Skip to content

Conversation

@grooverdan
Copy link
Member

  • The Jira issue number for this PR is: MDEV-37726

Description

After moving the systemd service to using environment files instead of systemctl set-environment in 11.6 (MDEV-19210), they (wsrep-new-cluster and wsrep-start-position) are located in /var/lib/mysql along with the socket file in
Fedora/RHEL-based distros. This causes them to have incorrect selinux permissions and therefore be not readable by systemd.

A solution is to generate these files in the run directory, instead, which already has correct selinux label mysqld_var_run_t mysql-selinux-1.0.12. Dissociating these files and the socket in CMake configs can also prove useful for other things.

This also corrects some of the duplicate code in the build scripts and made INSTALL_RUNDATADIR into a proper location and used this for the tmpfiles where the temporary files are created.

Moved Debian's location from the /run/mysqld/ (previously based on INSTALL_UNIX_ADDRDIR), to /run/mariadb as its a temporary location controlled by tmpfiles.

Release Notes

per JIRA entry

How can this PR be tested?

Run galera_new_cluster on Selinux enabled Fedora/RHEL.

Basing the PR against the correct MariaDB version

  • This is a new feature or a refactoring, and the PR is based against the main branch.
  • This is a bug fix, and the PR is based against the earliest maintained branch in which the bug can be reproduced.

PR quality check

  • I checked the CODING_STANDARDS.md file and my PR conforms to this where appropriate.
  • For any trivial modifications to the PR, I am ok with the reviewer making the changes themselves.

…ory with wrong selinux permissions

After moving the systemd service to using environment files
instead of `systemctl set-environment` in 11.6 (MDEV-19210),
they (wsrep-new-cluster and wsrep-start-position) are located
in /var/lib/mysql along with the socket file in
Fedora/RHEL-based distros. This causes them to have incorrect
selinux permissions and therefore be not readable by systemd.

A solution is to generate these files in the run directory,
instead, which already has correct selinux label mysqld_var_run_t
mysql-selinux-1.0.12. Dissociating these files and the socket
in CMake configs can also prove useful for other things.

This also corrects some of the duplicate code in the build
scripts and made INSTALL_RUNDATADIR into a proper location
and used this for the tmpfiles where the temporary files
are created.

Moved Debian's location from the /run/mysqld/ (previously
based on INSTALL_UNIX_ADDRDIR), to /run/mariadb as its
a temporary location controlled by tmpfiles.
@grooverdan grooverdan requested a review from ottok September 24, 2025 21:23
@grooverdan grooverdan added the MariaDB Foundation Pull requests created by MariaDB Foundation label Sep 24, 2025
@grooverdan
Copy link
Member Author

@eworm-de happy with the variant of your original contribution?

@eworm-de
Copy link
Contributor

In Arch Linux we have -DINSTALL_UNIX_ADDRDIR=/run/mysqld/mysqld.sock, which results in the files being placed in /run/mysqld/. So yes, this is exactly as intended. (Actually I have not been aware that the socket is placed in /var/lib/mysql/ for rpm packages...)

Happy with this, please go ahead! Thanks!

@pkhartsk
Copy link

Scratch builds in fedora rawhide succeed and after starting/connecting to/using galera locally, it seems to work as expected.

@grooverdan
Copy link
Member Author

moving this over to #4329 as others wanted a 10.11 fix of the original env file based galera bootstrap.

@eworm-de
Copy link
Contributor

eworm-de commented Oct 1, 2025

Oh! So this will make its way into 11.4 branch (11.4.9) as well?

@grooverdan
Copy link
Member Author

Oh! So this will make its way into 11.4 branch (11.4.9) as well?

If the reviewers are happy, yes.

@grooverdan
Copy link
Member Author

because #4329 superseeds this putting this to draft.

@grooverdan grooverdan marked this pull request as draft October 14, 2025 05:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

MariaDB Foundation Pull requests created by MariaDB Foundation

Development

Successfully merging this pull request may close these issues.

3 participants