AppArmor rules cause tmp table problem

Bug #351275 reported by Cafuego
2
Affects Status Importance Assigned to Milestone
apparmor (Ubuntu)
Fix Released
Undecided
Jamie Strandboge

Bug Description

I installed Jaunty (mythbuntu) yesterday and tweaked my mysql configuration to have the server use InnoDB. When I then ran mysql_convert_table_format on a database, apparmor started logging permission issues on temporary tables.

The perms on all mysql directories are fine and when I turned apparmor off MySQL stopped complaining.

$ lsb_release -rd
Description: Ubuntu jaunty (development branch)
Release: 9.04

$ apt-cache policy mysql-server-5.0
mysql-server-5.0:
  Installed: 5.1.30really5.0.75-0ubuntu9
  Candidate: 5.1.30really5.0.75-0ubuntu9
  Version table:
 *** 5.1.30really5.0.75-0ubuntu9 0
        500 http://au.archive.ubuntu.com jaunty/main Packages
        100 /var/lib/dpkg/status

syslog:

Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: Unable to lock /tmp/#sql4b3d_2e_0.ibd, error: 13
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: Check that you do not already have another mysqld process
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: using the same InnoDB data or log files.
Mar 30 08:57:33 mythtv mysqld[19263]: 090330 8:57:33 InnoDB: Error creating file '/tmp/#sql4b3d_2e_0.ibd'.
Mar 30 08:57:33 mythtv mysqld[19263]: 090330 8:57:33 InnoDB: Operating system error number 13 in a file operation.
Mar 30 08:57:33 mythtv kernel: [55954.747069] type=1503 audit(1238363853.710:58): operation="file_lock" requested_mask="wk::" denied_mask="k::" fsuid=103 name="/tmp/#sql4b3d_2e_0.ibd" pid=22943 profile="/usr/sbin/mysqld"
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: The error means mysqld does not have the access rights to
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: the directory.
Mar 30 08:57:33 mythtv mysqld[19263]: 090330 8:57:33 InnoDB: Error: table `tmp/#sql4b3d_2e_0` does not exist in the InnoDB internal
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: data dictionary though MySQL is trying to drop it.
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: Have you copied the .frm file of the table to the
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: MySQL database directory from another database?
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: You can look for further help from
Mar 30 08:57:33 mythtv mysqld[19263]: InnoDB: http://dev.mysql.com/doc/refman/5.0/en/innodb-troubleshooting.html
Mar 30 08:57:33 mythtv mysqld[19263]: 090330 8:57:33 [Warning] Could not remove tmp table: '/tmp/#sql4b3d_2e_0', error: -1

Tags: apparmor

Related branches

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

This should really be fixed in the apparmor user-tmp abstraction. Moving to apparmor.

Changed in mysql-dfsg-5.0:
status: New → Triaged
Changed in apparmor:
assignee: nobody → jdstrand
status: Triaged → Fix Committed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for using Ubuntu and taking the time to report a bug. I've committed this to bzr and it will be a part of the next apparmor upload.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.3+1289-0ubuntu13

---------------
apparmor (2.3+1289-0ubuntu13) jaunty; urgency=low

  [ Kees Cook ]
  * abstractions/gnome: allow /proc/$pid/mounts for gvfs.
  * abstractions/python: clean up allowed paths (LP: #350820), thanks to
    Jonathan Davies.

  [ Jamie Strandboge ]
  * abstractions/user-tmp: allow 'k' for files in tmp dirs (LP: #351275)

 -- Jamie Strandboge <email address hidden> Tue, 31 Mar 2009 09:57:57 -0500

Changed in apparmor:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.