mariadb-10.1.18 breaks the resource agent
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
Critical
|
Michele Baldessari |
Bug Description
So in mariadb-10.1.18 this change was included upstream:
commit 7497ebf8a49bfe3
Author: Sergei Golubchik <email address hidden>
Date: Thu Sep 29 10:16:24 2016 +0200
mysqld_safe: close stdout and stderr
when they're not needed anymore. Helps when
daemonizing it from mysql.init
diff --git a/scripts/
index 7f18abb3dc25.
--- a/scripts/
+++ b/scripts/
@@ -620,6 +620,10 @@ else
logging=syslog
fi
+# close stdout and stderr, everything goes to $logging now
+exec 1>&-
+exec 2>&-
+
USER_OPTION=""
if test -w / -o "$USER" = "root"
then
@@ -650,7 +654,7 @@ if [ ! -d $mysql_
then
if ! `mkdir -p $mysql_
then
- echo "Fatal error Can't create database directory '$mysql_unix_port'"
+ log_error "Fatal error Can't create database directory '$mysql_unix_port'"
exit 1
fi
chown $user $mysql_
diff --git a/support-
index e5c8814f9307.
--- a/support-
+++ b/support-
@@ -308,7 +308,7 @@ case "$mode" in
then
# Give extra arguments to mysqld with the my.cnf file. This script
# may be overwritten at next upgrade.
- $bindir/mysqld_safe --datadir=
+ $bindir/mysqld_safe --datadir=
# Make lock for RedHat / SuSE
This makes it so that the mysqld_safe --wsrep-recover command which is used by the resource agent breaks badly, because no output is generated at all.
Damien will look into making the Resource Agent work in this situation as well, but this will take time until the fix gets in RHEL->CentOS. My recommendation is that we get the RDO folks to build a package which backs out the above specific change and keep this mariadb version (or a later one since 10.1.19 has been released today and it fixes 2 more CVEs)
Changed in tripleo: | |
assignee: | nobody → Michele Baldessari (michele) |
milestone: | none → ocata-1 |
1) https:/ /github. com/rdo- common/ mariadb/ pull/2 is the fix for mariadb /bugzilla. redhat. com/show_ bug.cgi? id=1391470 tracks the fix for the resource agent
2) https:/
Once 2) is in centos we can back out the revert pushed via 1)