[arch-commits] Commit in mariadb/trunk (9 files)
Christian Hesse
eworm at archlinux.org
Fri Feb 1 07:51:58 UTC 2019
Date: Friday, February 1, 2019 @ 07:51:57
Author: eworm
Revision: 344989
replace the on-the-fly hacks with proper patches
Added:
mariadb/trunk/0001-arch-specific.patch
mariadb/trunk/0002-systemd-sysusers-tmpfiles.patch
mariadb/trunk/0003-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch
mariadb/trunk/0004-do-not-break-main-configuration-with-instantiated-one.patch
mariadb/trunk/0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch
Modified:
mariadb/trunk/PKGBUILD
mariadb/trunk/mariadb.install
Deleted:
mariadb/trunk/0001-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch
mariadb/trunk/0002-fix-galera_recovery-with-fs.protected_regular-enabled.patch
---------------------------------------------------------------------------------+
0001-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch | 31 --
0001-arch-specific.patch | 134 ++++++++++
0002-fix-galera_recovery-with-fs.protected_regular-enabled.patch | 32 --
0002-systemd-sysusers-tmpfiles.patch | 60 ++++
0003-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch | 31 ++
0004-do-not-break-main-configuration-with-instantiated-one.patch | 56 ++++
0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch | 32 ++
PKGBUILD | 50 +--
mariadb.install | 2
9 files changed, 338 insertions(+), 90 deletions(-)
Deleted: 0001-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch
===================================================================
--- 0001-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch 2019-01-31 21:39:33 UTC (rev 344988)
+++ 0001-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch 2019-02-01 07:51:57 UTC (rev 344989)
@@ -1,31 +0,0 @@
-From 8b87e87252f7d0599a99f18cd5f51914d2611397 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Vicen=C8=9Biu=20Ciorbaru?= <vicentiu at mariadb.org>
-Date: Thu, 24 Jan 2019 00:58:20 +0200
-Subject: MDEV-18360 Prevent set_max_open_files from allocating too many files
-
-If the rlimit.rlim_cur value returned by getrlimit is not the
-RLIM_INFINITY magic constant, but a *very* large number, we can allocate
-too many open files. Restrict set_max_open_files to only return at most
-max_file_limit, as passed via its parameter.
----
- mysys/my_file.c | 7 +++----
- 1 file changed, 3 insertions(+), 4 deletions(-)
-
-diff --git a/mysys/my_file.c b/mysys/my_file.c
-index 8d01285a94b..b3aef8494cb 100644
---- a/mysys/my_file.c
-+++ b/mysys/my_file.c
-@@ -52,10 +52,9 @@ static uint set_max_open_files(uint max_file_limit)
- DBUG_PRINT("info", ("rlim_cur: %u rlim_max: %u",
- (uint) rlimit.rlim_cur,
- (uint) rlimit.rlim_max));
-- if ((ulonglong) rlimit.rlim_cur == (ulonglong) RLIM_INFINITY)
-- rlimit.rlim_cur = max_file_limit;
-- if (rlimit.rlim_cur >= max_file_limit)
-- DBUG_RETURN(rlimit.rlim_cur); /* purecov: inspected */
-+ if ((ulonglong) rlimit.rlim_cur == (ulonglong) RLIM_INFINITY ||
-+ rlimit.rlim_cur >= max_file_limit)
-+ DBUG_RETURN(max_file_limit);
- rlimit.rlim_cur= rlimit.rlim_max= max_file_limit;
- if (setrlimit(RLIMIT_NOFILE, &rlimit))
- max_file_limit= old_cur; /* Use original value */
Added: 0001-arch-specific.patch
===================================================================
--- 0001-arch-specific.patch (rev 0)
+++ 0001-arch-specific.patch 2019-02-01 07:51:57 UTC (rev 344989)
@@ -0,0 +1,134 @@
+From 07abbcbbe129a4c44c58fa2496b0921e52a759c2 Mon Sep 17 00:00:00 2001
+From: Christian Hesse <mail at eworm.de>
+Date: Tue, 29 Jan 2019 23:12:01 +0100
+Subject: enable PrivateTmp for a little bit more security
+---
+ support-files/mariadb.service.in | 2 +-
+ support-files/mariadb at .service.in | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in
+index 8d43b6db428..a96fbcc9d2c 100644
+--- a/support-files/mariadb.service.in
++++ b/support-files/mariadb.service.in
+@@ -117,7 +117,7 @@ UMask=007
+
+ # If you don't use the /tmp directory for SELECT ... OUTFILE and
+ # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+-PrivateTmp=false
++PrivateTmp=true
+
+ ##
+ ## Options previously available to be set via [mysqld_safe]
+diff --git a/support-files/mariadb at .service.in b/support-files/mariadb at .service.in
+index a2f5cff0828..83d75f80b87 100644
+--- a/support-files/mariadb at .service.in
++++ b/support-files/mariadb at .service.in
+@@ -41,7 +41,7 @@ Type=notify
+
+ # Setting this to true can break replication and the Type=notify settings
+ # See also bind-address mysqld option.
+-PrivateNetwork=false
++PrivateNetwork=true
+
+ ##############################################################################
+ ## Package maintainers
+From 0e4a158086b765aa3a12b84646aefb9b192443f7 Mon Sep 17 00:00:00 2001
+From: Christian Hesse <mail at eworm.de>
+Date: Tue, 29 Jan 2019 23:12:54 +0100
+Subject: force preloading jemalloc for memory management
+---
+ support-files/mariadb.service.in | 1 +
+ support-files/mariadb at .service.in | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in
+index a96fbcc9d2c..6bb5d4227b9 100644
+--- a/support-files/mariadb.service.in
++++ b/support-files/mariadb.service.in
+@@ -140,6 +140,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+diff --git a/support-files/mariadb at .service.in b/support-files/mariadb at .service.in
+index 83d75f80b87..d1d24d685f9 100644
+--- a/support-files/mariadb at .service.in
++++ b/support-files/mariadb at .service.in
+@@ -161,6 +161,7 @@ LimitNOFILE=16364
+ # Library substitutions. previously [mysqld_safe] malloc-lib with explicit paths
+ # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+ # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
++Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
+
+ # Flush caches. previously [mysqld_safe] flush-caches=1
+ # ExecStartPre=sync
+From 72b42fb1a344bfc3f3c3c905fe85c93ac4a752e3 Mon Sep 17 00:00:00 2001
+From: Christian Hesse <mail at eworm.de>
+Date: Tue, 29 Jan 2019 23:14:23 +0100
+Subject: fix path to our config
+---
+ support-files/rpm/enable_encryption.preset | 2 +-
+ support-files/rpm/my.cnf | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/support-files/rpm/enable_encryption.preset b/support-files/rpm/enable_encryption.preset
+index 722db7e5fa1..978a7494c6b 100644
+--- a/support-files/rpm/enable_encryption.preset
++++ b/support-files/rpm/enable_encryption.preset
+@@ -1,5 +1,5 @@
+ #
+-# !include this file into your my.cnf (or any of *.cnf files in /etc/my.cnf.d)
++# !include this file into your my.cnf (or any of *.cnf files in /etc/mysql/my.cnf.d)
+ # and it will enable data at rest encryption. This is a simple way to
+ # ensure that everything that can be encrypted will be and your
+ # data will not leak unencrypted.
+diff --git a/support-files/rpm/my.cnf b/support-files/rpm/my.cnf
+index 913b88f8328..17d25361178 100644
+--- a/support-files/rpm/my.cnf
++++ b/support-files/rpm/my.cnf
+@@ -7,5 +7,5 @@
+ #
+ # include all files from the config directory
+ #
+-!includedir /etc/my.cnf.d
++!includedir /etc/mysql/my.cnf.d
+
+From 820b47c1e70d36f1272cca3ddbdf4bbd2dd62bde Mon Sep 17 00:00:00 2001
+From: Christian Hesse <mail at eworm.de>
+Date: Wed, 30 Jan 2019 00:46:47 +0100
+Subject: remove aliases from systemd unit files
+---
+ support-files/mariadb.service.in | 2 --
+ support-files/mariadb at .service.in | 2 --
+ 2 files changed, 4 deletions(-)
+
+diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in
+index 8d43b6db428..d7fa6bf5b14 100644
+--- a/support-files/mariadb.service.in
++++ b/support-files/mariadb.service.in
+@@ -20,8 +20,6 @@ After=network.target
+
+ [Install]
+ WantedBy=multi-user.target
+-Alias=mysql.service
+-Alias=mysqld.service
+
+
+ [Service]
+diff --git a/support-files/mariadb at .service.in b/support-files/mariadb at .service.in
+index a2f5cff0828..3fc41358e14 100644
+--- a/support-files/mariadb at .service.in
++++ b/support-files/mariadb at .service.in
+@@ -27,8 +27,6 @@ ConditionPathExists=@sysconf2dir@/my%I.cnf
+
+ [Install]
+ WantedBy=multi-user.target
+-Alias=mysql.service
+-Alias=mysqld.service
+
+
+ [Service]
Deleted: 0002-fix-galera_recovery-with-fs.protected_regular-enabled.patch
===================================================================
--- 0002-fix-galera_recovery-with-fs.protected_regular-enabled.patch 2019-01-31 21:39:33 UTC (rev 344988)
+++ 0002-fix-galera_recovery-with-fs.protected_regular-enabled.patch 2019-02-01 07:51:57 UTC (rev 344989)
@@ -1,32 +0,0 @@
-From 5936f0be4a49eda7b05ea1591bbbba3d72e4d7b9 Mon Sep 17 00:00:00 2001
-From: Christian Hesse <mail at eworm.de>
-Date: Fri, 25 Jan 2019 14:50:53 +0100
-Subject: fix galera_recovery with fs.protected_regular enabled
-
-The fs.protected_regular sysctls was added in Linux 4.19 to make some
-data spoofing attacks harder. With systemd v241 these will be enabled
-by default.
-
-With this protection enabled galera_recovery fails with EPERM
-(permission denied). This is caused by a wrong security measure:
-The script changes ownership of $log_file to $user, though $user never
-touches it. The shell redirection writes output to the file, not mysqld.
-So just drop chown to fix this.
----
- scripts/galera_recovery.sh | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/scripts/galera_recovery.sh b/scripts/galera_recovery.sh
-index c58f3d8f6b9..c70decc0005 100644
---- a/scripts/galera_recovery.sh
-+++ b/scripts/galera_recovery.sh
-@@ -101,8 +101,7 @@ wsrep_recover_position() {
-
- # Safety checks
- if [ -n "$log_file" -a -f "$log_file" ]; then
-- [ "$euid" = "0" ] && chown $user $log_file
-- chmod 600 $log_file
-+ chmod 600 $log_file
- else
- log "WSREP: mktemp failed"
- fi
Added: 0002-systemd-sysusers-tmpfiles.patch
===================================================================
--- 0002-systemd-sysusers-tmpfiles.patch (rev 0)
+++ 0002-systemd-sysusers-tmpfiles.patch 2019-02-01 07:51:57 UTC (rev 344989)
@@ -0,0 +1,60 @@
+From dc7aff5e5331820205282576f6ade015f672969b Mon Sep 17 00:00:00 2001
+From: Christian Hesse <mail at eworm.de>
+Date: Tue, 2 Jan 2018 14:32:21 +0100
+Subject: Use descriptive file names for sysusers and tmpfiles configuration
+
+These files were installed to:
+
+${INSTALL_SYSTEMD_SYSUSERSDIR}/sysusers.conf
+${INSTALL_SYSTEMD_TMPFILESDIR}/tmpfiles.conf
+
+Instead rename the files to more descriptive file names 'mariadb.conf'.
+---
+ support-files/CMakeLists.txt | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/support-files/CMakeLists.txt b/support-files/CMakeLists.txt
+index 4ad3810e082..8363922d468 100644
+--- a/support-files/CMakeLists.txt
++++ b/support-files/CMakeLists.txt
+@@ -117,7 +117,8 @@ IF(UNIX)
+ CONFIGURE_FILE(sysusers.conf.in
+ ${CMAKE_CURRENT_BINARY_DIR}/sysusers.conf @ONLY)
+ INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/sysusers.conf
+- DESTINATION ${INSTALL_SYSTEMD_SYSUSERSDIR} COMPONENT Server)
++ DESTINATION ${INSTALL_SYSTEMD_SYSUSERSDIR}
++ RENAME mariadb.conf COMPONENT Server)
+ ENDIF()
+
+ IF(INSTALL_SYSTEMD_TMPFILESDIR)
+@@ -125,7 +126,8 @@ IF(UNIX)
+ CONFIGURE_FILE(tmpfiles.conf.in
+ ${CMAKE_CURRENT_BINARY_DIR}/tmpfiles.conf @ONLY)
+ INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/tmpfiles.conf
+- DESTINATION ${INSTALL_SYSTEMD_TMPFILESDIR} COMPONENT Server)
++ DESTINATION ${INSTALL_SYSTEMD_TMPFILESDIR}
++ RENAME mariadb.conf COMPONENT Server)
+ ENDIF()
+
+ # @ in directory name broken between CMake version 2.8.12.2 and 3.3
+From c86912c8896b65c1dd9226c1bc2987189d4840c2 Mon Sep 17 00:00:00 2001
+From: Christian Hesse <mail at eworm.de>
+Date: Tue, 2 Jan 2018 14:36:49 +0100
+Subject: Make systemd-tmpfiles create MYSQL_DATADIR
+
+This is a no-op if the directory exists, but makes sure it is created by
+systemd-tmpfiles with proper permissions otherwise.
+
+This solves packaging issues when the user MYSQLD_USER is created by
+systemd-sysusers and uid is not known in advance.
+---
+ support-files/tmpfiles.conf.in | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/support-files/tmpfiles.conf.in b/support-files/tmpfiles.conf.in
+index 03d66abc0c7..3c89cb258c9 100644
+--- a/support-files/tmpfiles.conf.in
++++ b/support-files/tmpfiles.conf.in
+@@ -1 +1,2 @@
+ d @MYSQL_UNIX_DIR@ 0755 @MYSQLD_USER@ @MYSQLD_USER@ -
++d @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ -
Added: 0003-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch
===================================================================
--- 0003-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch (rev 0)
+++ 0003-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch 2019-02-01 07:51:57 UTC (rev 344989)
@@ -0,0 +1,31 @@
+From 8b87e87252f7d0599a99f18cd5f51914d2611397 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Vicen=C8=9Biu=20Ciorbaru?= <vicentiu at mariadb.org>
+Date: Thu, 24 Jan 2019 00:58:20 +0200
+Subject: MDEV-18360 Prevent set_max_open_files from allocating too many files
+
+If the rlimit.rlim_cur value returned by getrlimit is not the
+RLIM_INFINITY magic constant, but a *very* large number, we can allocate
+too many open files. Restrict set_max_open_files to only return at most
+max_file_limit, as passed via its parameter.
+---
+ mysys/my_file.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/mysys/my_file.c b/mysys/my_file.c
+index 8d01285a94b..b3aef8494cb 100644
+--- a/mysys/my_file.c
++++ b/mysys/my_file.c
+@@ -52,10 +52,9 @@ static uint set_max_open_files(uint max_file_limit)
+ DBUG_PRINT("info", ("rlim_cur: %u rlim_max: %u",
+ (uint) rlimit.rlim_cur,
+ (uint) rlimit.rlim_max));
+- if ((ulonglong) rlimit.rlim_cur == (ulonglong) RLIM_INFINITY)
+- rlimit.rlim_cur = max_file_limit;
+- if (rlimit.rlim_cur >= max_file_limit)
+- DBUG_RETURN(rlimit.rlim_cur); /* purecov: inspected */
++ if ((ulonglong) rlimit.rlim_cur == (ulonglong) RLIM_INFINITY ||
++ rlimit.rlim_cur >= max_file_limit)
++ DBUG_RETURN(max_file_limit);
+ rlimit.rlim_cur= rlimit.rlim_max= max_file_limit;
+ if (setrlimit(RLIMIT_NOFILE, &rlimit))
+ max_file_limit= old_cur; /* Use original value */
Added: 0004-do-not-break-main-configuration-with-instantiated-one.patch
===================================================================
--- 0004-do-not-break-main-configuration-with-instantiated-one.patch (rev 0)
+++ 0004-do-not-break-main-configuration-with-instantiated-one.patch 2019-02-01 07:51:57 UTC (rev 344989)
@@ -0,0 +1,56 @@
+From 8fe9b2658664d0ece15fe57442706446fed66d6e Mon Sep 17 00:00:00 2001
+From: Christian Hesse <mail at eworm.de>
+Date: Tue, 15 Jan 2019 17:22:56 +0100
+Subject: do not break main configuration with instantiated one
+
+The main configuration file /etc/my.cnf includes all configuration files in
+/etc/my.cnf.d/. However an instantiated service mariadb at example.service
+reads its configuration from /etc/my.cnf.d/myexample.cnf. This breaks
+the main configuration as that includes a snippet intended for an instance.
+
+This can be fixed by changing the path: Let the instantiated service
+read its configuration from /etc/myexample.cnf.
+---
+ support-files/mariadb at .service.in | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/support-files/mariadb at .service.in b/support-files/mariadb at .service.in
+index a2f5cff0828..1207e690f47 100644
+--- a/support-files/mariadb at .service.in
++++ b/support-files/mariadb at .service.in
+@@ -1,7 +1,7 @@
+ # Multi instance version of mariadb. For if you run multiple versions at once.
+ # Also used for mariadb at bootstrap to bootstrap Galera.
+ #
+-# create config file @sysconf2dir@/my{instancename}.cnf
++# create config file @sysconfdir@/my{instancename}.cnf
+ #
+ # start as systemctl start mariadb@{instancename}.server
+
+@@ -23,7 +23,7 @@ Documentation=man:mysqld(8)
+ Documentation=https://mariadb.com/kb/en/library/systemd/
+ After=network.target
+
+-ConditionPathExists=@sysconf2dir@/my%I.cnf
++ConditionPathExists=@sysconfdir@/my%I.cnf
+
+ [Install]
+ WantedBy=multi-user.target
+@@ -75,7 +75,7 @@ PermissionsStartOnly=true
+ ExecStartPre=/bin/sh -c "systemctl unset-environment _WSREP_START_POSITION%I"
+
+ ExecStartPre=/bin/sh -c "[ ! -e @bindir@/galera_recovery ] && VAR= || \
+- VAR=`@bindir@/galera_recovery --defaults-file=@sysconf2dir@/my%I.cnf`; [ $? -eq 0 ] \
++ VAR=`@bindir@/galera_recovery --defaults-file=@sysconfdir@/my%I.cnf`; [ $? -eq 0 ] \
+ && systemctl set-environment _WSREP_START_POSITION%I=$VAR || exit 1"
+
+ # Alternate: (remove ConditionPathExists above)
+@@ -96,7 +96,7 @@ ExecStartPre=/bin/sh -c "[ ! -e @bindir@/galera_recovery ] && VAR= || \
+
+ # Note: Place $MYSQLD_OPTS at the very end for its options to take precedence.
+
+-ExecStart=@sbindir@/mysqld --defaults-file=@sysconf2dir@/my%I.cnf \
++ExecStart=@sbindir@/mysqld --defaults-file=@sysconfdir@/my%I.cnf \
+ $_WSREP_NEW_CLUSTER $_WSREP_START_POSITION%I $MYSQLD_OPTS
+ # Alternate: (remove ConditionPathExists above)
+ # use [mysqld.INSTANCENAME] as sections in my.cnf
Added: 0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch
===================================================================
--- 0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch (rev 0)
+++ 0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch 2019-02-01 07:51:57 UTC (rev 344989)
@@ -0,0 +1,32 @@
+From 5936f0be4a49eda7b05ea1591bbbba3d72e4d7b9 Mon Sep 17 00:00:00 2001
+From: Christian Hesse <mail at eworm.de>
+Date: Fri, 25 Jan 2019 14:50:53 +0100
+Subject: fix galera_recovery with fs.protected_regular enabled
+
+The fs.protected_regular sysctls was added in Linux 4.19 to make some
+data spoofing attacks harder. With systemd v241 these will be enabled
+by default.
+
+With this protection enabled galera_recovery fails with EPERM
+(permission denied). This is caused by a wrong security measure:
+The script changes ownership of $log_file to $user, though $user never
+touches it. The shell redirection writes output to the file, not mysqld.
+So just drop chown to fix this.
+---
+ scripts/galera_recovery.sh | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/scripts/galera_recovery.sh b/scripts/galera_recovery.sh
+index c58f3d8f6b9..c70decc0005 100644
+--- a/scripts/galera_recovery.sh
++++ b/scripts/galera_recovery.sh
+@@ -101,8 +101,7 @@ wsrep_recover_position() {
+
+ # Safety checks
+ if [ -n "$log_file" -a -f "$log_file" ]; then
+- [ "$euid" = "0" ] && chown $user $log_file
+- chmod 600 $log_file
++ chmod 600 $log_file
+ else
+ log "WSREP: mktemp failed"
+ fi
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2019-01-31 21:39:33 UTC (rev 344988)
+++ PKGBUILD 2019-02-01 07:51:57 UTC (rev 344989)
@@ -13,44 +13,47 @@
'openssl' 'systemd' 'zlib' 'zstd')
validpgpkeys=('199369E5404BD5FC7D2FE43BCBCB082A1BB943DB') # MariaDB Package Signing Key <package-signing-key at mariadb.org>
source=("https://ftp.heanet.ie/mirrors/mariadb/mariadb-$pkgver/source/mariadb-$pkgver.tar.gz"{,.asc}
- '0001-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch'
- '0002-fix-galera_recovery-with-fs.protected_regular-enabled.patch')
+ '0001-arch-specific.patch'
+ '0002-systemd-sysusers-tmpfiles.patch'
+ '0003-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch'
+ '0004-do-not-break-main-configuration-with-instantiated-one.patch'
+ '0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch')
sha256sums=('f7449a34c25e0455928d7983dae83fd2069fe1f16c4c5f4aeed9ed9d3f081ff6'
'SKIP'
+ '5a443a403821931ce35759e9583d23cd809b3b5a5df5b8293ac8e33b9c0cbc0f'
+ '1cd009b473d5965c7cbe6d48fff272030a2ccdd9c7e67b4f837d03252786a09a'
'f2a93769bfd9a5421871846b091ff752dfceea1791beab2ee55ac93d24df02c7'
+ 'd12806e4f90cc0fc081205dd4c0a5e0e7c455844f04276811b61b57fd24f5545'
'66e0acac7436fd8925710ef5cc66ba1a8f63a385ce374f01ae83096cc33d97a0')
prepare() {
cd $pkgbase-$pkgver/
- # Changes to the upstream unit files:
- # * remove the alias from unit files, we install symlinks in package function
+ # Arch Linux specific patches:
# * enable PrivateTmp for a little bit more security
# * force preloading jemalloc for memory management
- sed -i -e '/^Alias/d' \
- -e '/^PrivateTmp/c PrivateTmp=true' \
- -e '/# Environment="LD_/a Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"' \
- support-files/mariadb{,@}.service.in
+ # * fix path to our config
+ patch -Np1 < ../0001-arch-specific.patch
- # let's create the datadir from tmpfiles
- echo 'd @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ -' >> support-files/tmpfiles.conf.in
+ # MDEV-17028 Fix glitches with systemd sysusers and tmpfiles:
+ # * Use descriptive file names for sysusers and tmpfiles configuration
+ # * Make systemd-tmpfiles create MYSQL_DATADIR
+ # https://github.com/MariaDB/server/pull/530
+ patch -Np1 < ../0002-systemd-sysusers-tmpfiles.patch
- # instantiated configs are not subject to be included from main config
- sed -i 's|@sysconf2dir@|@sysconfdir@|' support-files/mariadb at .service.in
-
- # fix path to our config
- sed -i 's|my.cnf.d|mysql/my.cnf.d|' support-files/rpm/{my.cnf,enable_encryption.preset}
-
# MDEV-18360 Prevent set_max_open_files from allocating too many files
# https://bugs.archlinux.org/task/61433
# https://github.com/systemd/systemd/issues/11510
# https://jira.mariadb.org/browse/MDEV-18360
- patch -Np1 < ../0001-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch
+ patch -Np1 < ../0003-MDEV-18360-Prevent-set_max_open_files-from-allocating-too-many-files.patch
+ # do not break main configuration with instantiated one
+ # https://github.com/MariaDB/server/pull/1095
+ patch -Np1 < ../0004-do-not-break-main-configuration-with-instantiated-one.patch
+
# fix galera_recovery with fs.protected_regular enabled
# https://github.com/MariaDB/server/pull/1137
- patch -Np1 < ../0002-fix-galera_recovery-with-fs.protected_regular-enabled.patch
-
+ patch -Np1 < ../0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch
}
build() {
@@ -188,11 +191,7 @@
rm usr/bin/rcmysql
rm usr/share/mysql/{binary-configure,mysql{,d_multi}.server}
- # these should have useful names
- mv usr/lib/sysusers.d/{sysusers,mariadb}.conf
- mv usr/lib/tmpfiles.d/{tmpfiles,mariadb}.conf
-
- # links service files with old name for compatibility
+ # link service files with old name for compatibility
ln -s mariadb.service usr/lib/systemd/system/mysqld.service
ln -s mariadb at .service usr/lib/systemd/system/mysqld at .service
@@ -201,8 +200,7 @@
mv usr/share/doc/mariadb/COPYING* usr/share/licenses/mariadb/
# move it where one might look for it
- mv usr/share/{groonga,doc/mariadb/}
- mv usr/share/{groonga-normalizer-mysql,doc/mariadb/}
+ mv usr/share/{groonga{,-normalizer-mysql},doc/mariadb/}
# already installed to real systemd unit directory or useless
rm -r usr/share/mysql/systemd/
Modified: mariadb.install
===================================================================
--- mariadb.install 2019-01-31 21:39:33 UTC (rev 344988)
+++ mariadb.install 2019-02-01 07:51:57 UTC (rev 344989)
@@ -6,7 +6,7 @@
echo " mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql"
}
-post_upgrade(){
+post_upgrade() {
# show for feature release: 10.1 -> 10.2 -> 10.3 -> ...
if [ $(vercmp "${1%.*}" "${2%.*}") -ne 0 ]; then
echo ":: MariaDB was updated to a new feature release. To update the data run:"
More information about the arch-commits
mailing list