I am trying to enable SSL for MySQL in my LAMP server container. I followed:
https://mifosforge.jira.com/wiki/display/MIFOS/How+to+enable+MySQL+SSL+on+Ubuntu Went through all the key steps. But still no SSL... mysql> show variables like "%ssl%"; +---------------+----------------------------+ | Variable_name | Value | +---------------+----------------------------+ | have_openssl | DISABLED | | have_ssl | DISABLED | | ssl_ca | /etc/mysql/ca-cert.pem | | ssl_capath | | | ssl_cert | /etc/mysql/server-cert.pem | | ssl_cipher | | | ssl_key | /etc/mysql/server-key.pem | +---------------+----------------------------+ 7 rows in set (0.08 sec) mysql> So I look around and found http://ubuntuforums.org/showthread.php?t=1121458 which looks like the solution that apparmor is blocking this So I edit /etc/apparmor.d/usr.sbin.mysqld ubuntu@LAMPServer:~$ more /etc/apparmor.d/usr.sbin.mysqld # vim:syntax=apparmor # Last Modified: Tue Jun 19 17:37:30 2007 #include <tunables/global> /usr/sbin/mysqld { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> #include <abstractions/mysql> #include <abstractions/winbind> capability dac_override, capability sys_resource, capability setgid, capability setuid, network tcp, /etc/hosts.allow r, /etc/hosts.deny r, /etc/mysql/*.pem r, /etc/mysql/*.crt r, /etc/mysql/*.key r, /etc/mysql/conf.d/ r, /etc/mysql/conf.d/* r, /etc/mysql/*.cnf r, /usr/lib/mysql/plugin/ r, /usr/lib/mysql/plugin/*.so* mr, /usr/sbin/mysqld mr, /usr/share/mysql/** r, /var/log/mysql.log rw, /var/log/mysql.err rw, /var/lib/mysql/ r, /var/lib/mysql/** rwk, /var/log/mysql/ r, /var/log/mysql/* rw, /var/run/mysqld/mysqld.pid w, /var/run/mysqld/mysqld.sock w, /run/mysqld/mysqld.pid w, /run/mysqld/mysqld.sock w, /sys/devices/system/cpu/ r, # Site-specific additions and overrides. See local/README for details. #include <local/usr.sbin.mysqld> } ubuntu@LAMPServer:~$ Still disabled.... Ok reload the profiles... Ok... none of the commands I have for that seem to work... ubuntu@LAMPServer:~$ sudo service apparmor restart [sudo] password for ubuntu: apparmor: unrecognized service ubuntu@LAMPServer:~$ sudo apparmor_status sudo: apparmor_status: command not found ubuntu@LAMPServer:~$ sudo apparmor_status sudo: apparmor_status: command not found ubuntu@LAMPServer:~$ sudo invoke-rc.d apparmor reload invoke-rc.d: unknown initscript, /etc/init.d/apparmor not found. ubuntu@LAMPServer:~$ sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.mysqld sudo: apparmor_parser: command not found ubuntu@LAMPServer:~$ Short of shutting the container down and restarting, which doesn't seem very "Linux-y" ? ? ? Clues hints, clubs, tar, pitchfork... ? ? ? Thanks! ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
