Your message dated Wed, 09 Mar 2016 22:02:05 +0000 with message-id <e1admbb-0003tc...@franck.debian.org> and subject line Bug#811158: Removed package(s) from unstable has caused the Debian Bug report #752593, regarding mysql-server-5.5: should not test if root is writable to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 752593: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752593 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: mysql-server-5.5 Version: 5.5.37-1 Severity: normal Tags: patch For some reason mysqld_safe tests if the root directory is writable. I can't work out why this is and in any case it's reundant as the other test (for USER being root) passes in the normal Debian configuration. type=AVC msg=audit(1403622580.061:96): avc: denied { write } for pid=1331 comm="mysqld_safe" name="/" dev="dm-0" ino=256 scontext=system_u:system_r:mysqld_safe_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir type=SYSCALL msg=audit(1403622580.061:96): arch=c000003e syscall=269 success=yes exit=0 a0=ffffffffffffff9c a1=7f5e09bfe798 a2=2 a3=2 items=0 ppid=1109 pid=1331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mysqld_safe" exe="/bin/dash" subj=system_u:system_r:mysqld_safe_t:s0 key=(null) On a SE Linux system the above messages are logged every time mysqld is started. I could put in a dontaudit rule for that but I prefer not to do that because if mysqld_safe tries any other form of writing to the root directory then it would be a bug that we should know about (and prevent). The following patch makes no change to the functionality of mysqld startup on a default Debian configuration while avoiding this problem. It's probably worth considering whether the test even makes sense, but if it does make sense then it's best to have it after the UID test. --- mysqld_safe.orig 2014-06-25 11:37:02.394406559 +1000 +++ mysqld_safe 2014-06-25 11:37:24.442599244 +1000 @@ -585,7 +585,7 @@ fi USER_OPTION="" -if test -w / -o "$USER" = "root" +if "$USER" = "root" -o test -w / then if test "$user" != "root" -o $SET_USER = 1 then -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.14-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages mysql-server-5.5 depends on: ii adduser 3.113+nmu3 ii debconf [debconf-2.0] 1.5.53 ii initscripts 2.88dsf-53.2 ii libc6 2.19-4 ii libdbi-perl 1.631-3 ii libgcc1 1:4.9.0-7 ii libstdc++6 4.9.0-7 ii lsb-base 4.1+Debian13 ii mysql-client-5.5 5.5.37-1 ii mysql-common 5.5.37-1 ii mysql-server-core-5.5 5.5.37-1 ii passwd 1:4.2-2 ii perl 5.18.2-4 ii psmisc 22.21-2 ii zlib1g 1:1.2.8.dfsg-1 Versions of packages mysql-server-5.5 recommends: pn libhtml-template-perl <none> Versions of packages mysql-server-5.5 suggests: ii bsd-mailx [mailx] 8.1.2-0.20131005cvs-1 pn tinyca <none> -- debconf information: mysql-server/root_password_again: (password omitted) mysql-server/root_password: (password omitted) mysql-server/no_upgrade_when_using_ndb: mysql-server/error_setting_password: mysql-server/password_mismatch: mysql-server-5.5/postrm_remove_databases: false mysql-server-5.5/start_on_boot: true mysql-server-5.5/nis_warning: mysql-server-5.5/really_downgrade: false
--- End Message ---
--- Begin Message ---Version: 5.5.46-0+deb8u1+rm Dear submitter, as the package mysql-5.5 has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/811158 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Scott Kitterman (the ftpmaster behind the curtain)
--- End Message ---
