首页 > 数据库> > ubuntu – 权限被拒绝写入mysql日志

ubuntu – 权限被拒绝写入mysql日志

2019-08-10 00:13:44 作者：互联网

我只是在Vagrant上测试一个新的Ubuntu(Vivid 15.04)安装,并且遇到mysql问题并登录到自定义位置.

在/ var / log / syslog中我得到了

/usr/bin/mysqld_safe：无法创建/var/log/mysqld.log：权限被拒绝

如果我ls -l / var我得到

drwxrwxr-x 10 root syslog 4096 Jun  8 19:52 log

如果我查看/ var / log文件不存在

我以为我暂时禁用apparmor只是为了隔离它是否是导致问题的其他东西,但不确定它是否仍然会产生问题(编辑：认为它可能仍然启用,所以不确定这是一个问题还是简单权限).

如果我尝试手动创建文件作为mysql我也被拒绝(我临时允许它bash访问测试,我会删除后).

touch /var/log/mysql.log
touch: cannot touch ‘/var/log/mysql.log’: Permission denied

如果我查看另一个正在运行的服务器(centos)它具有上述权限(并写为mysql用户),所以我想知道mysql通常如何获得访问/ var / log目录的权限,我怎么能得到它通过正常运行访问该文件夹？

这是我的mysql的apparmor配置文件


/usr/sbin/mysqld {
  #include 
  #include 
  #include 
  #include 
  #include 

  capability dac_override,
  capability sys_resource,
  capability setgid,
  capability setuid,

  network tcp,

  /etc/hosts.allow r,
  /etc/hosts.deny r,

  /etc/mysql/** r,
  /usr/lib/mysql/plugin/ r,
  /usr/lib/mysql/plugin/*.so* mr,
  /usr/sbin/mysqld mr,
  /usr/share/mysql/** r,
  /var/log/mysqld.log rw,
  /var/log/mysqld.err rw,
  /var/lib/mysql/ r,
  /var/lib/mysql/** rwk,
  /var/log/mysql/ r,
  /var/log/mysql/* rw,
  /var/run/mysqld/mysqld.pid rw,
  /var/run/mysqld/mysqld.sock w,
  /run/mysqld/mysqld.pid rw,
  /run/mysqld/mysqld.sock w,

  /sys/devices/system/cpu/ r,

/var/log/mysqld.log rw,

  # Site-specific additions and overrides. See local/README for details.
  #include 
}

我还将上面的文件添加到apparmor.d / disable directoru

注意：我添加了这行/var/log/mysqld.log rw,它原来不在那里,并且有相同的问题(在执行apparmor重载之后).


apparmor module is loaded.
5 profiles are loaded.
5 profiles are in enforce mode.
   /sbin/dhclient
   /usr/lib/NetworkManager/nm-dhcp-client.action
   /usr/lib/NetworkManager/nm-dhcp-helper
   /usr/lib/connman/scripts/dhclient-script
   /usr/sbin/tcpdump
0 profiles are in complain mode.
1 processes have profiles defined.
1 processes are in enforce mode.
   /sbin/dhclient (565) 
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.


Jun  8 20:33:33 vagrant-ubuntu-vivid-64 systemd[1]: Starting MySQL Community Server...
Jun  8 20:33:33 vagrant-ubuntu-vivid-64 mysqld_safe[11231]: 150608 20:33:33 mysqld_safe Logging to '/var/log/mysqld.log'.
Jun  8 20:33:33 vagrant-ubuntu-vivid-64 mysqld_safe[11231]: touch: cannot touch ‘/var/log/mysqld.log’: Permission denied
Jun  8 20:33:33 vagrant-ubuntu-vivid-64 mysqld_safe[11231]: chmod: cannot access ‘/var/log/mysqld.log’: No such file or directory
Jun  8 20:33:33 vagrant-ubuntu-vivid-64 mysqld_safe[11231]: 150608 20:33:33 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
Jun  8 20:33:33 vagrant-ubuntu-vivid-64 mysqld_safe[11231]: /usr/bin/mysqld_safe: 126: /usr/bin/mysqld_safe: cannot create /var/log/mysqld.log: Permission denied

解决方法:

在我看来,大多数人在/ var / log中创建一个名为mysql的目录,将该文件夹的所有者更改为mysql用户.

sudo mkdir /var/log/mysql
sudo chown mysql:mysql /var/log/mysql

应该这样做.请务必更新服务器的日志记录位置并重新启动它.在您测试了重新启用mysql的apparmor配置文件之后.

标签：mysql,ubuntu,permissions,files,apparmor
来源： https://codeday.me/bug/20190809/1634093.html