Bug#1042454: AW: [debian-mysql] Bug#1042454: mariadb-server ignores bind-address

[faus...@fala.red]

Hi!

"zanyfac...@t-online.de" ,
12/08/2023 – 10:11:19 (+0200):

> I have found the problem: /etc/mysql/ was only accessible by root.

Can you remember what the exact right was? On a clean install, it should
be like follow (debian11):

| $ stat /etc/mysql/
|   File: /etc/mysql/
|   Size: 4096  Blocks: 8  IO Block: 4096   directory
| Device: fe01h/65025d  Inode: 261437  Links: 4
| Access: (0755/drwxr-xr-x)  Uid: (0/root)   Gid: (0/root)
| Access: 2023-09-20 12:20:59.791411000 +0200
| Modify: 2023-09-20 11:20:09.50800 +0200
| Change: 2023-09-20 11:20:09.50800 +0200
|  Birth: 2023-09-20 11:19:44.82800 +0200
| $ ls -l /etc/mysql/
| total 24
| drwxr-xr-x 2 root root 4096 Sep 20 11:19 conf.d
| -rw--- 1 root root  544 Sep 20 11:20 debian.cnf
| -rwxr-xr-x 1 root root 1731 Feb 10  2023 debian-start
| -rw-r--r-- 1 root root 1126 Feb 10  2023 mariadb.cnf
| drwxr-xr-x 2 root root 4096 Sep 20 11:20 mariadb.conf.d
| lrwxrwxrwx 1 root root   24 Sep 20 11:19 my.cnf -> /etc/alternatives/my.cnf
| -rw-r--r-- 1 root root  839 Feb  8  2021 my.cnf.fallback
| $ ls -l /etc/mysql/mariadb.conf.d/
| total 20
| -rw-r--r-- 1 root root  575 Feb 10  2023 50-client.cnf
| -rw-r--r-- 1 root root  231 Feb 10  2023 50-mysql-clients.cnf
| -rw-r--r-- 1 root root  927 Feb 10  2023 50-mysqld_safe.cnf
| -rw-r--r-- 1 root root 3666 Feb 10  2023 50-server.cnf
| -rw-r--r-- 1 root root  570 Feb 10  2023 60-galera.cnf

So the mysql user shouldn't have any problem reading the configuration
files.

-- 
Faustin
GPG: F652 BCD1 1AA8 8975 F010 48A5 390A 2F27 832A 5C79


signature.asc
Description: PGP signature

Bug#1042454: AW: [debian-mysql] Bug#1042454: mariadb-server ignores bind-address

[zanyfac...@t-online.de]

I have found the problem: /etc/mysql/ was only accessible by root. On Bullseye 
that wasn't a problem because I had SysV Init and apparently mariadb was 
started as root initially. The upgrade to Bookworm enforced systemd and now 
mariadb is started as mysql directly.

Unfortunately, mariadb didn't complain about missing permissions in any way.


Bug#1042454: AW: [debian-mysql] Bug#1042454: mariadb-server ignores bind-address

[zanyfac...@t-online.de]

# grep -r bind-address /etc/mysql/
/etc/mysql/my.cnf.migrated:# bind-address   = 127.0.0.1
/etc/mysql/mariadb.conf.d/60-galera.cnf:#bind-address = 0.0.0.0
/etc/mysql/mariadb.conf.d/50-server.cnf:bind-address= 127.0.0.1


You can see that the other two are commented out.

I also noticed that skip-networking is ignored.