pool/mariadb
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity

Compare commits

merge into: pool:slfo-main
Branches Tags
pool:factory pool:slfo-1.2 pool:slfo-main
...
pull from: pool:slfo-1.2
Branches Tags
pool:factory pool:slfo-1.2 pool:slfo-main

2 Commits
slfo-main ... slfo-1.2

Author SHA256 Message Date
Robert Frohl
3ee3df9cce Fix incomplete SELinux labels during database update (bsc#1255024) 2026-01-30 16:10:11 +01:00
Robert Frohl
c814895813 make 'mysql-systemd-helper upgrade' selinux aware (bsc#1255024) 2026-01-12 15:06:57 +01:00
3 changed files with 23 additions and 1 deletions
Expand all files Collapse all files

10
mariadb.changes
View File

@@ -1,3 +1,13 @@
-------------------------------------------------------------------
Thu Jan 29 16:39:57 UTC 2026 - Robert Frohl <rfrohl@suse.com>
- Fix incomplete SELinux labels during database update (bsc#1255024)
-------------------------------------------------------------------
Thu Dec 18 14:29:29 UTC 2025 - Robert Frohl <rfrohl@suse.com>
- make 'mysql-systemd-helper upgrade' selinux aware (bsc#1255024)
-------------------------------------------------------------------
Fri Dec 12 15:34:53 UTC 2025 - Antonio Teixeira <antonio.teixeira@suse.com>

3
mariadb.spec
View File

@@ -149,6 +149,9 @@ Requires: perl-base
Requires: python3-mysqlclient
Requires: user(mysql)
Requires(post): permissions
# selinux dependencies for mysql-systemd-helper
Requires: (selinux-tools if selinux-policy)
Requires: (policycoreutils if selinux-policy)
# Require mysql user
Requires(pre): user(mysql)
Recommends: logrotate

11
mysql-systemd-helper
View File

@@ -97,6 +97,9 @@ mysql_upgrade() {
# Create a secure tmp dir
chown --no-dereference "$mysql_daemon_user:$mysql_daemon_group" "$protected" || die "Failed to set group/user to '$protected'"
chmod 0700 "$protected" || die "Failed to set permissions to '$protected'"
if command -v selinuxenabled > /dev/null && selinuxenabled; then
restorecon -R "$protected"
fi
# Run protected MySQL accessible only though socket in our directory
echo "Running protected MySQL... "
@@ -114,8 +117,14 @@ mysql_upgrade() {
# Run upgrade itself
echo "Running upgrade itself..."
echo "It will do some chek first and report all errors and tries to correct them"
echo "It will do some check first and report all errors and tries to correct them"
echo
# Needed to fix wrongly labled $datadir, breaking database updates with SELinux
# this is a quick interim fix and can be removed once the directories are label
# correctly during package install.
if which selinuxenabled > /dev/null && selinuxenabled; then
restorecon -R "$datadir/"
fi
if /usr/bin/mysql_upgrade --force --socket="$protected/mysql.sock"; then
echo "Everything upgraded successfully"
up_ok=""