SOURCE70} scripts
%if %{with galera}
# prepare selinux policy
mkdir selinux
sed 's/mariadb-server-galera/%{name}-server-galera/' %{SOURCE72} > selinux/%{name}-server-galera.te
cat selinux/%{name}-server-galera.te
%endif
%build %build
# fail quickly and obviously if user tries to build as root # fail quickly and obviously if user tries to build as root
@ -668,6 +679,12 @@ for e in innobase xtradb ; do
done done
done done
# build selinux policy
%if %{with galera}
pushd selinux
make -f /usr/share/selinux/devel/Makefile %{name}-server-galera.pp
%endif
%install %install
make DESTDIR=%{buildroot} install make DESTDIR=%{buildroot} install
@ -747,6 +764,11 @@ install -p -m 755 scripts/mysql-check-socket %{buildroot}%{_libexecdir}/mysql-ch
install -p -m 755 scripts/mysql-check-upgrade %{buildroot}%{_libexecdir}/mysql-check-upgrade install -p -m 755 scripts/mysql-check-upgrade %{buildroot}%{_libexecdir}/mysql-check-upgrade
install -p -m 644 scripts/mysql-scripts-common %{buildroot}%{_libexecdir}/mysql-scripts-common install -p -m 644 scripts/mysql-scripts-common %{buildroot}%{_libexecdir}/mysql-scripts-common
# install selinux policy
%if %{with galera}
install -p -m 644 -D selinux/%{name}-server-galera.pp %{buildroot}%{_datadir}/selinux/packages/%{name}/%{name}-server-galera.pp
%endif
# Remove libmysqld.a # Remove libmysqld.a
rm -f %{buildroot}%{_libdir}/mysql/libmysqld.a rm -f %{buildroot}%{_libdir}/mysql/libmysqld.a
@ -932,6 +954,10 @@ export MTR_BUILD_THREAD=%{__isa_bits}
%post embedded -p /sbin/ldconfig %post embedded -p /sbin/ldconfig
%endif %endif
%post server-galera
semanage port -a -t mysqld_port_t -p tcp 4568 >/dev/null 2>&1 || :
semodule -i %{_datadir}/selinux/packages/%{name}/%{name}-server-galera.pp >/dev/null 2>&1 || :
%post server %post server
%if %{with init_systemd} %if %{with init_systemd}
%systemd_post %{daemon_name}.service %systemd_post %{daemon_name}.service
@ -961,6 +987,13 @@ fi
%postun embedded -p /sbin/ldconfig %postun embedded -p /sbin/ldconfig
%endif %endif
%if %{with galera}
%postun server-galera
if [ $1 -eq 0 ]; then
semodule -r %{name}-server-galera 2>/dev/null || :
fi
%endif
%postun server %postun server
%if %{with init_systemd} %if %{with init_systemd}
%systemd_postun_with_restart %{daemon_name}.service %systemd_postun_with_restart %{daemon_name}.service
@ -1069,6 +1102,7 @@ fi
%{_datadir}/%{pkg_name}/systemd/use_galera_new_cluster.conf %{_datadir}/%{pkg_name}/systemd/use_galera_new_cluster.conf
%config(noreplace) %{_sysconfdir}/my.cnf.d/galera.cnf %config(noreplace) %{_sysconfdir}/my.cnf.d/galera.cnf
%attr(0640,root,root) %ghost %config(noreplace) %{_sysconfdir}/sysconfig/clustercheck %attr(0640,root,root) %ghost %config(noreplace) %{_sysconfdir}/sysconfig/clustercheck
%{_datadir}/selinux/packages/%{name}/%{name}-server-galera.pp
%files server %files server
%doc README.mysql-cnf %doc README.mysql-cnf
@ -1166,6 +1200,7 @@ fi
%{_datadir}/%{pkg_name}/mysql_system_tables.sql %{_datadir}/%{pkg_name}/mysql_system_tables.sql
%{_datadir}/%{pkg_name}/mysql_system_tables_data.sql %{_datadir}/%{pkg_name}/mysql_system_tables_data.sql
%{_datadir}/%{pkg_name}/mysql_test_data_timezone.sql %{_datadir}/%{pkg_name}/mysql_test_data_timezone.sql
%{_datadir}/%{pkg_name}/mysql_to_mariadb.sql
%{_datadir}/%{pkg_name}/mysql_performance_tables.sql %{_datadir}/%{pkg_name}/mysql_performance_tables.sql
%{?with_mroonga:%{_datadir}/%{pkg_name}/mroonga/install.sql} %{?with_mroonga:%{_datadir}/%{pkg_name}/mroonga/install.sql}
%{?with_mroonga:%{_datadir}/%{pkg_name}/mroonga/uninstall.sql} %{?with_mroonga:%{_datadir}/%{pkg_name}/mroonga/uninstall.sql}
@ -1249,6 +1284,11 @@ fi
%endif %endif
%changelog %changelog
* Thu May 12 2016 Jakub Dorňák <jdornak@redhat.com> - 1:10.1.14-1
- Add selinux policy
- Update to 10.1.14 (includes various bug fixes)
- Add -h and --help options to galera_new_cluster
* Thu Apr 7 2016 Jakub Dorňák <jdornak@redhat.com> - 1:10.1.13-3 * Thu Apr 7 2016 Jakub Dorňák <jdornak@redhat.com> - 1:10.1.13-3
- wsrep_on in galera.cnf - wsrep_on in galera.cnf

2
sources
View File

@ -1 +1 @@
aa881ff81a181c7357a90b8a357dee7c mariadb-10.1.13.tar.gz 294925531e0fd2f0461e3894496a5adc mariadb-10.1.14.tar.gz