Jcrespo has submitted this change and it was merged.

Change subject: mariadb:Create a systemd unit & init.d script for new package
......................................................................


mariadb:Create a systemd unit & init.d script for new package

The systemd unit has been on purpose not included on the package
so it can be handled by puppet. The config changes should also help
securize running mysqld.

The only configurable variables are for now @basedir and
@open_files_limit (that last one only on systemd).

Until we upgrade to 10.1 or 5.7 and get rid of trustys, we will
continue using init.d due to the lack of support on the older
(for us, current) versions for systemd.

Bug: T147305
Change-Id: I23cee27c8e86c94dc830cde799a50955f9513c9b
---
A manifests/service.pp
A templates/mariadb.server.erb
A templates/mariadb.service.erb
3 files changed, 634 insertions(+), 0 deletions(-)

Approvals:
  Jcrespo: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/manifests/service.pp b/manifests/service.pp
new file mode 100644
index 0000000..beec118
--- /dev/null
+++ b/manifests/service.pp
@@ -0,0 +1,33 @@
+# Make /etc/init/mysql managed by puppet. This allows us to make quick
+# changes to harden the wrapper without rebuilding the custom wmf-mariabd10
+# package
+# Once all trusty dbs are gone, we can hopefully discard init.d in favour
+# of a custom systemd service unit
+class mariadb::service (
+    $package = 'wmf-mariadb10',
+    ) {
+
+    $basedir = "/opt/${package}"
+    file { "${basedir}/service":
+        ensure  => present,
+        owner   => 'root',
+        group   => 'root',
+        mode    => '0755',
+        content => template('mariadb.server.erb'),
+        require => Package["${package}"],
+    }
+
+    file { '/etc/init.d/mysql':
+        ensure  => 'link',
+        target  => "${basedir}/service",
+        require => "${basedir}/service",
+    }
+
+    file { '/etc/init.d/mariadb':
+        ensure  => 'link',
+        target  => "${basedir}/service",
+        require => "${basedir}/service",
+    }
+
+    # MySQL DOES NOT START BY DEFAULT- do not register it automatically
+}
diff --git a/templates/mariadb.server.erb b/templates/mariadb.server.erb
new file mode 100644
index 0000000..e651b8e
--- /dev/null
+++ b/templates/mariadb.server.erb
@@ -0,0 +1,446 @@
+#!/bin/sh
+# Copyright Abandoned 1996 TCX DataKonsult AB & Monty Program KB & Detron HB
+# This file is public domain and comes with NO WARRANTY of any kind
+
+# MySQL daemon start/stop script.
+
+# Usually this is put in /etc/init.d (at least on machines SYSV R4 based
+# systems) and linked to /etc/rc3.d/S99mysql and /etc/rc0.d/K01mysql.
+# When this is done the mysql server will be started when the machine is
+# started and shut down when the systems goes down.
+
+# Comments to support chkconfig on RedHat Linux
+# chkconfig: 2345 64 36
+# description: A very fast and reliable SQL database engine.
+
+# Comments to support LSB init script conventions
+### BEGIN INIT INFO
+# Provides: mysql
+# Required-Start: $local_fs $network $remote_fs
+# Should-Start: ypbind nscd ldap ntpd xntpd
+# Required-Stop: $local_fs $network $remote_fs
+# Default-Start:  2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: start and stop MySQL
+# Description: MySQL is a very fast and reliable SQL database engine.
+### END INIT INFO
+ 
+# If you install MySQL on some other places than /usr, then you
+# have to do one of the following things for this script to work:
+#
+# - Run this script from within the MySQL installation directory
+# - Create a /etc/my.cnf file with the following information:
+#   [mysqld]
+#   basedir=<path-to-mysql-installation-directory>
+# - Add the above to any other configuration file (for example ~/.my.ini)
+#   and copy my_print_defaults to /usr/local/bin
+# - Add the path to the mysql-installation-directory to the basedir variable
+#   below.
+#
+# If you want to affect other MySQL variables, you should make your changes
+# in the /etc/my.cnf, ~/.my.cnf or other MySQL configuration files.
+
+# If you change base dir, you must also change datadir. These may get
+# overwritten by settings in the MySQL configuration files.
+
+basedir="<%= @basedir -%>"
+datadir=
+
+# Default value, in seconds, afterwhich the script should timeout waiting
+# for server start. 
+# Value here is overriden by value in my.cnf. 
+# 0 means don't wait at all
+# Negative numbers mean to wait indefinitely
+service_startup_timeout=900
+
+# The following variables are only set for letting mysql.server find things.
+
+# Set some defaults
+pid_file=
+server_pid_file=
+use_mysqld_safe=1
+user=mysql
+if test -z "$basedir"
+then
+  basedir=/usr/local
+  bindir=./bin
+  if test -z "$datadir"
+  then
+    datadir=/var/lib/mysql
+  fi
+  sbindir=./bin
+  libexecdir=./bin
+else
+  bindir="$basedir/bin"
+  if test -z "$datadir"
+  then
+    datadir="$basedir/data"
+  fi
+  sbindir="$basedir/sbin"
+  libexecdir="$basedir/libexec"
+fi
+
+echo $basedir
+
+# datadir_set is used to determine if datadir was set (and so should be
+# *not* set inside of the --basedir= handler.)
+datadir_set=
+
+#
+# Use LSB init script functions for printing messages, if possible
+#
+lsb_functions="/lib/lsb/init-functions"
+if test -f $lsb_functions ; then
+  . $lsb_functions
+else
+  log_success_msg()
+  {
+    echo " SUCCESS! $@"
+  }
+  log_failure_msg()
+  {
+    echo " ERROR! $@"
+  }
+fi
+
+PATH=/sbin:/usr/local/sbin:/bin:/usr/bin:$basedir/bin
+export PATH
+
+mode=$1    # start or stop
+shift
+other_args="$*"   # uncommon, but needed when called from an RPM upgrade action
+           # Expected: "--skip-networking --skip-grant-tables"
+           # They are not checked here, intentionally, as it is the 
resposibility
+           # of the "spec" file author to give correct arguments only.
+
+case `echo "testing\c"`,`echo -n testing` in
+    *c*,-n*) echo_n=   echo_c=     ;;
+    *c*,*)   echo_n=-n echo_c=     ;;
+    *)       echo_n=   echo_c='\c' ;;
+esac
+
+parse_server_arguments() {
+  for arg do
+    case "$arg" in
+      --basedir=*)  basedir=`echo "$arg" | sed -e 's/^[^=]*=//'`
+                    bindir="$basedir/bin"
+                   if test -z "$datadir_set"; then
+                     datadir="$basedir/data"
+                   fi
+                   sbindir="$basedir/sbin"
+                   libexecdir="$basedir/libexec"
+        ;;
+      --datadir=*)  datadir=`echo "$arg" | sed -e 's/^[^=]*=//'`
+                   datadir_set=1
+       ;;
+      --user=*)  user=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
+      --pid-file=*) server_pid_file=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
+      --service-startup-timeout=*) service_startup_timeout=`echo "$arg" | sed 
-e 's/^[^=]*=//'` ;;
+      --use-mysqld_safe) use_mysqld_safe=1;;
+      --use-manager)     use_mysqld_safe=0;;
+    esac
+  done
+}
+
+parse_manager_arguments() {
+  for arg do
+    case "$arg" in
+      --pid-file=*) pid_file=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
+      --user=*)  user=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
+    esac
+  done
+}
+
+wait_for_pid () {
+  verb="$1"
+  manager_pid="$2"  # process ID of the program operating on the pid-file
+  i=0
+  avoid_race_condition="by checking again"
+  while test $i -ne $service_startup_timeout ; do
+
+    case "$verb" in
+      'created')
+        # wait for a PID-file to pop into existence.
+        test -s $pid_file && i='' && break
+        ;;
+      'removed')
+        # wait for this PID-file to disappear
+        test ! -s $pid_file && i='' && break
+        ;;
+      *)
+        echo "wait_for_pid () usage: wait_for_pid created|removed manager_pid"
+        exit 1
+        ;;
+    esac
+
+    # if manager isn't running, then pid-file will never be updated
+    if test -n "$manager_pid"; then
+      if kill -0 "$manager_pid" 2>/dev/null; then
+        :  # the manager still runs
+      else
+        # The manager may have exited between the last pid-file check and now. 
 
+        if test -n "$avoid_race_condition"; then
+          avoid_race_condition=""
+          continue  # Check again.
+        fi
+
+        # there's nothing that will affect the file.
+        log_failure_msg "Manager of pid-file quit without updating file."
+        return 1  # not waiting any more.
+      fi
+    fi
+
+    echo $echo_n ".$echo_c"
+    i=`expr $i + 1`
+    sleep 1
+  done
+
+  if test -z "$i" ; then
+    log_success_msg
+    return 0
+  else
+    log_failure_msg
+    return 1
+  fi
+}
+
+# Get arguments from the my.cnf file,
+# the only group, which is read from now on is [mysqld]
+if test -x ./bin/my_print_defaults
+then
+  print_defaults="./bin/my_print_defaults"
+elif test -x $bindir/my_print_defaults
+then
+  print_defaults="$bindir/my_print_defaults"
+elif test -x $bindir/mysql_print_defaults
+then
+  print_defaults="$bindir/mysql_print_defaults"
+else
+  # Try to find basedir in /etc/my.cnf
+  conf=/etc/my.cnf
+  print_defaults=
+  if test -r $conf
+  then
+    subpat='^[^=]*basedir[^=]*=\(.*\)$'
+    dirs=`sed -e "/$subpat/!d" -e 's//\1/' $conf`
+    for d in $dirs
+    do
+      d=`echo $d | sed -e 's/[         ]//g'`
+      if test -x "$d/bin/my_print_defaults"
+      then
+        print_defaults="$d/bin/my_print_defaults"
+        break
+      fi
+      if test -x "$d/bin/mysql_print_defaults"
+      then
+        print_defaults="$d/bin/mysql_print_defaults"
+        break
+      fi
+    done
+  fi
+
+  # Hope it's in the PATH ... but I doubt it
+  test -z "$print_defaults" && print_defaults="my_print_defaults"
+fi
+
+#
+# Read defaults file from 'basedir'.   If there is no defaults file there
+# check if it's in the old (depricated) place (datadir) and read it from there
+#
+
+extra_args=""
+if test -r "$basedir/my.cnf"
+then
+  extra_args="-e $basedir/my.cnf"
+else
+  if test -r "$datadir/my.cnf"
+  then
+    extra_args="-e $datadir/my.cnf"
+  fi
+fi
+
+parse_server_arguments `$print_defaults $extra_args mysqld server mysql_server 
mysql.server`
+
+# Look for the pidfile 
+parse_manager_arguments `$print_defaults $extra_args manager`
+
+#
+# Set pid file if not given
+#
+if test -z "$pid_file"
+then
+  pid_file=$datadir/mysqlmanager-`/bin/hostname`.pid
+else
+  case "$pid_file" in
+    /* ) ;;
+    * )  pid_file="$datadir/$pid_file" ;;
+  esac
+fi
+if test -z "$server_pid_file"
+then
+  server_pid_file=$datadir/`/bin/hostname`.pid
+else
+  case "$server_pid_file" in
+    /* ) ;;
+    * )  server_pid_file="$datadir/$server_pid_file" ;;
+  esac
+fi
+
+case "$mode" in
+  'start')
+    # Start daemon
+
+    # Safeguard (relative paths, core dumps..)
+    cd $basedir
+
+    manager=$bindir/mysqlmanager
+    if test -x $libexecdir/mysqlmanager
+    then
+      manager=$libexecdir/mysqlmanager
+    elif test -x $sbindir/mysqlmanager
+    then
+      manager=$sbindir/mysqlmanager
+    fi
+
+    echo $echo_n "Starting MySQL"
+    if test -x $manager -a "$use_mysqld_safe" = "0"
+    then
+      if test -n "$other_args"
+      then
+        log_failure_msg "MySQL manager does not support options '$other_args'"
+        exit 1
+      fi
+      # Give extra arguments to mysqld with the my.cnf file. This script may
+      # be overwritten at next upgrade.
+      "$manager" \
+        --mysqld-safe-compatible \
+        --user="$user" \
+        --pid-file="$pid_file" >/dev/null 2>&1 &
+      wait_for_pid created $!; return_value=$?
+
+      # Make lock for RedHat / SuSE
+      if test -w /var/lock/subsys
+      then
+        touch /var/lock/subsys/mysqlmanager
+      fi
+      exit $return_value
+    elif test -x $bindir/mysqld_safe
+    then
+      # Give extra arguments to mysqld with the my.cnf file. This script
+      # may be overwritten at next upgrade.
+      pid_file=$server_pid_file
+      $bindir/mysqld_safe --datadir=$datadir --pid-file=$server_pid_file 
$other_args >/dev/null 2>&1 &
+      wait_for_pid created $!; return_value=$?
+
+      # Make lock for RedHat / SuSE
+      if test -w /var/lock/subsys
+      then
+        touch /var/lock/subsys/mysql
+      fi
+      exit $return_value
+    else
+      log_failure_msg "Couldn't find MySQL manager ($manager) or server 
($bindir/mysqld_safe)"
+    fi
+    ;;
+
+  'stop')
+    # Stop daemon. We use a signal here to avoid having to know the
+    # root password.
+
+    # The RedHat / SuSE lock directory to remove
+    lock_dir=/var/lock/subsys/mysqlmanager
+
+    # If the manager pid_file doesn't exist, try the server's
+    if test ! -s "$pid_file"
+    then
+      pid_file=$server_pid_file
+      lock_dir=/var/lock/subsys/mysql
+    fi
+
+    if test -s "$pid_file"
+    then
+      mysqlmanager_pid=`cat $pid_file`
+      
+      if (kill -0 $mysqlmanager_pid 2>/dev/null)
+      then
+        echo $echo_n "Shutting down MySQL"
+        kill $mysqlmanager_pid
+        # mysqlmanager should remove the pid_file when it exits, so wait for 
it.
+        wait_for_pid removed "$mysqlmanager_pid"; return_value=$?
+      else
+        log_failure_msg "MySQL manager or server process #$mysqlmanager_pid is 
not running!"
+        rm $pid_file
+      fi
+      
+      # delete lock for RedHat / SuSE
+      if test -f $lock_dir
+      then
+        rm -f $lock_dir
+      fi
+      exit $return_value
+    else
+      log_failure_msg "MySQL manager or server PID file could not be found!"
+    fi
+    ;;
+
+  'restart')
+    # Stop the service and regardless of whether it was
+    # running or not, start it again.
+    if $0 stop  $other_args; then
+      $0 start $other_args
+    else
+      log_failure_msg "Failed to stop running server, so refusing to try to 
start."
+      exit 1
+    fi
+    ;;
+
+  'reload'|'force-reload')
+    if test -s "$server_pid_file" ; then
+      read mysqld_pid <  $server_pid_file
+      kill -HUP $mysqld_pid && log_success_msg "Reloading service MySQL"
+      touch $server_pid_file
+    else
+      log_failure_msg "MySQL PID file could not be found!"
+      exit 1
+    fi
+    ;;
+  'status')
+    # First, check to see if pid file exists
+    if test -s "$server_pid_file" ; then 
+      read mysqld_pid < $server_pid_file
+      if kill -0 $mysqld_pid 2>/dev/null ; then 
+        log_success_msg "MySQL running ($mysqld_pid)"
+        exit 0
+      else
+        log_failure_msg "MySQL is not running, but PID file exists"
+        exit 1
+      fi
+    else
+      # Try to find appropriate mysqld process
+      mysqld_pid=`pidof $libexecdir/mysqld`
+      if test -z $mysqld_pid ; then 
+        if test "$use_mysqld_safe" = "0" ; then 
+          lockfile=/var/lock/subsys/mysqlmanager
+        else
+          lockfile=/var/lock/subsys/mysql
+        fi 
+        if test -f $lockfile ; then 
+          log_failure_msg "MySQL is not running, but lock exists"
+          exit 2
+        fi 
+        log_failure_msg "MySQL is not running"
+        exit 3
+      else
+        log_failure_msg "MySQL is running but PID file could not be found"
+        exit 4
+      fi
+    fi
+    ;;
+    *)
+      # usage
+      echo "Usage: $0  {start|stop|restart|reload|force-reload|status}  [ 
MySQL server options ]"
+      exit 1
+    ;;
+esac
+
+exit 0
diff --git a/templates/mariadb.service.erb b/templates/mariadb.service.erb
new file mode 100644
index 0000000..4cb351a
--- /dev/null
+++ b/templates/mariadb.service.erb
@@ -0,0 +1,155 @@
+#
+# /etc/systemd/system/mariadb.service
+#
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# Thanks to:
+# Daniel Black
+# Erkan Yanar
+# David Strauss
+# and probably others
+
+# customized for the WMF deployment
+
+[Unit]
+Description=MariaDB database server
+After=network.target
+After=syslog.target
+
+[Install]
+WantedBy=multi-user.target
+Alias=mysql.service
+Alias=mysqld.service
+
+
+[Service]
+
+##############################################################################
+## Core requirements
+##
+
+Type=notify
+
+# Setting this to true can break replication and the Type=notify settings
+# See also bind-address mysqld option.
+PrivateNetwork=false
+
+##############################################################################
+## Package maintainers
+##
+
+User=mysql
+Group=mysql
+
+# To allow memlock to be used as non-root user if set in configuration
+CapabilityBoundingSet=CAP_IPC_LOCK
+
+# Prevent writes to /usr, /boot, and /etc
+ProtectSystem=full
+
+# Doesn't yet work properly with SELinux enabled
+# NoNewPrivileges=true
+
+PrivateDevices=true
+
+# Prevent accessing /home, /root and /run/user
+ProtectHome=true
+
+# Execute pre and post scripts as root, otherwise it does it as User=
+PermissionsStartOnly=true
+
+# Perform automatic wsrep recovery. When server is started without wsrep,
+# galera_recovery simply returns an empty string. In any case, however,
+# the script is not expected to return with a non-zero status.
+# It is always safe to unset _WSREP_START_POSITION environment variable.
+# Do not panic if galera_recovery script is not available. (MDEV-10538)
+
+# !!! WMF: DISABLE ALL GALERA-SPECIFIC OPTIONS !!!!
+#ExecStartPre=/bin/sh -c "systemctl unset-environment _WSREP_START_POSITION"
+#ExecStartPre=/bin/sh -c "[ ! -e /usr/bin/galera_recovery ] && VAR= || \
+# VAR=`/usr/bin/galera_recovery`; [ $? -eq 0 ] \
+# && systemctl set-environment _WSREP_START_POSITION=$VAR || exit 1"
+
+# Needed to create system tables etc.
+# ExecStartPre=/usr/bin/mysql_install_db -u mysql
+
+# Start main service
+# MYSQLD_OPTS here is for users to set in 
/etc/systemd/system/mariadb.service.d/MY_SPECIAL.conf
+# Use the [service] section and Environment="MYSQLD_OPTS=...".
+# This isn't a replacement for my.cnf.
+# _WSREP_NEW_CLUSTER is for the exclusive use of the script galera_new_cluster
+WorkingDirectory=<%= @basedir -%>
+ExecStart=<%= @basedir -%>/bin/mysqld $MYSQLD_OPTS
+
+# Unset _WSREP_START_POSITION environment variable.
+#ExecStartPost=/bin/sh -c "systemctl unset-environment _WSREP_START_POSITION"
+
+KillMode=process
+KillSignal=SIGTERM
+
+# Don't want to see an automated SIGKILL ever
+SendSIGKILL=no
+
+# Restart crashed server only, on-failure would also restart, for example, when
+# my.cnf contains unknown option
+Restart=on-abort
+RestartSec=5s
+
+UMask=007
+
+##############################################################################
+## USERs can override
+##
+##
+## by creating a file in /etc/systemd/system/mariadb.service.d/MY_SPECIAL.conf
+## and adding/setting the following will override this file's settings.
+
+# Useful options not previously available in [mysqld_safe]
+
+# Kernels like killing mysqld when out of memory because its big.
+# Lets temper that preference a little.
+# OOMScoreAdjust=-600
+
+# Explicitly start with high IO priority
+# BlockIOWeight=1000
+
+# If you don't use the /tmp directory for SELECT ... OUTFILE and
+# LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
+## WMF: !!! false while /tmp/mysql.sock is created there !!!
+PrivateTmp=false
+
+##
+## Options previously available to be set via [mysqld_safe]
+## that now needs to be set by systemd config files as mysqld_safe
+## isn't executed.
+##
+
+# Number of files limit. previously [mysqld_safe] open-file-limit
+## !!! WMF: HUGE NUMBER OF FILES FOR S3 HOSTS !!!
+LimitNOFILE=<%= @open_files_limit -%>
+
+# Maximium core size. previously [mysqld_safe] core-file-size
+# LimitCore=
+
+# Nice priority. previously [mysqld_safe] nice
+# Nice=-5
+
+# Timezone. previously [mysqld_safe] timezone
+# Environment="TZ=UTC"
+
+# Library substitutions. previously [mysqld_safe] malloc-lib with explict paths
+# (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
+# Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
+
+# Flush caches. previously [mysqld_safe] flush-caches=1
+# ExecStartPre=sync
+# ExecStartPre=sysctl -q -w vm.drop_caches=3
+
+# numa-interleave=1 equalivant
+# Change ExecStart=numactl --interleave=all /usr/sbin/mysqld......
+
+# crash-script equalivent
+# FailureAction=

-- 
To view, visit https://gerrit.wikimedia.org/r/315228
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I23cee27c8e86c94dc830cde799a50955f9513c9b
Gerrit-PatchSet: 11
Gerrit-Project: operations/puppet/mariadb
Gerrit-Branch: master
Gerrit-Owner: Jcrespo <jcre...@wikimedia.org>
Gerrit-Reviewer: Jcrespo <jcre...@wikimedia.org>
Gerrit-Reviewer: Marostegui <maroste...@wikimedia.org>
Gerrit-Reviewer: Muehlenhoff <mmuhlenh...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to