Commit graph

12 commits

Author SHA1 Message Date
Nirbhay Choubey
294961cc4d MDEV-10538: MariaDB fails to start without galera_recovery in systemd mode
Update ExecStartPre scripts to not fail if 'galera_recovery'
script is not available.
2016-08-22 18:38:06 -04:00
Sergey Vojtovich
1e160e5cb3 MDEV-10404 - Improved systemd service hardening causes SELinux problems
Disabled NoNewPrivileges until SELinux policy is fixed.
2016-08-17 13:59:00 +04:00
Craig Andrews
53e7fcca41 MDEV-10298: Systemd hardening
Add ProtectSystem=full, NoNewPrivileges=true, PrivateDevices=true, and ProtectHome=true to the systemd units.
2016-07-12 19:43:35 +04:00
Nirbhay Choubey
a6816995ee MDEV-10004: Galera's pc.recovery process fails in 10.1 with systemd
Galera recovery process works in two phases. In the first
phase, mysqld is started as non-daemon with --wsrep-recover
to recover and fetch the last logged global transaction ID.
This ID is then used in second phase as the start position
(--wsrep-start-position=XX) to start mysqld as daemon.

As this process was implemented in mysqld_safe script, the
recovery did not work when server was started using systemd.

Fixed by introducing a shell script (wsrep_recovery.sh) that
mimics the first phase of the recovery process.
2016-06-27 18:03:24 -04:00
Nirbhay Choubey
0645699060 MDEV-10145: Systemd fails to start mysqld in multi-instance mode
--defaults-xxx options must be placed before all other
options in the command line. Also moved MYSQLD_OPTS at
the end so that its options take precedence.
2016-06-27 18:01:21 -04:00
Sergey Vojtovich
27e6fd9a59 MDEV-9095 - [PATCH] systemd capability for --memlock
Adjust systemd files to enable CAP_IPC_LOCK to allow rootless mlockall
(triggered by memlock option).

This is amended version of a patch originally submitted by Daniel Black.
2015-12-22 19:13:51 +04:00
Daniel Black
d6b430c91b MDEV-8995: systemd - 16K open-files-limit by default 2015-11-07 13:40:44 +11:00
Daniel Black
d8ecc2a011 MDEV-9007: systemd - service mariadb bootstrap
Now this error out and refers to galera_new_cluster.
2015-11-02 23:37:03 -05:00
Daniel Black
a2c3549404 MDEV-427: systemd - use galera_new_cluster instead of bootstrap
Use galera_new_cluster instead. systemctl start mariadb@bootstrap
will generate error message, use_galera_new_cluster.conf is the name
of the file that will generate this error.

Output:

Job for mariadb@bootstrap.service failed. See "systemctl status
mariadb@bootstrap.service" and "journalctl -xe" for details.

● mariadb@bootstrap.service - MariaDB database server
   Loaded: loaded (/usr/lib/systemd/system/mariadb@.service; disabled;
vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/mariadb@bootstrap.service.d
           └─use_galera_new_cluster.conf
   Active: failed (Result: exit-code) since Thu 2015-10-15 19:27:52
CEST; 5s ago
  Process: 24334 ExecStart=/usr/bin/false (code=exited,
status=1/FAILURE)
  Process: 24330 ExecStart=/usr/bin/echo Please use galera_new_cluster
to start the mariadb service with --wsrep-new-cluster (code=exited,
status=0/SUCCESS)
 Main PID: 24334 (code=exited, status=1/FAILURE)

Oct 15 19:27:52 spaceman systemd[1]: Starting MariaDB database server...
Oct 15 19:27:52 spaceman systemd[1]: mariadb@bootstrap.service: main
process exited, code=exited, status=1/FAILURE
Oct 15 19:27:52 spaceman systemd[1]: Failed to start MariaDB database
server.
Oct 15 19:27:52 spaceman systemd[1]: Unit mariadb@bootstrap.service
entered failed state.
Oct 15 19:27:52 spaceman systemd[1]: mariadb@bootstrap.service failed.
2015-11-02 23:37:03 -05:00
Daniel Black
3723c70a30 MDEV-426: systemd PermissionsStartOnly=true by default
mariadb-service-convert during migration can create a file containing
ExecStartPre=/usr/sbin/sysctl -q -w vm.drop_caches=3 if the users my.cnf
contains [mysqld_safe] flush_caches. This sysctl entry change requires root
access. No existing ExecStartPre requires execution requires execution
as another user.

There is a comment in the mariadb{,@}.service.in that indicates
mysqld_install which would require -u mysql to explicity change user to
mysql from root since PermissionsStartOnly=true.

Otherwise the following error would be generated:
Oct 14 07:38:38 spaceman systemd[1]: Starting MariaDB database server...
-- Subject: Unit mariadb.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit mariadb.service has begun starting up.
Oct 14 07:38:38 spaceman sysctl[10089]: sysctl: permission denied on key 'vm.drop_caches'
Oct 14 07:38:38 spaceman systemd[1]: mariadb.service: control process exited, code=exited status=255
Oct 14 07:38:38 spaceman systemd[1]: Failed to start MariaDB database server.
2015-10-14 12:45:59 +02:00
Sergey Vojtovich
6346d1de2f MDEV-427/MDEV-5713 Add systemd script with notify functionality
After review/QA fixes.
2015-10-12 17:51:49 +02:00
Daniel Black
20c2ae39db MDEV-427/MDEV-5713 Add systemd script with notify functionality 2015-10-12 17:51:49 +02:00