ubuntu – 权限被拒绝写入mysql日志
作者:互联网
我只是在Vagrant上测试一个新的Ubuntu(Vivid 15.04)安装,并且遇到mysql问题并登录到自定义位置.
在/ var / log / syslog中我得到了
/usr/bin/mysqld_safe:无法创建/var/log/mysqld.log:权限被拒绝
如果我ls -l / var我得到
drwxrwxr-x 10 root syslog 4096 Jun 8 19:52 log
如果我查看/ var / log文件不存在
我以为我暂时禁用apparmor只是为了隔离它是否是导致问题的其他东西,但不确定它是否仍然会产生问题(编辑:认为它可能仍然启用,所以不确定这是一个问题还是简单权限).
如果我尝试手动创建文件作为mysql我也被拒绝(我临时允许它bash访问测试,我会删除后).
touch /var/log/mysql.log
touch: cannot touch ‘/var/log/mysql.log’: Permission denied
如果我查看另一个正在运行的服务器(centos)它具有上述权限(并写为mysql用户),所以我想知道mysql通常如何获得访问/ var / log目录的权限,我怎么能得到它通过正常运行访问该文件夹?
这是我的mysql的apparmor配置文件
/usr/sbin/mysqld {
#include
#include
#include
#include
#include
capability dac_override,
capability sys_resource,
capability setgid,
capability setuid,
network tcp,
/etc/hosts.allow r,
/etc/hosts.deny r,
/etc/mysql/** r,
/usr/lib/mysql/plugin/ r,
/usr/lib/mysql/plugin/*.so* mr,
/usr/sbin/mysqld mr,
/usr/share/mysql/** r,
/var/log/mysqld.log rw,
/var/log/mysqld.err rw,
/var/lib/mysql/ r,
/var/lib/mysql/** rwk,
/var/log/mysql/ r,
/var/log/mysql/* rw,
/var/run/mysqld/mysqld.pid rw,
/var/run/mysqld/mysqld.sock w,
/run/mysqld/mysqld.pid rw,
/run/mysqld/mysqld.sock w,
/sys/devices/system/cpu/ r,
/var/log/mysqld.log rw,
# Site-specific additions and overrides. See local/README for details.
#include
}
我还将上面的文件添加到apparmor.d / disable directoru
注意:我添加了这行/var/log/mysqld.log rw,它原来不在那里,并且有相同的问题(在执行apparmor重载之后).
apparmor module is loaded.
5 profiles are loaded.
5 profiles are in enforce mode.
/sbin/dhclient
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/NetworkManager/nm-dhcp-helper
/usr/lib/connman/scripts/dhclient-script
/usr/sbin/tcpdump
0 profiles are in complain mode.
1 processes have profiles defined.
1 processes are in enforce mode.
/sbin/dhclient (565)
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
Jun 8 20:33:33 vagrant-ubuntu-vivid-64 systemd[1]: Starting MySQL Community Server...
Jun 8 20:33:33 vagrant-ubuntu-vivid-64 mysqld_safe[11231]: 150608 20:33:33 mysqld_safe Logging to '/var/log/mysqld.log'.
Jun 8 20:33:33 vagrant-ubuntu-vivid-64 mysqld_safe[11231]: touch: cannot touch ‘/var/log/mysqld.log’: Permission denied
Jun 8 20:33:33 vagrant-ubuntu-vivid-64 mysqld_safe[11231]: chmod: cannot access ‘/var/log/mysqld.log’: No such file or directory
Jun 8 20:33:33 vagrant-ubuntu-vivid-64 mysqld_safe[11231]: 150608 20:33:33 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
Jun 8 20:33:33 vagrant-ubuntu-vivid-64 mysqld_safe[11231]: /usr/bin/mysqld_safe: 126: /usr/bin/mysqld_safe: cannot create /var/log/mysqld.log: Permission denied
解决方法:
在我看来,大多数人在/ var / log中创建一个名为mysql的目录,将该文件夹的所有者更改为mysql用户.
sudo mkdir /var/log/mysql
sudo chown mysql:mysql /var/log/mysql
应该这样做.请务必更新服务器的日志记录位置并重新启动它.在您测试了重新启用mysql的apparmor配置文件之后.
标签:mysql,ubuntu,permissions,files,apparmor 来源: https://codeday.me/bug/20190809/1634093.html