AppArmor rules cause tmp table problem

Bug #351275 reported by Cafuego on 2009-03-29
2
Affects Status Importance Assigned to Milestone
apparmor (Ubuntu)
Undecided
Jamie Strandboge

Bug Description

I installed Jaunty (mythbuntu) yesterday and tweaked my mysql configuration to have the server use InnoDB. When I then ran mysql_convert_table_format on a database, apparmor started logging permission issues on temporary tables.

The perms on all mysql directories are fine and when I turned apparmor off MySQL stopped complaining.

$ lsb_release -rd
Description: Ubuntu jaunty (development branch)
Release: 9.04

$ apt-cache policy mysql-server-5.0
mysql-server-5.0:
  Installed: 5.1.30really5.0.75-0ubuntu9
  Candidate: 5.1.30really5.0.75-0ubuntu9
  Version table:
 *** 5.1.30really5.0.75-0ubuntu9 0
        500 http://au.archive.ubuntu.com jaunty/main Packages
        100 /var/lib/dpkg/status

syslog:

Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: Unable to lock /tmp/#sql4b3d_2e_0.ibd, error: 13
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: Check that you do not already have another mysqld process
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: using the same InnoDB data or log files.
Mar 30 08:57:33 mythtv mysqld[19263]: 090330 8:57:33 InnoDB: Error creating file '/tmp/#sql4b3d_2e_0.ibd'.
Mar 30 08:57:33 mythtv mysqld[19263]: 090330 8:57:33 InnoDB: Operating system error number 13 in a file operation.
Mar 30 08:57:33 mythtv kernel: [55954.747069] type=1503 audit(1238363853.710:58): operation="file_lock" requested_mask="wk::" denied_mask="k::" fsuid=103 name="/tmp/#sql4b3d_2e_0.ibd" pid=22943 profile="/usr/sbin/mysqld"
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: The error means mysqld does not have the access rights to
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: the directory.
Mar 30 08:57:33 mythtv mysqld[19263]: 090330 8:57:33 InnoDB: Error: table `tmp/#sql4b3d_2e_0` does not exist in the InnoDB internal
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: data dictionary though MySQL is trying to drop it.
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: Have you copied the .frm file of the table to the
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: MySQL database directory from another database?
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: You can look for further help from
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: http://dev.mysql.com/doc/refman/5.0/en/innodb-troubleshooting.html
Mar 30 08:57:33 mythtv mysqld[19263]: 090330 8:57:33 [Warning] Could not remove tmp table: '/tmp/#sql4b3d_2e_0', error: -1

Related branches

Jamie Strandboge (jdstrand) wrote :

This should really be fixed in the apparmor user-tmp abstraction. Moving to apparmor.

Changed in mysql-dfsg-5.0:
status: New → Triaged
Changed in apparmor:
assignee: nobody → jdstrand
status: Triaged → Fix Committed
Jamie Strandboge (jdstrand) wrote :

Thank you for using Ubuntu and taking the time to report a bug. I've committed this to bzr and it will be a part of the next apparmor upload.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.3+1289-0ubuntu13

---------------
apparmor (2.3+1289-0ubuntu13) jaunty; urgency=low

  [ Kees Cook ]
  * abstractions/gnome: allow /proc/$pid/mounts for gvfs.
  * abstractions/python: clean up allowed paths (LP: #350820), thanks to
    Jonathan Davies.

  [ Jamie Strandboge ]
  * abstractions/user-tmp: allow 'k' for files in tmp dirs (LP: #351275)

 -- Jamie Strandboge <email address hidden> Tue, 31 Mar 2009 09:57:57 -0500

Changed in apparmor:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers