Let mysql on fedora read and write files on /tmp

Some fedora linux and mysql releases ago, I found it’s not possibile to read and write files placed in /tmp.

I use to run “\. /tmp/mysqlscript.sql” inside mysql bash client to execute my script, and often use the “SELECT … INTO OUTFILE ‘/tmp/my_script_output_file.csv’…” inside my scripts , then I need to read and write into /tmp folder but i receive messages like following:

"Can't read/create/write to file '/tmp/myfile.csv' (Errcode: 13)

 

That for me is a problem ’cause i use to put my sql scripts in this dir and execute them from mysql bash client and i use my fedora to test many operation scripts before to do then on production environment.

After a bit of search i found the following reasons and solution:

http://unix.stackexchange.com/questions/37187/fedora-16-strange-tmp-permissions-mysqld-will-not-start

http://docs.fedoraproject.org/en-US/Fedora/17/html/Release_Notes/sect-Release_Notes-Changes_for_Sysadmin.html

2.3.3. Services Private /tmp

A number of services managed by systemd have been modified to make use of its ability to provide them with a private /tmp directory. Privileged services using /tmp and /var/tmp have previously been found to be open to being interfered with by unprivileged users, potentially leading to privilege escalation. Using private /tmp directories for services prevents this style of exploit.
The directive added to the systemd unit files for the modified services is:

[Service]
PrivateTmp=true

 

I used the folloing solution for my Fedora 17with mysql 5.5.28 (Fedora 16 also shoul work…)

1) Enable mysql autostart to let systemd create configuration file

/etc/systemd/system/multi-user.target.wants/mysqld.service

with the following command:

[root@mypc systemd]# systemctl enable mysqld.service
ln -s '/usr/lib/systemd/system/mysqld.service' '/etc/systemd/system/multi-user.target.wants/mysqld.service'

This let you find the file where you can configure the tmp privacy…

2) Config mysql to don’t consider private the /tmp folder editing the file

/etc/systemd/system/multi-user.target.wants/mysqld.service

and modify:

PrivateTmp=true

in

PrivateTmp=false

3) now you have to let systemd reload configuration.

If you start the mysql service now you receive the message

“Warning: Unit file of created job changed on disk, ‘systemctl –system daemon-reload’ recommended.”

Use the command stated in the warning message then start mysql:

[root@my-pc systemd]# systemctl --system daemon-reload
[root@my-pc systemd]# systemctl stop mysqld.service

tadaaa

Done: you can read and write in /tmp from mysql.

This is a systemd/mysql misanderstang, please read the documentation for further information.

 

stay tuned…

Share Us

PinIt

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.