* Update debian control file to include AWS key management plugin.
* Update dependencies in control file to include uuid.
* Include enable_encryption.preset with the aws-key-management plugin.
Also, include fixes by Vladislav Vaintroub to the
aws_key_management plugin. The AWS C++ SDK specifically depends on
OPENSSL_LIBRARIES, not generic SSL_LIBRARIES (such as YaSSL).
Compatibility links ended up looking like this:
libmysqlclient.so.18 -> /tmp/buildd/mariadb-10.2-10.2.0/debian/tmp/usr/lib/i386-linux-gnu/libmariadb.so.3
This change fixes ln syntax to create links with correct target paths.
To facilitate multiple build types in Travis, the environment variable
MYSQL_{BUILD_CC,BUILD_CXX} will be passed to cmake if used. This will
fallback to $CC/$CXX otherwise.
Added MYSQL_COMPILER_LAUNCHER (usually ccache) which isn't supported
until cmake-3.4, which isn't in travis (trusty), but hopefully a later
version can use it or in CI systems other than travis.
Signed-off-by: Daniel Black <daniel.black@au.ibm.com>
Rotating binary/relay logs can cause interuption to the processing
on the server. Binary and relay logs have their own mechanism already
for not getting out of control (expire_logs_days).
By no longer rotating binary and relay logs log rotation is limited to
the following logs:
* error log
* general log
* slow query log
Writing these to the binary log would cause any logrotation on the
slave to occur twice, once due to this and another due to the log-
rotate script on the slave. Now --local is passed to mysqladmin to
prevent this duplication.
In Debian, the default install is made more secure by omitting the anonymous
user and by making the root account authenticate by unix socket
authentication instead of the default password-less root. However, Debian
hard-codes this change in mysql_install_db, which breaks that program for
other users.
This commit instead implements new general options for mysql_install_db that
can be used by anyone to similarly perform a more secure install:
--skip-auth-anonymous-user: omits the anonymous user.
--auth-root-authentication-method=normal: Keeps the existing behaviour
with a password-less root account. Currently on by default.
--auth-root-socket-user=USER
--auth-root-authentication-method=socket: creates the MariaDB root user
with the name USER (defaults to 'root') and using unix socket
authentication. This way, only that user has MariaDB root access
after install.
The idea with --auth-root-authentication-method=normal is that
applications that need this behaviour can give that option explicitly.
Then eventually we could make --auth-root-authentication-method=socket
the default, giving a more secure default installation.
Note that it is perfectly possible to do a secure install with
--auth-root-authentication-method=normal. For example, installing a
private server just for local access by a single OS-level user, by
using --skip-networking and putting the connection socket in a
location without public access. So it is important to preserve this
API for backwards compatibility.
* Update mysqld_safe script to remove duplicated parameter --crash-script
* Make --core-file-size accept underscores as well as dashes correctly.
* Add mysqld_safe_helper to Debian and Ubuntu files.
* Update innodb minor version to 35
For backwards compatibility reasons.
E.g. innotop builds against libmysqlclient.so and expects to find
a libmysqlclient.so.18 library and does not use libmariadb.so.3 even
when built from our own sources.
This commit mimics to dcfe6cb834
This is required, as the innochecksum binary has moved package.
Without this change the following error would be emitted:
Unpacking mariadb-server-core-10.2 (10.2.3+maria~jessie) over (10.2.2+maria-1~jessie) ...
dpkg: error processing archive /var/cache/apt/archives/mariadb-server-core-10.2_10.2.3+maria~jessie_amd64.deb (--unpack):
trying to overwrite '/usr/bin/innochecksum', which is also in package mariadb-client-10.2 10.2.2+maria-1~jessie
Quite often in upgrades on systemd systems dpkg emitted an error like:
Failed to stop mysql.service: Unit mysql.service not loaded.
invoke-rc.d: initscript mysql, action "stop" failed.
invoke-rc.d returned 5
There is a MySQL server running, but we failed in our attempts to stop it.
Stop it yourself and try again!
dpkg: error processing archive /var/cache/apt/archives/mariadb-server-10.2
This is because the mariadb/mysql.service file is not loaded during
the upgrade/unpack stage of dpkg in certain situations. With this simple
check we can easily skip the shutdown step when it is really not needed,
which is for sure the case if no mysqld process at all is running on the
entire system.
In Debian many existing applications in Debian/Ubuntu have been built
while libmariadbclient-dev or libmariadbclient-dev-compat was installed.
To satisfy installation dependencies, the package name libmariadbclient18
must be provided, and at runtime a shared library must by the name
libmariadbclient.so.18.
Provide these to remain backwards compatible.
The new library name libmariadb3 matches the libmariadb.so.3 filename.
Packages that want to build against MariaDB Connector C have as
build-dependency libmariadb-dev and as run-time dependency libmariadb3.
Make the package provide libmariadbclient18 for backwards compatibility,
though compatibility is not always assured. There library did change
to a whole new generation after all, even though ABI compatibility has
been a design goal.
Also do the equivalent change for the -dev package. Packages that
explicitly want to use the MariaDB Connector C should mark it as
their build-depends.
Also provide an empty libmariadbclient18 metapackage to facilitate
upgrades from old MariaDB installs, just like there is an empty
libmysqlclient18 package. Create more of these in the future as needed.
Since Debian 9 (Stretch) and Ubuntu 16.10 (Yakkety) the following
packages have existed:
* virtual-mysql-client
* virtual-mysql-client-core
* virtual-mysql-server
* virtual-mysql-server-core
* virtual-libmysqlclient-dev
They are metapackages that in Debian depend on MariaDB and in
Ubuntu currently on MySQL. We need to provide them and point
them to MariaDB so that systems that have the mariadb.org
repositories enabled automatically get everything MariaDB
and not MySQL.
This change makes the packaging provide the four first ones,
and later commits will fix the client library issues.
