Update cnf and service files with MySQL 8.0 features and clean up patches.
This commit is contained in:
parent
ae8db5e0cc
commit
778f965ec1
@ -1,154 +0,0 @@
|
|||||||
Some test items assume the default SSL cipher is DHE-RSA-AES256-SHA,
|
|
||||||
which is no longer the case as of openssl 1.0.1.
|
|
||||||
This patch enhances connect command by an option to specify a cipher
|
|
||||||
and tests are adjusted to specify the expected cipher explicitly.
|
|
||||||
Upstream bug report: http://bugs.mysql.com/bug.php?id=64461
|
|
||||||
|
|
||||||
diff --git a/client/mysqltest.cc b/client/mysqltest.cc
|
|
||||||
index 2def9bd..128dc00 100644
|
|
||||||
--- a/client/mysqltest.cc
|
|
||||||
+++ b/client/mysqltest.cc
|
|
||||||
@@ -5503,6 +5503,7 @@ void do_connect(struct st_command *command)
|
|
||||||
my_bool con_pipe= 0, con_shm= 0, con_cleartext_enable= 0;
|
|
||||||
my_bool con_secure_auth= 1;
|
|
||||||
struct st_connection* con_slot;
|
|
||||||
+ char *con_cipher=NULL;
|
|
||||||
|
|
||||||
static DYNAMIC_STRING ds_connection_name;
|
|
||||||
static DYNAMIC_STRING ds_host;
|
|
||||||
@@ -5595,6 +5596,8 @@ void do_connect(struct st_command *command)
|
|
||||||
con_cleartext_enable= 1;
|
|
||||||
else if (!strncmp(con_options, "SKIPSECUREAUTH",14))
|
|
||||||
con_secure_auth= 0;
|
|
||||||
+ else if (!strncmp(con_options, "CIPHER:", 7))
|
|
||||||
+ con_cipher = con_options + 7;
|
|
||||||
else
|
|
||||||
die("Illegal option to connect: %.*s",
|
|
||||||
(int) (end - con_options), con_options);
|
|
||||||
@@ -5642,8 +5645,11 @@ void do_connect(struct st_command *command)
|
|
||||||
if (con_ssl)
|
|
||||||
{
|
|
||||||
#if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
|
|
||||||
+ /* default cipher */
|
|
||||||
+ if (con_cipher == NULL && opt_ssl_cipher != NULL)
|
|
||||||
+ con_cipher = opt_ssl_cipher;
|
|
||||||
mysql_ssl_set(&con_slot->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
|
|
||||||
- opt_ssl_capath, opt_ssl_cipher);
|
|
||||||
+ opt_ssl_capath, con_cipher);
|
|
||||||
mysql_options(&con_slot->mysql, MYSQL_OPT_SSL_CRL, opt_ssl_crl);
|
|
||||||
mysql_options(&con_slot->mysql, MYSQL_OPT_SSL_CRLPATH, opt_ssl_crlpath);
|
|
||||||
#if MYSQL_VERSION_ID >= 50000
|
|
||||||
diff --git a/mysql-test/r/openssl_1.result b/mysql-test/r/openssl_1.result
|
|
||||||
index a767a71..3c1ee27 100644
|
|
||||||
--- a/mysql-test/r/openssl_1.result
|
|
||||||
+++ b/mysql-test/r/openssl_1.result
|
|
||||||
@@ -197,8 +197,6 @@ Variable_name Value
|
|
||||||
Ssl_cipher EDH-RSA-DES-CBC3-SHA
|
|
||||||
Variable_name Value
|
|
||||||
Ssl_cipher AES256-SHA
|
|
||||||
-Variable_name Value
|
|
||||||
-Ssl_cipher RC4-SHA
|
|
||||||
select 'is still running; no cipher request crashed the server' as result from dual;
|
|
||||||
result
|
|
||||||
is still running; no cipher request crashed the server
|
|
||||||
diff --git a/mysql-test/t/openssl_1.test b/mysql-test/t/openssl_1.test
|
|
||||||
index 426de1e..f8c6203 100644
|
|
||||||
--- a/mysql-test/t/openssl_1.test
|
|
||||||
+++ b/mysql-test/t/openssl_1.test
|
|
||||||
@@ -20,13 +20,13 @@ grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA
|
|
||||||
grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
|
|
||||||
flush privileges;
|
|
||||||
|
|
||||||
-connect (con1,localhost,ssl_user1,,,,,SSL);
|
|
||||||
-connect (con2,localhost,ssl_user2,,,,,SSL);
|
|
||||||
-connect (con3,localhost,ssl_user3,,,,,SSL);
|
|
||||||
-connect (con4,localhost,ssl_user4,,,,,SSL);
|
|
||||||
+connect (con1,localhost,ssl_user1,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
|
||||||
+connect (con2,localhost,ssl_user2,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
|
||||||
+connect (con3,localhost,ssl_user3,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
|
||||||
+connect (con4,localhost,ssl_user4,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
|
||||||
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
||||||
--error ER_ACCESS_DENIED_ERROR
|
|
||||||
-connect (con5,localhost,ssl_user5,,,,,SSL);
|
|
||||||
+connect (con5,localhost,ssl_user5,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
|
||||||
|
|
||||||
connection con1;
|
|
||||||
# Check ssl turned on
|
|
||||||
@@ -125,7 +125,7 @@ drop table t1;
|
|
||||||
# verification of servers certificate by setting both ca certificate
|
|
||||||
# and ca path to NULL
|
|
||||||
#
|
|
||||||
---exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
|
|
||||||
+--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem --ssl-cipher=DHE-RSA-AES256-SHA -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
|
|
||||||
--echo End of 5.0 tests
|
|
||||||
|
|
||||||
#
|
|
||||||
@@ -215,7 +215,6 @@ DROP TABLE t1;
|
|
||||||
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=DHE-RSA-AES256-SHA
|
|
||||||
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=EDH-RSA-DES-CBC3-SHA
|
|
||||||
--exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=AES256-SHA
|
|
||||||
---exec $MYSQL --host=localhost -e "SHOW STATUS LIKE 'Ssl_cipher';" --ssl-cipher=RC4-SHA
|
|
||||||
--disable_query_log
|
|
||||||
--disable_result_log
|
|
||||||
|
|
||||||
@@ -250,7 +249,7 @@ select 'is still running; no cipher request crashed the server' as result from d
|
|
||||||
|
|
||||||
GRANT SELECT ON test.* TO bug42158@localhost REQUIRE X509;
|
|
||||||
FLUSH PRIVILEGES;
|
|
||||||
-connect(con1,localhost,bug42158,,,,,SSL);
|
|
||||||
+connect(con1,localhost,bug42158,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
|
||||||
SHOW STATUS LIKE 'Ssl_cipher';
|
|
||||||
disconnect con1;
|
|
||||||
connection default;
|
|
||||||
diff --git a/mysql-test/t/plugin_auth_sha256_tls.test b/mysql-test/t/plugin_auth_sha256_tls.test
|
|
||||||
index f99df8a..1b38fda 100644
|
|
||||||
--- a/mysql-test/t/plugin_auth_sha256_tls.test
|
|
||||||
+++ b/mysql-test/t/plugin_auth_sha256_tls.test
|
|
||||||
@@ -1,7 +1,7 @@
|
|
||||||
--source include/not_embedded.inc
|
|
||||||
--source include/have_ssl.inc
|
|
||||||
|
|
||||||
-connect (ssl_con,localhost,root,,,,,SSL);
|
|
||||||
+connect (ssl_con,localhost,root,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
|
||||||
SHOW STATUS LIKE 'Ssl_cipher';
|
|
||||||
|
|
||||||
CREATE USER 'kristofer' IDENTIFIED WITH 'sha256_password';
|
|
||||||
diff --git a/mysql-test/t/ssl.test b/mysql-test/t/ssl.test
|
|
||||||
index ea8be39..c61ca8b 100644
|
|
||||||
--- a/mysql-test/t/ssl.test
|
|
||||||
+++ b/mysql-test/t/ssl.test
|
|
||||||
@@ -8,7 +8,7 @@
|
|
||||||
# Save the initial number of concurrent sessions
|
|
||||||
--source include/count_sessions.inc
|
|
||||||
|
|
||||||
-connect (ssl_con,localhost,root,,,,,SSL);
|
|
||||||
+connect (ssl_con,localhost,root,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
|
|
||||||
|
|
||||||
# Check ssl turned on
|
|
||||||
SHOW STATUS LIKE 'Ssl_cipher';
|
|
||||||
diff --git a/mysql-test/t/ssl_8k_key.test b/mysql-test/t/ssl_8k_key.test
|
|
||||||
index d94c2fc..c27ca58 100644
|
|
||||||
--- a/mysql-test/t/ssl_8k_key.test
|
|
||||||
+++ b/mysql-test/t/ssl_8k_key.test
|
|
||||||
@@ -4,7 +4,7 @@
|
|
||||||
#
|
|
||||||
# Bug#29784 YaSSL assertion failure when reading 8k key.
|
|
||||||
#
|
|
||||||
---exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
|
|
||||||
+--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem --ssl-cipher=DHE-RSA-AES256-SHA -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
|
|
||||||
|
|
||||||
## This test file is for testing encrypted communication only, not other
|
|
||||||
## encryption routines that the SSL library happens to provide!
|
|
||||||
diff --git a/mysql-test/t/ssl_compress.test b/mysql-test/t/ssl_compress.test
|
|
||||||
index 2cb4c0d..feaa0e7 100644
|
|
||||||
--- a/mysql-test/t/ssl_compress.test
|
|
||||||
+++ b/mysql-test/t/ssl_compress.test
|
|
||||||
@@ -9,7 +9,7 @@
|
|
||||||
# Save the initial number of concurrent sessions
|
|
||||||
--source include/count_sessions.inc
|
|
||||||
|
|
||||||
-connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS);
|
|
||||||
+connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS CIPHER:DHE-RSA-AES256-SHA);
|
|
||||||
|
|
||||||
# Check ssl turned on
|
|
||||||
SHOW STATUS LIKE 'Ssl_cipher';
|
|
@ -1,50 +0,0 @@
|
|||||||
Added to address RHBZ#1449689
|
|
||||||
|
|
||||||
Original patch notes from <hhorak@redhat.com> follows:
|
|
||||||
|
|
||||||
...
|
|
||||||
|
|
||||||
In FIPS mode there is no md5 by default, unless declared it is specifically
|
|
||||||
allowed. MD5 is used for non-crypto related things in MySQL (digests related
|
|
||||||
to performance schema and table list), so it is ok to use MD5 there.
|
|
||||||
|
|
||||||
However, there is also MD5() SQL function, that should still keep working,
|
|
||||||
but users should know they should avoid using it in FIPS mode.
|
|
||||||
|
|
||||||
RHBZ: #1351791
|
|
||||||
|
|
||||||
Upstream bug reports:
|
|
||||||
http://bugs.mysql.com/bug.php?id=83696
|
|
||||||
https://jira.mariadb.org/browse/MDEV-7788
|
|
||||||
|
|
||||||
|
|
||||||
diff -Naurp mysql-5.7.18_original/mysys_ssl/my_md5.cc mysql-5.7.18_patched/mysys_ssl/my_md5.cc
|
|
||||||
--- mysql-5.7.18_original/mysys_ssl/my_md5.cc 2017-03-18 08:45:14.000000000 +0100
|
|
||||||
+++ mysql-5.7.18_patched/mysys_ssl/my_md5.cc 2017-05-12 12:19:38.584814619 +0200
|
|
||||||
@@ -38,13 +38,22 @@ static void my_md5_hash(char *digest, co
|
|
||||||
|
|
||||||
#elif defined(HAVE_OPENSSL)
|
|
||||||
#include <openssl/md5.h>
|
|
||||||
+#include <openssl/evp.h>
|
|
||||||
|
|
||||||
static void my_md5_hash(unsigned char* digest, unsigned const char *buf, int len)
|
|
||||||
{
|
|
||||||
- MD5_CTX ctx;
|
|
||||||
- MD5_Init (&ctx);
|
|
||||||
- MD5_Update (&ctx, buf, len);
|
|
||||||
- MD5_Final (digest, &ctx);
|
|
||||||
+ EVP_MD_CTX *ctx;
|
|
||||||
+ ctx = EVP_MD_CTX_create();
|
|
||||||
+
|
|
||||||
+ #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
|
|
||||||
+ /* we will be using MD5, which is not allowed under FIPS */
|
|
||||||
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
|
|
||||||
+ #endif
|
|
||||||
+
|
|
||||||
+ EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
|
|
||||||
+ EVP_DigestUpdate(ctx, buf, len);
|
|
||||||
+ EVP_DigestFinal_ex(ctx, digest, NULL);
|
|
||||||
+ EVP_MD_CTX_destroy(ctx);
|
|
||||||
}
|
|
||||||
|
|
||||||
#endif /* HAVE_YASSL */
|
|
@ -4,7 +4,7 @@ Software Collections. Removing these hard-coded paths should fix it.
|
|||||||
Upstream report: https://mariadb.atlassian.net/browse/MDEV-6485
|
Upstream report: https://mariadb.atlassian.net/browse/MDEV-6485
|
||||||
|
|
||||||
diff --git a/cmake/install_layout.cmake b/cmake/install_layout.cmake
|
diff --git a/cmake/install_layout.cmake b/cmake/install_layout.cmake
|
||||||
index ec2b492..43e4ccd 100644
|
index f5ac0bf2..cd3132de 100644
|
||||||
--- a/cmake/install_layout.cmake
|
--- a/cmake/install_layout.cmake
|
||||||
+++ b/cmake/install_layout.cmake
|
+++ b/cmake/install_layout.cmake
|
||||||
@@ -114,7 +114,7 @@ IF(UNIX)
|
@@ -114,7 +114,7 @@ IF(UNIX)
|
||||||
@ -25,10 +25,10 @@ index ec2b492..43e4ccd 100644
|
|||||||
IF(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64")
|
IF(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64")
|
||||||
SET(INSTALL_LIBDIR_RPM "lib64")
|
SET(INSTALL_LIBDIR_RPM "lib64")
|
||||||
diff --git a/mysys_ssl/my_default.cc b/mysys_ssl/my_default.cc
|
diff --git a/mysys_ssl/my_default.cc b/mysys_ssl/my_default.cc
|
||||||
index 2d76700..02c5885 100644
|
index 1317e362..cfa0feb7 100644
|
||||||
--- a/mysys_ssl/my_default.cc
|
--- a/mysys_ssl/my_default.cc
|
||||||
+++ b/mysys_ssl/my_default.cc
|
+++ b/mysys_ssl/my_default.cc
|
||||||
@@ -1733,12 +1733,12 @@ static const char **init_default_directories(MEM_ROOT *alloc)
|
@@ -1570,12 +1570,12 @@ static const char **init_default_directories(MEM_ROOT *alloc) {
|
||||||
|
|
||||||
#else
|
#else
|
||||||
|
|
||||||
@ -45,20 +45,32 @@ index 2d76700..02c5885 100644
|
|||||||
|
|
||||||
#endif
|
#endif
|
||||||
diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt
|
diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt
|
||||||
index c66a910..af9bc9e 100644
|
index c1202103..06a055b1 100644
|
||||||
--- a/scripts/CMakeLists.txt
|
--- a/scripts/CMakeLists.txt
|
||||||
+++ b/scripts/CMakeLists.txt
|
+++ b/scripts/CMakeLists.txt
|
||||||
@@ -324,7 +324,7 @@ ELSE()
|
@@ -315,7 +315,7 @@ ENDIF(UNIX)
|
||||||
|
|
||||||
|
SET(bindir ${prefix}/${INSTALL_BINDIR})
|
||||||
|
SET(sbindir ${prefix}/${INSTALL_SBINDIR})
|
||||||
|
-SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
|
||||||
|
+SET(libexecdir ${prefix}/${INSTALL_LIBEXECDIR})
|
||||||
|
SET(pkgdatadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
|
||||||
|
IF(INSTALL_LAYOUT MATCHES "STANDALONE")
|
||||||
|
SET(localstatedir ${prefix}/data)
|
||||||
|
@@ -324,9 +324,9 @@ ELSE()
|
||||||
ENDIF()
|
ENDIF()
|
||||||
|
|
||||||
SET(prefix "${CMAKE_INSTALL_PREFIX}")
|
SET(prefix "${CMAKE_INSTALL_PREFIX}")
|
||||||
-SET(sysconfdir ${prefix})
|
-SET(sysconfdir ${prefix})
|
||||||
+SET(sysconfdir ${SYSCONFDIR})
|
+SET(sysconfdir ${SYSCONFDIR})
|
||||||
SET(bindir ${prefix}/${INSTALL_BINDIR})
|
SET(bindir ${prefix}/${INSTALL_BINDIR})
|
||||||
SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
|
-SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
|
||||||
|
+SET(libexecdir ${prefix}/${INSTALL_LIBEXECDIR})
|
||||||
SET(datadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
|
SET(datadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
|
||||||
|
SET(pkgdatadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
|
||||||
|
SET(libsubdir ${INSTALL_LIBDIR})
|
||||||
diff --git a/scripts/mysqld_multi.sh b/scripts/mysqld_multi.sh
|
diff --git a/scripts/mysqld_multi.sh b/scripts/mysqld_multi.sh
|
||||||
index 5ad36e7..5dd032f 100644
|
index 5ad36e7b..5dd032f2 100644
|
||||||
--- a/scripts/mysqld_multi.sh
|
--- a/scripts/mysqld_multi.sh
|
||||||
+++ b/scripts/mysqld_multi.sh
|
+++ b/scripts/mysqld_multi.sh
|
||||||
@@ -572,9 +572,7 @@ sub list_defaults_files
|
@@ -572,9 +572,7 @@ sub list_defaults_files
|
||||||
|
@ -80,7 +80,7 @@
|
|||||||
|
|
||||||
Name: community-mysql
|
Name: community-mysql
|
||||||
Version: 8.0.11
|
Version: 8.0.11
|
||||||
Release: 1%{?with_debug:.debug}%{?dist}
|
Release: 2%{?with_debug:.debug}%{?dist}
|
||||||
Summary: MySQL client programs and shared libraries
|
Summary: MySQL client programs and shared libraries
|
||||||
URL: http://www.mysql.com
|
URL: http://www.mysql.com
|
||||||
|
|
||||||
@ -112,10 +112,9 @@ Source31: server.cnf.in
|
|||||||
# Patches common for more mysql-like packages
|
# Patches common for more mysql-like packages
|
||||||
Patch1: %{pkgnamepatch}-install-test.patch
|
Patch1: %{pkgnamepatch}-install-test.patch
|
||||||
Patch2: %{pkgnamepatch}-s390-tsc.patch
|
Patch2: %{pkgnamepatch}-s390-tsc.patch
|
||||||
Patch4: %{pkgnamepatch}-file-contents.patch
|
Patch3: %{pkgnamepatch}-file-contents.patch
|
||||||
Patch5: %{pkgnamepatch}-scripts.patch
|
Patch4: %{pkgnamepatch}-scripts.patch
|
||||||
Patch6: %{pkgnamepatch}-paths.patch
|
Patch5: %{pkgnamepatch}-paths.patch
|
||||||
Patch7: %{pkgnamepatch}-md5_fips.patch
|
|
||||||
|
|
||||||
# Patches specific for this mysql package
|
# Patches specific for this mysql package
|
||||||
Patch51: %{pkgnamepatch}-chain-certs.patch
|
Patch51: %{pkgnamepatch}-chain-certs.patch
|
||||||
@ -353,9 +352,9 @@ the MySQL sources.
|
|||||||
%setup -q -n mysql-%{version}
|
%setup -q -n mysql-%{version}
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
%patch5 -p1
|
%patch5 -p1
|
||||||
%patch6 -p1
|
|
||||||
%patch51 -p1
|
%patch51 -p1
|
||||||
%patch52 -p1
|
%patch52 -p1
|
||||||
%patch75 -p1
|
%patch75 -p1
|
||||||
@ -485,12 +484,13 @@ cmake .. \
|
|||||||
-DINSTALL_DOCREADMEDIR="share/doc/%{_pkgdocdirname}" \
|
-DINSTALL_DOCREADMEDIR="share/doc/%{_pkgdocdirname}" \
|
||||||
-DINSTALL_INCLUDEDIR=include/mysql \
|
-DINSTALL_INCLUDEDIR=include/mysql \
|
||||||
-DINSTALL_INFODIR=share/info \
|
-DINSTALL_INFODIR=share/info \
|
||||||
|
-DINSTALL_LIBEXECDIR=libexec \
|
||||||
-DINSTALL_LIBDIR="%{_lib}/mysql" \
|
-DINSTALL_LIBDIR="%{_lib}/mysql" \
|
||||||
-DINSTALL_MANDIR=share/man \
|
-DINSTALL_MANDIR=share/man \
|
||||||
-DINSTALL_MYSQLSHAREDIR=share/%{pkg_name} \
|
-DINSTALL_MYSQLSHAREDIR=share/%{pkg_name} \
|
||||||
-DINSTALL_MYSQLTESTDIR=share/mysql-test \
|
-DINSTALL_MYSQLTESTDIR=share/mysql-test \
|
||||||
-DINSTALL_PLUGINDIR="%{_lib}/mysql/plugin" \
|
-DINSTALL_PLUGINDIR="%{_lib}/mysql/plugin" \
|
||||||
-DINSTALL_SBINDIR=libexec \
|
-DINSTALL_SBINDIR=bin \
|
||||||
-DINSTALL_SUPPORTFILESDIR=share/%{pkg_name} \
|
-DINSTALL_SUPPORTFILESDIR=share/%{pkg_name} \
|
||||||
-DMYSQL_DATADIR="%{dbdatadir}" \
|
-DMYSQL_DATADIR="%{dbdatadir}" \
|
||||||
-DMYSQL_UNIX_ADDR="/var/lib/mysql/mysql.sock" \
|
-DMYSQL_UNIX_ADDR="/var/lib/mysql/mysql.sock" \
|
||||||
@ -568,7 +568,7 @@ install -p -m 755 scripts/mysql-wait-ready %{buildroot}%{_libexecdir}/mysql-wait
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
# helper scripts for service starting
|
# helper scripts for service starting
|
||||||
install -p -m 755 scripts/mysql-prepare-db-dir %{buildroot}%{_libexecdir}/mysql-prepare-db-dir
|
install -D -p -m 755 scripts/mysql-prepare-db-dir %{buildroot}%{_libexecdir}/mysql-prepare-db-dir
|
||||||
install -p -m 755 scripts/mysql-wait-stop %{buildroot}%{_libexecdir}/mysql-wait-stop
|
install -p -m 755 scripts/mysql-wait-stop %{buildroot}%{_libexecdir}/mysql-wait-stop
|
||||||
install -p -m 755 scripts/mysql-check-socket %{buildroot}%{_libexecdir}/mysql-check-socket
|
install -p -m 755 scripts/mysql-check-socket %{buildroot}%{_libexecdir}/mysql-check-socket
|
||||||
install -p -m 755 scripts/mysql-check-upgrade %{buildroot}%{_libexecdir}/mysql-check-upgrade
|
install -p -m 755 scripts/mysql-check-upgrade %{buildroot}%{_libexecdir}/mysql-check-upgrade
|
||||||
@ -595,7 +595,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/ld.so.conf.d
|
|||||||
echo "%{_libdir}/mysql" > %{buildroot}%{_sysconfdir}/ld.so.conf.d/%{name}-%{_arch}.conf
|
echo "%{_libdir}/mysql" > %{buildroot}%{_sysconfdir}/ld.so.conf.d/%{name}-%{_arch}.conf
|
||||||
|
|
||||||
%if %{with debug}
|
%if %{with debug}
|
||||||
mv %{buildroot}%{_libexecdir}/mysqld-debug %{buildroot}%{_libexecdir}/mysqld
|
mv %{buildroot}%{_bindir}/mysqld-debug %{buildroot}%{_bindir}/mysqld
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
# Back to src dir
|
# Back to src dir
|
||||||
@ -833,7 +833,7 @@ fi
|
|||||||
|
|
||||||
%config(noreplace) %{_sysconfdir}/my.cnf.d/%{pkg_name}-server.cnf
|
%config(noreplace) %{_sysconfdir}/my.cnf.d/%{pkg_name}-server.cnf
|
||||||
|
|
||||||
%{_libexecdir}/mysqld
|
%{_bindir}/mysqld
|
||||||
|
|
||||||
%{_libdir}/mysql/INFO_SRC
|
%{_libdir}/mysql/INFO_SRC
|
||||||
%{_libdir}/mysql/INFO_BIN
|
%{_libdir}/mysql/INFO_BIN
|
||||||
@ -922,6 +922,19 @@ fi
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon May 14 2018 Norvald H. Ryeng <norvald.ryeng@oracle.com> - 8.0.11-2
|
||||||
|
- MySQL 8.0 has notify support
|
||||||
|
- SQL restart command needs MYSQLD_PARENT_PID=1
|
||||||
|
- Increase LimitNOFILE
|
||||||
|
- Disable symbolic links is default (and option deprecated)
|
||||||
|
- Move mysqld to /usr/bin, with mysqld_safe gone there no reason
|
||||||
|
to have mysqld in libexec
|
||||||
|
- FIPS mode is now supported:
|
||||||
|
https://dev.mysql.com/doc/refman/8.0/en/fips-mode.html
|
||||||
|
- Remove legacy embedded refs from cnf files
|
||||||
|
- Clean up patches: re-numbering and removing
|
||||||
|
- Recommend to use systemctl edit to modify service files
|
||||||
|
|
||||||
* Fri Apr 20 2018 Norvald H. Ryeng <norvald.ryeng@oracle.com> - 8.0.11-1
|
* Fri Apr 20 2018 Norvald H. Ryeng <norvald.ryeng@oracle.com> - 8.0.11-1
|
||||||
- Update to MySQL 8.0.11 (GA).
|
- Update to MySQL 8.0.11 (GA).
|
||||||
|
|
||||||
|
@ -8,8 +8,6 @@
|
|||||||
# This group is read by the server
|
# This group is read by the server
|
||||||
#
|
#
|
||||||
[mysqld]
|
[mysqld]
|
||||||
# Disabling symbolic-links is recommended to prevent assorted security risks
|
|
||||||
symbolic-links=0
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# include all files from the config directory
|
# include all files from the config directory
|
||||||
|
@ -94,7 +94,7 @@ if should_initialize "$datadir" ; then
|
|||||||
|
|
||||||
# Now create the database
|
# Now create the database
|
||||||
echo "Initializing @NICE_PROJECT_NAME@ database"
|
echo "Initializing @NICE_PROJECT_NAME@ database"
|
||||||
@libexecdir@/mysqld --initialize-insecure --datadir="$datadir" --user="$myuser"
|
@bindir@/mysqld --initialize-insecure --datadir="$datadir" --user="$myuser"
|
||||||
ret=$?
|
ret=$?
|
||||||
if [ $ret -ne 0 ] ; then
|
if [ $ret -ne 0 ] ; then
|
||||||
echo "Initialization of @NICE_PROJECT_NAME@ database failed." >&2
|
echo "Initialization of @NICE_PROJECT_NAME@ database failed." >&2
|
||||||
|
@ -1,27 +1,27 @@
|
|||||||
# It's not recommended to modify this file in-place, because it will be
|
# It's not recommended to modify this file in-place, because it will be
|
||||||
# overwritten during package upgrades. If you want to customize, the
|
# overwritten during package upgrades. If you want to customize, the
|
||||||
# best way is to create a file "/etc/systemd/system/@DAEMON_NAME@.service",
|
# best way is to use systemctl edit:
|
||||||
# containing
|
#
|
||||||
# .include /usr/lib/systemd/system/@DAEMON_NAME@.service
|
# $ systemctl edit @DAEMON_NAME@.service
|
||||||
# ...make your changes here...
|
#
|
||||||
# or create a file "/etc/systemd/system/@DAEMON_NAME@.service.d/foo.conf",
|
# this will create file
|
||||||
# which doesn't need to include ".include" call and which will be parsed
|
#
|
||||||
# after the file @DAEMON_NAME@.service itself is parsed.
|
# /etc/systemd/system/@DAEMON_NAME@.service.d/override.conf
|
||||||
|
#
|
||||||
|
# which be parsed after the file @DAEMON_NAME@.service itself is parsed.
|
||||||
|
#
|
||||||
|
# For example, if you want to increase mysql's open-files-limit to 20000
|
||||||
|
# add following when editing with command above:
|
||||||
|
#
|
||||||
|
# [Service]
|
||||||
|
# LimitNOFILE=20000
|
||||||
|
#
|
||||||
|
# Or if you require to execute pre and post scripts in the unit file as root, set
|
||||||
|
# PermissionsStartOnly=true
|
||||||
#
|
#
|
||||||
# For more info about custom unit files, see systemd.unit(5) or
|
# For more info about custom unit files, see systemd.unit(5) or
|
||||||
# http://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F
|
# http://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F
|
||||||
|
#
|
||||||
# For example, if you want to increase mysql's open-files-limit to 10000,
|
|
||||||
# you need to increase systemd's LimitNOFILE setting, so create a file named
|
|
||||||
# "/etc/systemd/system/@DAEMON_NAME@.service.d/limits.conf" containing:
|
|
||||||
# [Service]
|
|
||||||
# LimitNOFILE=10000
|
|
||||||
|
|
||||||
# Or if you require to execute pre and post scripts in the unit file as root, set
|
|
||||||
# PermissionsStartOnly=true
|
|
||||||
|
|
||||||
# Note: /usr/lib/... is recommended in the .include line though /lib/...
|
|
||||||
# still works.
|
|
||||||
# Don't forget to reload systemd daemon after you change unit configuration:
|
# Don't forget to reload systemd daemon after you change unit configuration:
|
||||||
# root> systemctl --system daemon-reload
|
# root> systemctl --system daemon-reload
|
||||||
|
|
||||||
@ -31,16 +31,15 @@ After=syslog.target
|
|||||||
After=network.target
|
After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=forking
|
Type=notify
|
||||||
User=mysql
|
User=mysql
|
||||||
Group=mysql
|
Group=mysql
|
||||||
PIDFile=@PID_FILE_DIR@/@DAEMON_NO_PREFIX@.pid
|
|
||||||
|
|
||||||
ExecStartPre=@libexecdir@/mysql-check-socket
|
ExecStartPre=@libexecdir@/mysql-check-socket
|
||||||
ExecStartPre=@libexecdir@/mysql-prepare-db-dir %n
|
ExecStartPre=@libexecdir@/mysql-prepare-db-dir %n
|
||||||
# Note: we set --basedir to prevent probes that might trigger SELinux alarms,
|
# Note: we set --basedir to prevent probes that might trigger SELinux alarms,
|
||||||
# per bug #547485
|
# per bug #547485
|
||||||
ExecStart=@libexecdir@/mysqld --daemonize --basedir=@prefix@ --pid-file=@PID_FILE_DIR@/@DAEMON_NO_PREFIX@.pid
|
ExecStart=@bindir@/mysqld --basedir=@prefix@
|
||||||
ExecStartPost=@libexecdir@/mysql-check-upgrade
|
ExecStartPost=@libexecdir@/mysql-check-upgrade
|
||||||
ExecStopPost=@libexecdir@/mysql-wait-stop
|
ExecStopPost=@libexecdir@/mysql-wait-stop
|
||||||
|
|
||||||
@ -54,5 +53,11 @@ Restart=on-failure
|
|||||||
|
|
||||||
RestartPreventExitStatus=1
|
RestartPreventExitStatus=1
|
||||||
|
|
||||||
|
# Sets open_files_limit
|
||||||
|
LimitNOFILE = 10000
|
||||||
|
|
||||||
|
# Set enviroment variable MYSQLD_PARENT_PID. This is required for SQL restart command.
|
||||||
|
Environment=MYSQLD_PARENT_PID=1
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
@ -1,27 +1,27 @@
|
|||||||
# It's not recommended to modify this file in-place, because it will be
|
# It's not recommended to modify this file in-place, because it will be
|
||||||
# overwritten during package upgrades. If you want to customize, the
|
# overwritten during package upgrades. If you want to customize, the
|
||||||
# best way is to create a file "/etc/systemd/system/@DAEMON_NAME@.service",
|
# best way is to use systemctl edit:
|
||||||
# containing
|
#
|
||||||
# .include /usr/lib/systemd/system/@DAEMON_NAME@.service
|
# $ systemctl edit @DAEMON_NAME@.service
|
||||||
# ...make your changes here...
|
#
|
||||||
# or create a file "/etc/systemd/system/@DAEMON_NAME@.service.d/foo.conf",
|
# this will create file
|
||||||
# which doesn't need to include ".include" call and which will be parsed
|
#
|
||||||
# after the file @DAEMON_NAME@.service itself is parsed.
|
# /etc/systemd/system/@DAEMON_NAME@.service.d/override.conf
|
||||||
|
#
|
||||||
|
# which be parsed after the file @DAEMON_NAME@.service itself is parsed.
|
||||||
|
#
|
||||||
|
# For example, if you want to increase mysql's open-files-limit to 20000
|
||||||
|
# add following when editing with command above:
|
||||||
|
#
|
||||||
|
# [Service]
|
||||||
|
# LimitNOFILE=20000
|
||||||
|
#
|
||||||
|
# Or if you require to execute pre and post scripts in the unit file as root, set
|
||||||
|
# PermissionsStartOnly=true
|
||||||
#
|
#
|
||||||
# For more info about custom unit files, see systemd.unit(5) or
|
# For more info about custom unit files, see systemd.unit(5) or
|
||||||
# http://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F
|
# http://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F
|
||||||
|
#
|
||||||
# For example, if you want to increase mysql's open-files-limit to 10000,
|
|
||||||
# you need to increase systemd's LimitNOFILE setting, so create a file named
|
|
||||||
# "/etc/systemd/system/@DAEMON_NAME@.service.d/limits.conf" containing:
|
|
||||||
# [Service]
|
|
||||||
# LimitNOFILE=10000
|
|
||||||
|
|
||||||
# Or if you require to execute pre and post scripts in the unit file as root, set
|
|
||||||
# PermissionsStartOnly=true
|
|
||||||
|
|
||||||
# Note: /usr/lib/... is recommended in the .include line though /lib/...
|
|
||||||
# still works.
|
|
||||||
# Don't forget to reload systemd daemon after you change unit configuration:
|
# Don't forget to reload systemd daemon after you change unit configuration:
|
||||||
# root> systemctl --system daemon-reload
|
# root> systemctl --system daemon-reload
|
||||||
|
|
||||||
@ -31,7 +31,7 @@ After=syslog.target
|
|||||||
After=network.target
|
After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=forking
|
Type=notify
|
||||||
User=mysql
|
User=mysql
|
||||||
Group=mysql
|
Group=mysql
|
||||||
|
|
||||||
@ -39,7 +39,7 @@ ExecStartPre=@libexecdir@/mysql-check-socket --defaults-group-suffix=.%I
|
|||||||
ExecStartPre=@libexecdir@/mysql-prepare-db-dir --defaults-group-suffix=.%I %n
|
ExecStartPre=@libexecdir@/mysql-prepare-db-dir --defaults-group-suffix=.%I %n
|
||||||
# Note: we set --basedir to prevent probes that might trigger SELinux alarms,
|
# Note: we set --basedir to prevent probes that might trigger SELinux alarms,
|
||||||
# per bug #547485
|
# per bug #547485
|
||||||
ExecStart=@libexecdir@/mysqld --defaults-group-suffix=.%I --daemonize --basedir=@prefix@ --pid-file=@PID_FILE_DIR@/@DAEMON_NO_PREFIX@.pid
|
ExecStart=@bindir@/mysqld --defaults-group-suffix=.%I --basedir=@prefix@
|
||||||
ExecStartPost=@libexecdir@/mysql-check-upgrade --defaults-group-suffix=.%I
|
ExecStartPost=@libexecdir@/mysql-check-upgrade --defaults-group-suffix=.%I
|
||||||
ExecStopPost=@libexecdir@/mysql-wait-stop --defaults-group-suffix=.%I
|
ExecStopPost=@libexecdir@/mysql-wait-stop --defaults-group-suffix=.%I
|
||||||
|
|
||||||
@ -53,5 +53,11 @@ Restart=on-failure
|
|||||||
|
|
||||||
RestartPreventExitStatus=1
|
RestartPreventExitStatus=1
|
||||||
|
|
||||||
|
# Sets open_files_limit
|
||||||
|
LimitNOFILE = 10000
|
||||||
|
|
||||||
|
# Set enviroment variable MYSQLD_PARENT_PID. This is required for SQL restart command.
|
||||||
|
Environment=MYSQLD_PARENT_PID=1
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
@ -1,25 +1,18 @@
|
|||||||
#
|
#
|
||||||
# These groups are read by MySQL server.
|
# This group are read by MySQL server.
|
||||||
# Use it for options that only the server (but not clients) should see
|
# Use it for options that only the server (but not clients) should see
|
||||||
#
|
#
|
||||||
# See the examples of server my.cnf files in /usr/share/mysql/
|
# For advice on how to change settings please see
|
||||||
#
|
# http://dev.mysql.com/doc/refman/en/server-configuration-defaults.html
|
||||||
|
|
||||||
# this is read by the standalone daemon and embedded servers
|
|
||||||
[server]
|
|
||||||
|
|
||||||
# this is only for the mysqld standalone daemon
|
|
||||||
# Settings user and group are ignored when systemd is used.
|
# Settings user and group are ignored when systemd is used.
|
||||||
# If you need to run mysqld under a different user or group,
|
# If you need to run mysqld under a different user or group,
|
||||||
# customize your systemd unit file for mysqld/mariadb according to the
|
# customize your systemd unit file for mysqld according to the
|
||||||
# instructions in http://fedoraproject.org/wiki/Systemd
|
# instructions in http://fedoraproject.org/wiki/Systemd
|
||||||
|
|
||||||
[mysqld]
|
[mysqld]
|
||||||
datadir=@MYSQL_DATADIR@
|
datadir=@MYSQL_DATADIR@
|
||||||
socket=@MYSQL_UNIX_ADDR@
|
socket=@MYSQL_UNIX_ADDR@
|
||||||
log-error=@LOG_LOCATION@
|
log-error=@LOG_LOCATION@
|
||||||
pid-file=@PID_FILE_DIR@/@DAEMON_NO_PREFIX@.pid
|
pid-file=@PID_FILE_DIR@/@DAEMON_NO_PREFIX@.pid
|
||||||
|
|
||||||
|
|
||||||
# this is only for embedded server
|
|
||||||
[embedded]
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user