Update cnf and service files with MySQL 8.0 features and clean up patches.
This commit is contained in:
parent
a4a6473e61
commit
2f2956058b
@ -1,154 +0,0 @@
|
||||
Some test items assume the default SSL cipher is DHE-RSA-AES256-SHA,
|
||||
which is no longer the case as of openssl 1.0.1.
|
||||
This patch enhances connect command by an option to specify a cipher
|
||||
and tests are adjusted to specify the expected cipher explicitly.
|
||||
Upstream bug report: http://bugs.mysql.com/bug.php?id=64461
|
||||
|
||||
diff --git a/client/mysqltest.cc b/client/mysqltest.cc
|
||||
index 2def9bd..128dc00 100644
|
||||
--- a/client/mysqltest.cc
|
||||
+++ b/client/mysqltest.cc
|
||||
@@ -5503,6 +5503,7 @@ void do_connect(struct st_command *command)
|
||||
my_bool con_pipe= 0, con_shm= 0, con_cleartext_enable= 0;
|
||||
my_bool con_secure_auth= 1;
|
||||
struct st_connection* con_slot;
|
||||
+ char *con_cipher=NULL;
|
||||
|
||||
static DYNAMIC_STRING ds_connection_name;
|
||||
static DYNAMIC_STRING ds_host;
|
||||
@@ -5595,6 +5596,8 @@ void do_connect(struct st_command *command)
|
||||
con_cleartext_enable= 1;
|
||||
else if (!strncmp(con_options, "SKIPSECUREAUTH",14))
|
||||
con_secure_auth= 0;
|
||||
+ else if (!strncmp(con_options, "CIPHER:", 7))
|
||||
+ con_cipher = con_options + 7;
|
||||
else
|
||||
die("Illegal option to connect: %.*s",
|
||||
(int) (end - con_options), con_options);
|
||||
@@ -5642,8 +5645,11 @@ void do_connect(struct st_command *command)
|
||||
if (con_ssl)
|
||||
{
|
||||
#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
|
||||
+ /* default cipher */
|
||||
+ if (con_cipher == NULL && opt_ssl_cipher != NULL)
|
||||
+ con_cipher = opt_ssl_cipher;
|
||||
mysql_ssl_set(&con_slot->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
|
||||
- opt_ssl_capath, opt_ssl_cipher);
|
||||
+ opt_ssl_capath, con_cipher);
|
||||
mysql_options(&con_slot->mysql, MYSQL_OPT_SSL_CRL, opt_ssl_crl);
|
||||
mysql_options(&con_slot->mysql, MYSQL_OPT_SSL_CRLPATH, opt_ssl_crlpath);
|
||||
#if MYSQL_VERSION_ID >= 50000
|
||||
diff --git a/mysql-test/r/openssl_1.result b/mysql-test/r/openssl_1.result
|
||||
index a767a71..3c1ee27 100644
|
||||
--- a/mysql-test/r/openssl_1.result
|
||||
+++ b/mysql-test/r/openssl_1.result
|
||||
@@ -197,8 +197,6 @@ Variable_name Value
|
||||
Ssl_cipher EDH-RSA-DES-CBC3-SHA
|
||||
Variable_name Value
|
||||
Ssl_cipher AES256-SHA
|
||||
-Variable_name Value
|
||||
-Ssl_cipher RC4-SHA
|
||||
select 'is still running; no cipher request crashed the server' as result from dual;
|
||||
result
|
||||
is still running; no cipher request crashed the server
|
||||
diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test
|
||||
index 426de1e..f8c6203 100644
|
||||
--- a/mysql-test/t/openssl_1.test
|
||||
+++ b/mysql-test/t/openssl_1.test
|
||||
@@ -20,13 +20,13 @@ grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA
|
||||
grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
|
||||
flush privileges;
|
||||
|
||||
-connect (con1,localhost,ssl_user1,,,,,SSL);
|
||||
-connect (con2,localhost,ssl_user2,,,,,SSL);
|
||||
-connect (con3,localhost,ssl_user3,,,,,SSL);
|
||||
-connect (con4,localhost,ssl_user4,,,,,SSL);
|
||||
+connect (con1,localhost,ssl_user1,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
||||
+connect (con2,localhost,ssl_user2,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
||||
+connect (con3,localhost,ssl_user3,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
||||
+connect (con4,localhost,ssl_user4,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
||||
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
||||
--error ER_ACCESS_DENIED_ERROR
|
||||
-connect (con5,localhost,ssl_user5,,,,,SSL);
|
||||
+connect (con5,localhost,ssl_user5,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
||||
|
||||
connection con1;
|
||||
# Check ssl turned on
|
||||
@@ -125,7 +125,7 @@ drop table t1;
|
||||
# verification of servers certificate by setting both ca certificate
|
||||
# and ca path to NULL
|
||||
#
|
||||
---exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
|
||||
+--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem --ssl-cipher=DHE-RSA-AES256-SHA -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
|
||||
--echo End of 5.0 tests
|
||||
|
||||
#
|
||||
@@ -215,7 +215,6 @@ DROP TABLE t1;
|
||||
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=DHE-RSA-AES256-SHA
|
||||
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC3-SHA
|
||||
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES256-SHA
|
||||
---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=RC4-SHA
|
||||
--disable_query_log
|
||||
--disable_result_log
|
||||
|
||||
@@ -250,7 +249,7 @@ select 'is still running; no cipher request crashed the server' as result from d
|
||||
|
||||
GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509;
|
||||
FLUSH PRIVILEGES;
|
||||
-connect(con1,localhost,bug42158,,,,,SSL);
|
||||
+connect(con1,localhost,bug42158,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
||||
SHOW STATUS LIKE 'Ssl_cipher';
|
||||
disconnect con1;
|
||||
connection default;
|
||||
diff --git a/mysql-test/t/plugin_auth_sha256_tls.test b/mysql-test/t/plugin_auth_sha256_tls.test
|
||||
index f99df8a..1b38fda 100644
|
||||
--- a/mysql-test/t/plugin_auth_sha256_tls.test
|
||||
+++ b/mysql-test/t/plugin_auth_sha256_tls.test
|
||||
@@ -1,7 +1,7 @@
|
||||
--source include/not_embedded.inc
|
||||
--source include/have_ssl.inc
|
||||
|
||||
-connect (ssl_con,localhost,root,,,,,SSL);
|
||||
+connect (ssl_con,localhost,root,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
||||
SHOW STATUS LIKE 'Ssl_cipher';
|
||||
|
||||
CREATE USER 'kristofer' IDENTIFIED WITH 'sha256_password';
|
||||
diff --git a/mysql-test/t/ssl.test b/mysql-test/t/ssl.test
|
||||
index ea8be39..c61ca8b 100644
|
||||
--- a/mysql-test/t/ssl.test
|
||||
+++ b/mysql-test/t/ssl.test
|
||||
@@ -8,7 +8,7 @@
|
||||
# Save the initial number of concurrent sessions
|
||||
--source include/count_sessions.inc
|
||||
|
||||
-connect (ssl_con,localhost,root,,,,,SSL);
|
||||
+connect (ssl_con,localhost,root,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
||||
|
||||
# Check ssl turned on
|
||||
SHOW STATUS LIKE 'Ssl_cipher';
|
||||
diff --git a/mysql-test/t/ssl_8k_key.test b/mysql-test/t/ssl_8k_key.test
|
||||
index d94c2fc..c27ca58 100644
|
||||
--- a/mysql-test/t/ssl_8k_key.test
|
||||
+++ b/mysql-test/t/ssl_8k_key.test
|
||||
@@ -4,7 +4,7 @@
|
||||
#
|
||||
# Bug#29784 YaSSL assertion failure when reading 8k key.
|
||||
#
|
||||
---exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
|
||||
+--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem --ssl-cipher=DHE-RSA-AES256-SHA -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
|
||||
|
||||
## This test file is for testing encrypted communication only, not other
|
||||
## encryption routines that the SSL library happens to provide!
|
||||
diff --git a/mysql-test/t/ssl_compress.test b/mysql-test/t/ssl_compress.test
|
||||
index 2cb4c0d..feaa0e7 100644
|
||||
--- a/mysql-test/t/ssl_compress.test
|
||||
+++ b/mysql-test/t/ssl_compress.test
|
||||
@@ -9,7 +9,7 @@
|
||||
# Save the initial number of concurrent sessions
|
||||
--source include/count_sessions.inc
|
||||
|
||||
-connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS);
|
||||
+connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS CIPHER:DHE-RSA-AES256-SHA);
|
||||
|
||||
# Check ssl turned on
|
||||
SHOW STATUS LIKE 'Ssl_cipher';
|
@ -1,50 +0,0 @@
|
||||
Added to address RHBZ#1449689
|
||||
|
||||
Original patch notes from <hhorak@redhat.com> follows:
|
||||
|
||||
...
|
||||
|
||||
In FIPS mode there is no md5 by default, unless declared it is specifically
|
||||
allowed. MD5 is used for non-crypto related things in MySQL (digests related
|
||||
to performance schema and table list), so it is ok to use MD5 there.
|
||||
|
||||
However, there is also MD5() SQL function, that should still keep working,
|
||||
but users should know they should avoid using it in FIPS mode.
|
||||
|
||||
RHBZ: #1351791
|
||||
|
||||
Upstream bug reports:
|
||||
http://bugs.mysql.com/bug.php?id=83696
|
||||
https://jira.mariadb.org/browse/MDEV-7788
|
||||
|
||||
|
||||
diff -Naurp mysql-5.7.18_original/mysys_ssl/my_md5.cc mysql-5.7.18_patched/mysys_ssl/my_md5.cc
|
||||
--- mysql-5.7.18_original/mysys_ssl/my_md5.cc 2017-03-18 08:45:14.000000000 +0100
|
||||
+++ mysql-5.7.18_patched/mysys_ssl/my_md5.cc 2017-05-12 12:19:38.584814619 +0200
|
||||
@@ -38,13 +38,22 @@ static void my_md5_hash(char *digest, co
|
||||
|
||||
#elif defined(HAVE_OPENSSL)
|
||||
#include <openssl/md5.h>
|
||||
+#include <openssl/evp.h>
|
||||
|
||||
static void my_md5_hash(unsigned char* digest, unsigned const char *buf, int len)
|
||||
{
|
||||
- MD5_CTX ctx;
|
||||
- MD5_Init (&ctx);
|
||||
- MD5_Update (&ctx, buf, len);
|
||||
- MD5_Final (digest, &ctx);
|
||||
+ EVP_MD_CTX *ctx;
|
||||
+ ctx = EVP_MD_CTX_create();
|
||||
+
|
||||
+ #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
|
||||
+ /* we will be using MD5, which is not allowed under FIPS */
|
||||
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
|
||||
+ #endif
|
||||
+
|
||||
+ EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
|
||||
+ EVP_DigestUpdate(ctx, buf, len);
|
||||
+ EVP_DigestFinal_ex(ctx, digest, NULL);
|
||||
+ EVP_MD_CTX_destroy(ctx);
|
||||
}
|
||||
|
||||
#endif /* HAVE_YASSL */
|
@ -4,7 +4,7 @@ Software Collections. Removing these hard-coded paths should fix it.
|
||||
Upstream report: https://mariadb.atlassian.net/browse/MDEV-6485
|
||||
|
||||
diff --git a/cmake/install_layout.cmake b/cmake/install_layout.cmake
|
||||
index ec2b492..43e4ccd 100644
|
||||
index f5ac0bf2..cd3132de 100644
|
||||
--- a/cmake/install_layout.cmake
|
||||
+++ b/cmake/install_layout.cmake
|
||||
@@ -114,7 +114,7 @@ IF(UNIX)
|
||||
@ -25,10 +25,10 @@ index ec2b492..43e4ccd 100644
|
||||
IF(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64")
|
||||
SET(INSTALL_LIBDIR_RPM "lib64")
|
||||
diff --git a/mysys_ssl/my_default.cc b/mysys_ssl/my_default.cc
|
||||
index 2d76700..02c5885 100644
|
||||
index 1317e362..cfa0feb7 100644
|
||||
--- a/mysys_ssl/my_default.cc
|
||||
+++ b/mysys_ssl/my_default.cc
|
||||
@@ -1733,12 +1733,12 @@ static const char **init_default_directories(MEM_ROOT *alloc)
|
||||
@@ -1570,12 +1570,12 @@ static const char **init_default_directories(MEM_ROOT *alloc) {
|
||||
|
||||
#else
|
||||
|
||||
@ -45,20 +45,32 @@ index 2d76700..02c5885 100644
|
||||
|
||||
#endif
|
||||
diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt
|
||||
index c66a910..af9bc9e 100644
|
||||
index c1202103..06a055b1 100644
|
||||
--- a/scripts/CMakeLists.txt
|
||||
+++ b/scripts/CMakeLists.txt
|
||||
@@ -324,7 +324,7 @@ ELSE()
|
||||
@@ -315,7 +315,7 @@ ENDIF(UNIX)
|
||||
|
||||
SET(bindir ${prefix}/${INSTALL_BINDIR})
|
||||
SET(sbindir ${prefix}/${INSTALL_SBINDIR})
|
||||
-SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
|
||||
+SET(libexecdir ${prefix}/${INSTALL_LIBEXECDIR})
|
||||
SET(pkgdatadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
|
||||
IF(INSTALL_LAYOUT MATCHES "STANDALONE")
|
||||
SET(localstatedir ${prefix}/data)
|
||||
@@ -324,9 +324,9 @@ ELSE()
|
||||
ENDIF()
|
||||
|
||||
SET(prefix "${CMAKE_INSTALL_PREFIX}")
|
||||
-SET(sysconfdir ${prefix})
|
||||
+SET(sysconfdir ${SYSCONFDIR})
|
||||
SET(bindir ${prefix}/${INSTALL_BINDIR})
|
||||
SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
|
||||
-SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
|
||||
+SET(libexecdir ${prefix}/${INSTALL_LIBEXECDIR})
|
||||
SET(datadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
|
||||
SET(pkgdatadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
|
||||
SET(libsubdir ${INSTALL_LIBDIR})
|
||||
diff --git a/scripts/mysqld_multi.sh b/scripts/mysqld_multi.sh
|
||||
index 5ad36e7..5dd032f 100644
|
||||
index 5ad36e7b..5dd032f2 100644
|
||||
--- a/scripts/mysqld_multi.sh
|
||||
+++ b/scripts/mysqld_multi.sh
|
||||
@@ -572,9 +572,7 @@ sub list_defaults_files
|
||||
|
@ -80,7 +80,7 @@
|
||||
|
||||
Name: community-mysql
|
||||
Version: 8.0.11
|
||||
Release: 1%{?with_debug:.debug}%{?dist}
|
||||
Release: 2%{?with_debug:.debug}%{?dist}
|
||||
Summary: MySQL client programs and shared libraries
|
||||
URL: http://www.mysql.com
|
||||
|
||||
@ -112,10 +112,9 @@ Source31: server.cnf.in
|
||||
# Patches common for more mysql-like packages
|
||||
Patch1: %{pkgnamepatch}-install-test.patch
|
||||
Patch2: %{pkgnamepatch}-s390-tsc.patch
|
||||
Patch4: %{pkgnamepatch}-file-contents.patch
|
||||
Patch5: %{pkgnamepatch}-scripts.patch
|
||||
Patch6: %{pkgnamepatch}-paths.patch
|
||||
Patch7: %{pkgnamepatch}-md5_fips.patch
|
||||
Patch3: %{pkgnamepatch}-file-contents.patch
|
||||
Patch4: %{pkgnamepatch}-scripts.patch
|
||||
Patch5: %{pkgnamepatch}-paths.patch
|
||||
|
||||
# Patches specific for this mysql package
|
||||
Patch51: %{pkgnamepatch}-chain-certs.patch
|
||||
@ -353,9 +352,9 @@ the MySQL sources.
|
||||
%setup -q -n mysql-%{version}
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
%patch51 -p1
|
||||
%patch52 -p1
|
||||
%patch75 -p1
|
||||
@ -485,12 +484,13 @@ cmake .. \
|
||||
-DINSTALL_DOCREADMEDIR="share/doc/%{_pkgdocdirname}" \
|
||||
-DINSTALL_INCLUDEDIR=include/mysql \
|
||||
-DINSTALL_INFODIR=share/info \
|
||||
-DINSTALL_LIBEXECDIR=libexec \
|
||||
-DINSTALL_LIBDIR="%{_lib}/mysql" \
|
||||
-DINSTALL_MANDIR=share/man \
|
||||
-DINSTALL_MYSQLSHAREDIR=share/%{pkg_name} \
|
||||
-DINSTALL_MYSQLTESTDIR=share/mysql-test \
|
||||
-DINSTALL_PLUGINDIR="%{_lib}/mysql/plugin" \
|
||||
-DINSTALL_SBINDIR=libexec \
|
||||
-DINSTALL_SBINDIR=bin \
|
||||
-DINSTALL_SUPPORTFILESDIR=share/%{pkg_name} \
|
||||
-DMYSQL_DATADIR="%{dbdatadir}" \
|
||||
-DMYSQL_UNIX_ADDR="/var/lib/mysql/mysql.sock" \
|
||||
@ -568,7 +568,7 @@ install -p -m 755 scripts/mysql-wait-ready %{buildroot}%{_libexecdir}/mysql-wait
|
||||
%endif
|
||||
|
||||
# helper scripts for service starting
|
||||
install -p -m 755 scripts/mysql-prepare-db-dir %{buildroot}%{_libexecdir}/mysql-prepare-db-dir
|
||||
install -D -p -m 755 scripts/mysql-prepare-db-dir %{buildroot}%{_libexecdir}/mysql-prepare-db-dir
|
||||
install -p -m 755 scripts/mysql-wait-stop %{buildroot}%{_libexecdir}/mysql-wait-stop
|
||||
install -p -m 755 scripts/mysql-check-socket %{buildroot}%{_libexecdir}/mysql-check-socket
|
||||
install -p -m 755 scripts/mysql-check-upgrade %{buildroot}%{_libexecdir}/mysql-check-upgrade
|
||||
@ -595,7 +595,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/ld.so.conf.d
|
||||
echo "%{_libdir}/mysql" > %{buildroot}%{_sysconfdir}/ld.so.conf.d/%{name}-%{_arch}.conf
|
||||
|
||||
%if %{with debug}
|
||||
mv %{buildroot}%{_libexecdir}/mysqld-debug %{buildroot}%{_libexecdir}/mysqld
|
||||
mv %{buildroot}%{_bindir}/mysqld-debug %{buildroot}%{_bindir}/mysqld
|
||||
%endif
|
||||
|
||||
# Back to src dir
|
||||
@ -833,7 +833,7 @@ fi
|
||||
|
||||
%config(noreplace) %{_sysconfdir}/my.cnf.d/%{pkg_name}-server.cnf
|
||||
|
||||
%{_libexecdir}/mysqld
|
||||
%{_bindir}/mysqld
|
||||
|
||||
%{_libdir}/mysql/INFO_SRC
|
||||
%{_libdir}/mysql/INFO_BIN
|
||||
@ -922,6 +922,19 @@ fi
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon May 14 2018 Norvald H. Ryeng <norvald.ryeng@oracle.com> - 8.0.11-2
|
||||
- MySQL 8.0 has notify support
|
||||
- SQL restart command needs MYSQLD_PARENT_PID=1
|
||||
- Increase LimitNOFILE
|
||||
- Disable symbolic links is default (and option deprecated)
|
||||
- Move mysqld to /usr/bin, with mysqld_safe gone there no reason
|
||||
to have mysqld in libexec
|
||||
- FIPS mode is now supported:
|
||||
https://dev.mysql.com/doc/refman/8.0/en/fips-mode.html
|
||||
- Remove legacy embedded refs from cnf files
|
||||
- Clean up patches: re-numbering and removing
|
||||
- Recommend to use systemctl edit to modify service files
|
||||
|
||||
* Fri Apr 20 2018 Norvald H. Ryeng <norvald.ryeng@oracle.com> - 8.0.11-1
|
||||
- Update to MySQL 8.0.11 (GA).
|
||||
|
||||
|
@ -8,8 +8,6 @@
|
||||
# This group is read by the server
|
||||
#
|
||||
[mysqld]
|
||||
# Disabling symbolic-links is recommended to prevent assorted security risks
|
||||
symbolic-links=0
|
||||
|
||||
#
|
||||
# include all files from the config directory
|
||||
|
@ -94,7 +94,7 @@ if should_initialize "$datadir" ; then
|
||||
|
||||
# Now create the database
|
||||
echo "Initializing @NICE_PROJECT_NAME@ database"
|
||||
@libexecdir@/mysqld --initialize-insecure --datadir="$datadir" --user="$myuser"
|
||||
@bindir@/mysqld --initialize-insecure --datadir="$datadir" --user="$myuser"
|
||||
ret=$?
|
||||
if [ $ret -ne 0 ] ; then
|
||||
echo "Initialization of @NICE_PROJECT_NAME@ database failed." >&2
|
||||
|
@ -1,27 +1,27 @@
|
||||
# It's not recommended to modify this file in-place, because it will be
|
||||
# overwritten during package upgrades. If you want to customize, the
|
||||
# best way is to create a file "/etc/systemd/system/@DAEMON_NAME@.service",
|
||||
# containing
|
||||
# .include /usr/lib/systemd/system/@DAEMON_NAME@.service
|
||||
# ...make your changes here...
|
||||
# or create a file "/etc/systemd/system/@DAEMON_NAME@.service.d/foo.conf",
|
||||
# which doesn't need to include ".include" call and which will be parsed
|
||||
# after the file @DAEMON_NAME@.service itself is parsed.
|
||||
# best way is to use systemctl edit:
|
||||
#
|
||||
# $ systemctl edit @DAEMON_NAME@.service
|
||||
#
|
||||
# this will create file
|
||||
#
|
||||
# /etc/systemd/system/@DAEMON_NAME@.service.d/override.conf
|
||||
#
|
||||
# which be parsed after the file @DAEMON_NAME@.service itself is parsed.
|
||||
#
|
||||
# For example, if you want to increase mysql's open-files-limit to 20000
|
||||
# add following when editing with command above:
|
||||
#
|
||||
# [Service]
|
||||
# LimitNOFILE=20000
|
||||
#
|
||||
# Or if you require to execute pre and post scripts in the unit file as root, set
|
||||
# PermissionsStartOnly=true
|
||||
#
|
||||
# For more info about custom unit files, see systemd.unit(5) or
|
||||
# http://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F
|
||||
|
||||
# For example, if you want to increase mysql's open-files-limit to 10000,
|
||||
# you need to increase systemd's LimitNOFILE setting, so create a file named
|
||||
# "/etc/systemd/system/@DAEMON_NAME@.service.d/limits.conf" containing:
|
||||
# [Service]
|
||||
# LimitNOFILE=10000
|
||||
|
||||
# Or if you require to execute pre and post scripts in the unit file as root, set
|
||||
# PermissionsStartOnly=true
|
||||
|
||||
# Note: /usr/lib/... is recommended in the .include line though /lib/...
|
||||
# still works.
|
||||
#
|
||||
# Don't forget to reload systemd daemon after you change unit configuration:
|
||||
# root> systemctl --system daemon-reload
|
||||
|
||||
@ -31,16 +31,15 @@ After=syslog.target
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
Type=notify
|
||||
User=mysql
|
||||
Group=mysql
|
||||
PIDFile=@PID_FILE_DIR@/@DAEMON_NO_PREFIX@.pid
|
||||
|
||||
ExecStartPre=@libexecdir@/mysql-check-socket
|
||||
ExecStartPre=@libexecdir@/mysql-prepare-db-dir %n
|
||||
# Note: we set --basedir to prevent probes that might trigger SELinux alarms,
|
||||
# per bug #547485
|
||||
ExecStart=@libexecdir@/mysqld --daemonize --basedir=@prefix@ --pid-file=@PID_FILE_DIR@/@DAEMON_NO_PREFIX@.pid
|
||||
ExecStart=@bindir@/mysqld --basedir=@prefix@
|
||||
ExecStartPost=@libexecdir@/mysql-check-upgrade
|
||||
ExecStopPost=@libexecdir@/mysql-wait-stop
|
||||
|
||||
@ -54,5 +53,11 @@ Restart=on-failure
|
||||
|
||||
RestartPreventExitStatus=1
|
||||
|
||||
# Sets open_files_limit
|
||||
LimitNOFILE = 10000
|
||||
|
||||
# Set enviroment variable MYSQLD_PARENT_PID. This is required for SQL restart command.
|
||||
Environment=MYSQLD_PARENT_PID=1
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
@ -1,27 +1,27 @@
|
||||
# It's not recommended to modify this file in-place, because it will be
|
||||
# overwritten during package upgrades. If you want to customize, the
|
||||
# best way is to create a file "/etc/systemd/system/@DAEMON_NAME@.service",
|
||||
# containing
|
||||
# .include /usr/lib/systemd/system/@DAEMON_NAME@.service
|
||||
# ...make your changes here...
|
||||
# or create a file "/etc/systemd/system/@DAEMON_NAME@.service.d/foo.conf",
|
||||
# which doesn't need to include ".include" call and which will be parsed
|
||||
# after the file @DAEMON_NAME@.service itself is parsed.
|
||||
# best way is to use systemctl edit:
|
||||
#
|
||||
# $ systemctl edit @DAEMON_NAME@.service
|
||||
#
|
||||
# this will create file
|
||||
#
|
||||
# /etc/systemd/system/@DAEMON_NAME@.service.d/override.conf
|
||||
#
|
||||
# which be parsed after the file @DAEMON_NAME@.service itself is parsed.
|
||||
#
|
||||
# For example, if you want to increase mysql's open-files-limit to 20000
|
||||
# add following when editing with command above:
|
||||
#
|
||||
# [Service]
|
||||
# LimitNOFILE=20000
|
||||
#
|
||||
# Or if you require to execute pre and post scripts in the unit file as root, set
|
||||
# PermissionsStartOnly=true
|
||||
#
|
||||
# For more info about custom unit files, see systemd.unit(5) or
|
||||
# http://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F
|
||||
|
||||
# For example, if you want to increase mysql's open-files-limit to 10000,
|
||||
# you need to increase systemd's LimitNOFILE setting, so create a file named
|
||||
# "/etc/systemd/system/@DAEMON_NAME@.service.d/limits.conf" containing:
|
||||
# [Service]
|
||||
# LimitNOFILE=10000
|
||||
|
||||
# Or if you require to execute pre and post scripts in the unit file as root, set
|
||||
# PermissionsStartOnly=true
|
||||
|
||||
# Note: /usr/lib/... is recommended in the .include line though /lib/...
|
||||
# still works.
|
||||
#
|
||||
# Don't forget to reload systemd daemon after you change unit configuration:
|
||||
# root> systemctl --system daemon-reload
|
||||
|
||||
@ -31,7 +31,7 @@ After=syslog.target
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
Type=notify
|
||||
User=mysql
|
||||
Group=mysql
|
||||
|
||||
@ -39,7 +39,7 @@ ExecStartPre=@libexecdir@/mysql-check-socket --defaults-group-suffix=.%I
|
||||
ExecStartPre=@libexecdir@/mysql-prepare-db-dir --defaults-group-suffix=.%I %n
|
||||
# Note: we set --basedir to prevent probes that might trigger SELinux alarms,
|
||||
# per bug #547485
|
||||
ExecStart=@libexecdir@/mysqld --defaults-group-suffix=.%I --daemonize --basedir=@prefix@ --pid-file=@PID_FILE_DIR@/@DAEMON_NO_PREFIX@.pid
|
||||
ExecStart=@bindir@/mysqld --defaults-group-suffix=.%I --basedir=@prefix@
|
||||
ExecStartPost=@libexecdir@/mysql-check-upgrade --defaults-group-suffix=.%I
|
||||
ExecStopPost=@libexecdir@/mysql-wait-stop --defaults-group-suffix=.%I
|
||||
|
||||
@ -53,5 +53,11 @@ Restart=on-failure
|
||||
|
||||
RestartPreventExitStatus=1
|
||||
|
||||
# Sets open_files_limit
|
||||
LimitNOFILE = 10000
|
||||
|
||||
# Set enviroment variable MYSQLD_PARENT_PID. This is required for SQL restart command.
|
||||
Environment=MYSQLD_PARENT_PID=1
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
@ -1,25 +1,18 @@
|
||||
#
|
||||
# These groups are read by MySQL server.
|
||||
# This group are read by MySQL server.
|
||||
# Use it for options that only the server (but not clients) should see
|
||||
#
|
||||
# See the examples of server my.cnf files in /usr/share/mysql/
|
||||
#
|
||||
# For advice on how to change settings please see
|
||||
# http://dev.mysql.com/doc/refman/en/server-configuration-defaults.html
|
||||
|
||||
# this is read by the standalone daemon and embedded servers
|
||||
[server]
|
||||
|
||||
# this is only for the mysqld standalone daemon
|
||||
# Settings user and group are ignored when systemd is used.
|
||||
# If you need to run mysqld under a different user or group,
|
||||
# customize your systemd unit file for mysqld/mariadb according to the
|
||||
# customize your systemd unit file for mysqld according to the
|
||||
# instructions in http://fedoraproject.org/wiki/Systemd
|
||||
|
||||
[mysqld]
|
||||
datadir=@MYSQL_DATADIR@
|
||||
socket=@MYSQL_UNIX_ADDR@
|
||||
log-error=@LOG_LOCATION@
|
||||
pid-file=@PID_FILE_DIR@/@DAEMON_NO_PREFIX@.pid
|
||||
|
||||
|
||||
# this is only for embedded server
|
||||
[embedded]
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user