mirror of
https://github.com/MariaDB/server.git
synced 2025-01-15 19:42:28 +01:00
MDEV-4068 rpm scriptlet chown command dangerous
add --mysqld option to my_print_defaults change server-postin script to use that
This commit is contained in:
Sergei Golubchik
parent
62b9be6542
commit
3bfd88d1d6
9 changed files with 63 additions and 42 deletions
|
|
@ -49,6 +49,7 @@ MariaDB bug reports should be submitted through https://mariadb.atlassian.net/
|
|||
SET(CPACK_RPM_SPEC_MORE_DEFINE "
|
||||
%define mysql_vendor ${CPACK_PACKAGE_VENDOR}
|
||||
%define mysqlversion ${MYSQL_NO_DASH_VERSION}
|
||||
%define mysqlbasedir ${CMAKE_INSTALL_PREFIX}
|
||||
%define mysqldatadir ${INSTALL_MYSQLDATADIR}
|
||||
%define mysqld_user mysql
|
||||
%define mysqld_group mysql
|
||||
|
|
|
|||
|
|
@ -26,8 +26,13 @@
|
|||
#include <my_sys.h>
|
||||
#include <m_string.h>
|
||||
#include <my_getopt.h>
|
||||
#include <mysql_version.h>
|
||||
|
||||
#define load_default_groups mysqld_groups
|
||||
#include <mysqld_default_groups.h>
|
||||
#undef load_default_groups
|
||||
|
||||
my_bool opt_mysqld;
|
||||
const char *config_file="my"; /* Default config file */
|
||||
uint verbose= 0, opt_defaults_file_used= 0;
|
||||
const char *default_dbug_option="d:t:o,/tmp/my_print_defaults.trace";
|
||||
|
|
@ -78,6 +83,8 @@ static struct my_option my_long_options[] =
|
|||
(void *)&my_defaults_extra_file,
|
||||
(void *)&my_defaults_extra_file, 0, GET_STR,
|
||||
REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
|
||||
{"mysqld", 0, "Read the same set of groups that the mysqld binary does.",
|
||||
&opt_mysqld, &opt_mysqld, 0, GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0},
|
||||
{"no-defaults", 'n', "Return an empty string (useful for scripts).",
|
||||
0, 0, 0, GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0},
|
||||
{"help", '?', "Display this help message and exit.",
|
||||
|
|
@ -98,11 +105,12 @@ static void usage(my_bool version)
|
|||
return;
|
||||
puts("This software comes with ABSOLUTELY NO WARRANTY. This is free software,\nand you are welcome to modify and redistribute it under the GPL license\n");
|
||||
puts("Prints all arguments that is give to some program using the default files");
|
||||
printf("Usage: %s [OPTIONS] groups\n", my_progname);
|
||||
printf("Usage: %s [OPTIONS] [groups]\n", my_progname);
|
||||
my_print_help(my_long_options);
|
||||
my_print_default_files(config_file);
|
||||
my_print_variables(my_long_options);
|
||||
printf("\nExample usage:\n%s --defaults-file=example.cnf client client-server mysql\n", my_progname);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -115,17 +123,15 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
|
|||
opt_defaults_file_used= 1;
|
||||
break;
|
||||
case 'n':
|
||||
exit(0);
|
||||
exit(0);
|
||||
case 'I':
|
||||
case '?':
|
||||
usage(0);
|
||||
exit(0);
|
||||
usage(0);
|
||||
case 'v':
|
||||
verbose++;
|
||||
break;
|
||||
case 'V':
|
||||
usage(1);
|
||||
exit(0);
|
||||
usage(1);
|
||||
case '#':
|
||||
DBUG_PUSH(argument ? argument : default_dbug_option);
|
||||
break;
|
||||
|
|
@ -141,11 +147,6 @@ static int get_options(int *argc,char ***argv)
|
|||
if ((ho_error=handle_options(argc, argv, my_long_options, get_one_option)))
|
||||
exit(ho_error);
|
||||
|
||||
if (*argc < 1)
|
||||
{
|
||||
usage(0);
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
@ -153,9 +154,10 @@ static int get_options(int *argc,char ***argv)
|
|||
int main(int argc, char **argv)
|
||||
{
|
||||
int count, error, args_used;
|
||||
char **load_default_groups, *tmp_arguments[6];
|
||||
char **load_default_groups= 0, *tmp_arguments[6];
|
||||
char **argument, **arguments, **org_argv;
|
||||
char *defaults, *extra_defaults, *group_suffix;
|
||||
int nargs, i= 0;
|
||||
MY_INIT(argv[0]);
|
||||
|
||||
org_argv= argv;
|
||||
|
|
@ -169,13 +171,25 @@ int main(int argc, char **argv)
|
|||
arguments[count]= 0;
|
||||
|
||||
/* Check out the args */
|
||||
if (!(load_default_groups=(char**) my_malloc((argc+1)*sizeof(char*),
|
||||
MYF(MY_WME))))
|
||||
exit(1);
|
||||
if (get_options(&argc,&argv))
|
||||
exit(1);
|
||||
memcpy((char*) load_default_groups, (char*) argv, (argc + 1) * sizeof(*argv));
|
||||
|
||||
nargs= argc + 1;
|
||||
if (opt_mysqld)
|
||||
nargs+= array_elements(mysqld_groups);
|
||||
|
||||
if (nargs < 2)
|
||||
usage(0);
|
||||
|
||||
load_default_groups=(char**) my_malloc(nargs*sizeof(char*), MYF(MY_WME));
|
||||
if (!load_default_groups)
|
||||
exit(1);
|
||||
if (opt_mysqld)
|
||||
{
|
||||
for (; mysqld_groups[i]; i++)
|
||||
load_default_groups[i]= (char*) mysqld_groups[i];
|
||||
}
|
||||
memcpy(load_default_groups + i, argv, (argc + 1) * sizeof(*argv));
|
||||
if ((error= load_defaults(config_file, (const char **) load_default_groups,
|
||||
&count, &arguments)))
|
||||
{
|
||||
|
|
@ -198,6 +212,6 @@ int main(int argc, char **argv)
|
|||
puts(*argument);
|
||||
my_free(load_default_groups);
|
||||
free_defaults(arguments);
|
||||
|
||||
my_end(0);
|
||||
exit(0);
|
||||
}
|
||||
|
|
|
|||
8
include/mysqld_default_groups.h
Normal file
8
include/mysqld_default_groups.h
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
const char *load_default_groups[]= {
|
||||
#ifdef WITH_NDBCLUSTER_STORAGE_ENGINE
|
||||
"mysql_cluster",
|
||||
#endif
|
||||
"mysqld", "server", MYSQL_BASE_VERSION,
|
||||
"mariadb", MARIADB_BASE_VERSION,
|
||||
"client-server",
|
||||
0, 0};
|
||||
|
|
@ -257,7 +257,7 @@ fi
|
|||
|
||||
# Now we can get arguments from the groups [mysqld] and [mysql_install_db]
|
||||
# in the my.cfg file, then re-run to merge with command line arguments.
|
||||
parse_arguments `"$print_defaults" $defaults mysqld mariadb mysql_install_db client-server`
|
||||
parse_arguments `"$print_defaults" $defaults --mysqld mysql_install_db`
|
||||
parse_arguments PICK-ARGS-FROM-ARGV "$@"
|
||||
|
||||
# Configure paths to support files
|
||||
|
|
|
|||
|
|
@ -237,7 +237,7 @@ sub defaults_for_group
|
|||
|
||||
sub init_log
|
||||
{
|
||||
foreach my $opt (defaults_for_group('mysqld mariadb'))
|
||||
foreach my $opt (defaults_for_group('--mysqld'))
|
||||
{
|
||||
if ($opt =~ m/^--datadir=(.*)/ && -d "$1" && -w "$1")
|
||||
{
|
||||
|
|
|
|||
|
|
@ -503,7 +503,7 @@ append_arg_to_args () {
|
|||
args=
|
||||
|
||||
SET_USER=2
|
||||
parse_arguments `$print_defaults $defaults --loose-verbose mysqld mariadb server client-server`
|
||||
parse_arguments `$print_defaults $defaults --loose-verbose --mysqld`
|
||||
if test $SET_USER -eq 2
|
||||
then
|
||||
SET_USER=0
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ GetOptions(\%opt,
|
|||
$opt{'help'} and usage();
|
||||
|
||||
unless (@ARGV) {
|
||||
my $defaults = `my_print_defaults mysqld mariadb`;
|
||||
my $defaults = `my_print_defaults --mysqld`;
|
||||
|
||||
my $datadir = ($defaults =~ m/--datadir=(.*)/g)[-1];
|
||||
if (!$datadir or $opt{i}) {
|
||||
|
|
|
|||
|
|
@ -3203,14 +3203,7 @@ pthread_handler_t handle_shutdown(void *arg)
|
|||
}
|
||||
#endif
|
||||
|
||||
const char *load_default_groups[]= {
|
||||
#ifdef WITH_NDBCLUSTER_STORAGE_ENGINE
|
||||
"mysql_cluster",
|
||||
#endif
|
||||
"mysqld", "server", MYSQL_BASE_VERSION,
|
||||
"mariadb", MARIADB_BASE_VERSION,
|
||||
"client-server",
|
||||
0, 0};
|
||||
#include <mysqld_default_groups.h>
|
||||
|
||||
#if defined(__WIN__) && !defined(EMBEDDED_LIBRARY)
|
||||
static const int load_default_groups_sz=
|
||||
|
|
|
|||
|
|
@ -5,41 +5,46 @@ if [ $1 = 1 ] ; then
|
|||
/sbin/chkconfig --add mysql
|
||||
fi
|
||||
|
||||
mysql_dirs=(`%{_sbindir}/mysqld --verbose --help 2>/dev/null|sed -ne 's/^\(basedir\|datadir\)[[:space:]]*\(.*\)$/\2/p'`)
|
||||
basedir="${mysql_dirs[0]}"
|
||||
datadir="${mysql_dirs[1]}"
|
||||
# datadir may be relative to a basedir!
|
||||
if expr $datadir : / > /dev/null; then
|
||||
mysql_datadir=$datadir
|
||||
basedir=`%{_bindir}/my_print_defaults --mysqld|sed -ne 's/^--basedir=//p'|tail -1`
|
||||
if [ -z "$basedir" ] ; then
|
||||
basedir=%{mysqlbasedir}
|
||||
fi
|
||||
|
||||
datadir=`%{_bindir}/my_print_defaults --mysqld|sed -ne 's/^--datadir=//p'|tail -1`
|
||||
if [ -z "$datadir" ] ; then
|
||||
datadir=%{mysqldatadir}
|
||||
else
|
||||
mysql_datadir=$basedir/$datadir
|
||||
# datadir may be relative to a basedir!
|
||||
if ! expr $datadir : / > /dev/null; then
|
||||
datadir=$basedir/$datadir
|
||||
fi
|
||||
fi
|
||||
|
||||
# Create a MySQL user and group. Do not report any problems if it already
|
||||
# exists.
|
||||
groupadd -r %{mysqld_group} 2> /dev/null || true
|
||||
useradd -M -r -d $mysql_datadir -s /bin/bash -c "MySQL server" -g %{mysqld_group} %{mysqld_user} 2> /dev/null || true
|
||||
useradd -M -r -d $datadir -s /bin/bash -c "MySQL server" -g %{mysqld_group} %{mysqld_user} 2> /dev/null || true
|
||||
# The user may already exist, make sure it has the proper group nevertheless (BUG#12823)
|
||||
usermod -g %{mysqld_group} %{mysqld_user} 2> /dev/null || true
|
||||
|
||||
# Change permissions so that the user that will run the MySQL daemon
|
||||
# owns all database files.
|
||||
chown -R %{mysqld_user}:%{mysqld_group} $mysql_datadir
|
||||
chown -R %{mysqld_user}:%{mysqld_group} $datadir
|
||||
|
||||
if [ ! -e $mysql_datadir ]; then
|
||||
if [ ! -e $datadir ]; then
|
||||
# Create data directory
|
||||
mkdir -p $mysql_datadir/{mysql,test}
|
||||
mkdir -p $datadir/{mysql,test}
|
||||
|
||||
# Initiate databases
|
||||
%{_bindir}/mysql_install_db --rpm --user=%{mysqld_user}
|
||||
fi
|
||||
|
||||
# Change permissions again to fix any new files.
|
||||
chown -R %{mysqld_user}:%{mysqld_group} $mysql_datadir
|
||||
chown -R %{mysqld_user}:%{mysqld_group} $datadir
|
||||
|
||||
# Fix permissions for the permission database so that only the user
|
||||
# can read them.
|
||||
chmod -R og-rw $mysql_datadir/mysql
|
||||
chmod -R og-rw $datadir/mysql
|
||||
fi
|
||||
|
||||
# install SELinux files - but don't override existing ones
|
||||
|
|
|
|||
Loading…
Reference in a new issue