Ubuntu
mysql-5.5 package

Postinst overrides permissions on /var/lib/mysql-files

Bug #1734129 reported by Sigurd Urdahl
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
mysql-5.5 (Ubuntu)
Confirmed
Wishlist
Unassigned
mysql-5.6 (Ubuntu)
Confirmed
Wishlist
Unassigned
mysql-5.7 (Ubuntu)
Triaged
Wishlist
Unassigned

Bug Description

Description: Ubuntu 14.04.5 LTS
Release: 14.04

mysql-server-5.5:
  Installed: 5.5.58-0ubuntu0.14.04.1
  Candidate: 5.5.58-0ubuntu0.14.04.1

Postinst sets 0700 permissions on /var/lib/mysql-files regardless of current permissions, thus overriding local changes.

DEBIAN/postinst:
135: chmod 700 $mysql_filesdir

Expected behaviour: If directory exists; preserve permissions.

Ownership is treated the same way with a recursive "chown mysql.mysql". Ownership should probably be preserved too.

Tags: patch
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Hi Sigurd,
this is present up to the latest version of mysql.
So I'm adding tasks for them as well.

I remember having seen the discussion about ucf or something else to be used for that but it was low-gain/high-effort and therefore so far neglected. I can't find that old bug, I will update here if I do so.

In my (personal and humble) opinion this is a valid, but low prio issue.
Leaving it for Lars (Maintainer) to decide on it.

Changed in mysql-5.5 (Ubuntu):
status: New → Confirmed
Changed in mysql-5.6 (Ubuntu):
status: New → Confirmed
Changed in mysql-5.7 (Ubuntu):
status: New → Confirmed
importance: Undecided → Low
Changed in mysql-5.6 (Ubuntu):
importance: Undecided → Wishlist
Changed in mysql-5.7 (Ubuntu):
importance: Low → Wishlist
Changed in mysql-5.5 (Ubuntu):
importance: Undecided → Wishlist
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

In general I think if one comes up with a working patch people are willing to review&test but I'd not expect dev's to jump onto this as it might cause as much trouble (e.g. fail after upgrade as it can#t start on the custom permission dir).

Revision history for this message
Sigurd Urdahl (sigurdur) wrote :

Thank you Christian! And sorry for the late follow-up.

I agree that this is low prio, but low hanging fruit can be tasty too:-)

I have made a simple patch that envelopes the chmod and chown inside the if that runs mkdir.

I can't see any scenario where this change will have negative effects.

kind regards,
-sigurd

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "Diff for DEBIAN/postinst for mysql-5.*" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Revision history for this message
Lars Tangvald (lars-tangvald) wrote :

This is basically how upstream packaging does it (with some additional restrictions: https://github.com/mysql/mysql-server/blob/5.7/packaging/deb-in/extra/mysql-helpers#L76); if the directory already exists it isn't touched.
There are some restrictions on what the permissions on the secure-file-priv location should be (the server will log a warning if it considers the directory insecure), but the proposed change will just make it more in line with the upstream packaging.

The patch needs an indentation fix, though :)

Revision history for this message
Sigurd Urdahl (sigurdur) wrote :

Thanks Lars!

And indeed it was that pesky indentation again;-) This new one should be better

-sig

Robie Basak (racb)
Changed in mysql-5.7 (Ubuntu):
status: Confirmed → Triaged
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.