[1/1] package/mariadb: fix mysql.service failing to create log directory

When enabling MariaDB (BR2_PACKAGE_MARIADB=y) and systemd
(BR2_INIT_SYSTEMD=y) in buildroot, the mysqld.service fail to start
with a permission error.  See output of command:

    journalctl --unit=mysqld

Which shows:

    systemd[1]: Starting MySQL database server...
    install[102]: install: can't create directory '/var/log/mysql': Permission denied
    systemd[1]: mysqld.service: Control process exited, code=exited, status=1/FAILURE

Since the service file includes the "User=mysql" directive, the
"ExecStartPre=" is executed as this user, which does not have
permission to create a directory in "/var/log".

This commit fixes this issue by adding the "!" prefix, which will
execute the command with full privileges.  See the systemd.service manual
page entry for "ExecStart=", table "Special executable prefixes":
https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart=
or https://github.com/systemd/systemd/blob/v250/man/systemd.service.xml#L339

Moreover, the "mysql_install_db" invocation does not need this special
prefix, as the "/var/lib/mysql" directory on target is already owned
by the "mysql" user.  The "chown" command is also useless and is
removed in this commit.

Reported-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
---
 package/mariadb/mysqld.service | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Hi Julien, all,

Le mar. 22 févr. 2022 à 22:32, Julien Olivain <ju.o@free.fr> a écrit :
>
> When enabling MariaDB (BR2_PACKAGE_MARIADB=y) and systemd
> (BR2_INIT_SYSTEMD=y) in buildroot, the mysqld.service fail to start
> with a permission error.  See output of command:
>
>     journalctl --unit=mysqld
>
> Which shows:
>
>     systemd[1]: Starting MySQL database server...
>     install[102]: install: can't create directory '/var/log/mysql': Permission denied
>     systemd[1]: mysqld.service: Control process exited, code=exited, status=1/FAILURE
>
> Since the service file includes the "User=mysql" directive, the
> "ExecStartPre=" is executed as this user, which does not have
> permission to create a directory in "/var/log".
>
> This commit fixes this issue by adding the "!" prefix, which will
> execute the command with full privileges.  See the systemd.service manual
> page entry for "ExecStart=", table "Special executable prefixes":
> https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart=
> or https://github.com/systemd/systemd/blob/v250/man/systemd.service.xml#L339
>
> Moreover, the "mysql_install_db" invocation does not need this special
> prefix, as the "/var/lib/mysql" directory on target is already owned
> by the "mysql" user.  The "chown" command is also useless and is
> removed in this commit.
>
> Reported-by: Gilles Talis <gilles.talis@gmail.com>
> Signed-off-by: Julien Olivain <ju.o@free.fr>
> ---
>  package/mariadb/mysqld.service | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/package/mariadb/mysqld.service b/package/mariadb/mysqld.service
> index d9ea74ebc3..537430e9a2 100644
> --- a/package/mariadb/mysqld.service
> +++ b/package/mariadb/mysqld.service
> @@ -2,8 +2,8 @@
>  Description=MySQL database server
>
>  [Service]
> -ExecStartPre=/bin/sh -c 'test "`ls -1 /var/lib/mysql | wc -l`" != "0" || mysql_install_db --basedir=/usr --datadir=/var/lib/mysql && chown -R mysql:mysql /var/lib/mysql'
> -ExecStartPre=install -d -o mysql -g root -m 0755 /var/log/mysql
> +ExecStartPre=/bin/sh -c 'test "`ls -1 /var/lib/mysql | wc -l`" != "0" || mysql_install_db --basedir=/usr --datadir=/var/lib/mysql'
> +ExecStartPre=!install -d -o mysql -g root -m 0755 /var/log/mysql
>  ExecStart=/usr/bin/mysqld_safe --log-error=/var/log/mysql/mysqld.log
>  Restart=always
>  User=mysql
> --
> 2.35.1
>
Thanks for the patch. Successfully tested on an aarch64 system. So,

Tested-By: Gilles Talis <gilles.talis@gmail.com>

thanks
Gilles.

On 22/02/2022 22:32, Julien Olivain wrote:
> When enabling MariaDB (BR2_PACKAGE_MARIADB=y) and systemd
> (BR2_INIT_SYSTEMD=y) in buildroot, the mysqld.service fail to start
> with a permission error.  See output of command:
> 
>      journalctl --unit=mysqld
> 
> Which shows:
> 
>      systemd[1]: Starting MySQL database server...
>      install[102]: install: can't create directory '/var/log/mysql': Permission denied
>      systemd[1]: mysqld.service: Control process exited, code=exited, status=1/FAILURE
> 
> Since the service file includes the "User=mysql" directive, the
> "ExecStartPre=" is executed as this user, which does not have
> permission to create a directory in "/var/log".
> 
> This commit fixes this issue by adding the "!" prefix, which will
> execute the command with full privileges.  See the systemd.service manual
> page entry for "ExecStart=", table "Special executable prefixes":
> https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart=
> or https://github.com/systemd/systemd/blob/v250/man/systemd.service.xml#L339
> 
> Moreover, the "mysql_install_db" invocation does not need this special
> prefix, as the "/var/lib/mysql" directory on target is already owned
> by the "mysql" user.  The "chown" command is also useless and is
> removed in this commit.
> 
> Reported-by: Gilles Talis <gilles.talis@gmail.com>
> Signed-off-by: Julien Olivain <ju.o@free.fr>

  Applied to master, thanks.

  Excellent commit message BTW.

  Regards,
  Arnout

> ---
>   package/mariadb/mysqld.service | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/package/mariadb/mysqld.service b/package/mariadb/mysqld.service
> index d9ea74ebc3..537430e9a2 100644
> --- a/package/mariadb/mysqld.service
> +++ b/package/mariadb/mysqld.service
> @@ -2,8 +2,8 @@
>   Description=MySQL database server
>   
>   [Service]
> -ExecStartPre=/bin/sh -c 'test "`ls -1 /var/lib/mysql | wc -l`" != "0" || mysql_install_db --basedir=/usr --datadir=/var/lib/mysql && chown -R mysql:mysql /var/lib/mysql'
> -ExecStartPre=install -d -o mysql -g root -m 0755 /var/log/mysql
> +ExecStartPre=/bin/sh -c 'test "`ls -1 /var/lib/mysql | wc -l`" != "0" || mysql_install_db --basedir=/usr --datadir=/var/lib/mysql'
> +ExecStartPre=!install -d -o mysql -g root -m 0755 /var/log/mysql
>   ExecStart=/usr/bin/mysqld_safe --log-error=/var/log/mysql/mysqld.log
>   Restart=always
>   User=mysql

>>>>> "Julien" == Julien Olivain <ju.o@free.fr> writes:

 > When enabling MariaDB (BR2_PACKAGE_MARIADB=y) and systemd
 > (BR2_INIT_SYSTEMD=y) in buildroot, the mysqld.service fail to start
 > with a permission error.  See output of command:

 >     journalctl --unit=mysqld

 > Which shows:

 >     systemd[1]: Starting MySQL database server...
 >     install[102]: install: can't create directory '/var/log/mysql': Permission denied
 >     systemd[1]: mysqld.service: Control process exited, code=exited, status=1/FAILURE

 > Since the service file includes the "User=mysql" directive, the
 > "ExecStartPre=" is executed as this user, which does not have
 > permission to create a directory in "/var/log".

 > This commit fixes this issue by adding the "!" prefix, which will
 > execute the command with full privileges.  See the systemd.service manual
 > page entry for "ExecStart=", table "Special executable prefixes":
 > https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart=
 > or https://github.com/systemd/systemd/blob/v250/man/systemd.service.xml#L339

 > Moreover, the "mysql_install_db" invocation does not need this special
 > prefix, as the "/var/lib/mysql" directory on target is already owned
 > by the "mysql" user.  The "chown" command is also useless and is
 > removed in this commit.

 > Reported-by: Gilles Talis <gilles.talis@gmail.com>
 > Signed-off-by: Julien Olivain <ju.o@free.fr>

Committed to 2021.02.x and 2021.11.x, thanks.