2024-08-19 10:24:43 +00:00
|
|
|
From f7f319cc00c5c7a9cfaad918989995543295474f Mon Sep 17 00:00:00 2001
|
2019-02-24 21:19:41 +00:00
|
|
|
From: Christian Hesse <mail@eworm.de>
|
2020-05-14 14:06:22 +00:00
|
|
|
Date: Wed, 19 Feb 2020 13:10:17 +0100
|
|
|
|
|
Subject: [PATCH 1/3] enable PrivateTmp for a little bit more security
|
2024-06-03 00:09:01 +00:00
|
|
|
|
2019-02-24 21:19:41 +00:00
|
|
|
---
|
|
|
|
|
support-files/mariadb.service.in | 2 +-
|
|
|
|
|
support-files/mariadb@.service.in | 2 +-
|
|
|
|
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
|
|
|
|
|
|
diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in
|
2024-08-19 10:24:43 +00:00
|
|
|
index e47a67f6880..54cd9776e41 100644
|
2019-02-24 21:19:41 +00:00
|
|
|
--- a/support-files/mariadb.service.in
|
|
|
|
|
+++ b/support-files/mariadb.service.in
|
2020-05-14 14:06:22 +00:00
|
|
|
@@ -129,7 +129,7 @@ UMask=007
|
2019-02-24 21:19:41 +00:00
|
|
|
|
|
|
|
|
# If you don't use the /tmp directory for SELECT ... OUTFILE and
|
|
|
|
|
# LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
|
|
|
|
|
-PrivateTmp=false
|
|
|
|
|
+PrivateTmp=true
|
|
|
|
|
|
2020-05-14 14:06:22 +00:00
|
|
|
# Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
|
|
|
|
|
# this is the same value as used in SysV init scripts in the past
|
2019-02-24 21:19:41 +00:00
|
|
|
diff --git a/support-files/mariadb@.service.in b/support-files/mariadb@.service.in
|
2024-06-03 00:09:01 +00:00
|
|
|
index 31f1586f1bf..b7094662bbd 100644
|
2019-02-24 21:19:41 +00:00
|
|
|
--- a/support-files/mariadb@.service.in
|
|
|
|
|
+++ b/support-files/mariadb@.service.in
|
2024-06-03 00:09:01 +00:00
|
|
|
@@ -243,7 +243,7 @@ UMask=007
|
2019-02-24 21:19:41 +00:00
|
|
|
|
2019-03-01 19:30:56 +00:00
|
|
|
# If you don't use the /tmp directory for SELECT ... OUTFILE and
|
|
|
|
|
# LOAD DATA INFILE you can enable PrivateTmp=true for a little more security.
|
|
|
|
|
-PrivateTmp=false
|
|
|
|
|
+PrivateTmp=true
|
2019-02-24 21:19:41 +00:00
|
|
|
|
2020-05-14 14:06:22 +00:00
|
|
|
# Set an explicit Start and Stop timeout of 900 seconds (15 minutes!)
|
|
|
|
|
# this is the same value as used in SysV init scripts in the past
|
2024-06-03 00:09:01 +00:00
|
|
|
--
|
2024-08-19 10:24:43 +00:00
|
|
|
2.46.0
|
2024-06-03 00:09:01 +00:00
|
|
|
|
2020-05-14 14:06:22 +00:00
|
|
|
|
2024-08-19 10:24:43 +00:00
|
|
|
From e88246b9f23f4b1a0879c494efe0d8703069e1ec Mon Sep 17 00:00:00 2001
|
2019-02-24 21:19:41 +00:00
|
|
|
From: Christian Hesse <mail@eworm.de>
|
2020-05-14 14:06:22 +00:00
|
|
|
Date: Wed, 19 Feb 2020 13:10:46 +0100
|
|
|
|
|
Subject: [PATCH 2/3] force preloading jemalloc for memory management
|
2024-06-03 00:09:01 +00:00
|
|
|
|
2019-02-24 21:19:41 +00:00
|
|
|
---
|
|
|
|
|
support-files/mariadb.service.in | 1 +
|
|
|
|
|
support-files/mariadb@.service.in | 1 +
|
|
|
|
|
2 files changed, 2 insertions(+)
|
|
|
|
|
|
|
|
|
|
diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in
|
2024-08-19 10:24:43 +00:00
|
|
|
index 54cd9776e41..6b9eec7dbc5 100644
|
2019-02-24 21:19:41 +00:00
|
|
|
--- a/support-files/mariadb.service.in
|
|
|
|
|
+++ b/support-files/mariadb.service.in
|
2024-06-03 00:09:01 +00:00
|
|
|
@@ -165,6 +165,7 @@ LimitNOFILE=32768
|
2019-02-24 21:19:41 +00:00
|
|
|
# Library substitutions. previously [mysqld_safe] malloc-lib with explicit paths
|
|
|
|
|
# (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
|
|
|
|
|
# Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
|
|
|
|
|
+Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
|
|
|
|
|
|
|
|
|
|
# Flush caches. previously [mysqld_safe] flush-caches=1
|
|
|
|
|
# ExecStartPre=sync
|
|
|
|
|
diff --git a/support-files/mariadb@.service.in b/support-files/mariadb@.service.in
|
2024-06-03 00:09:01 +00:00
|
|
|
index b7094662bbd..c6f1605276e 100644
|
2019-02-24 21:19:41 +00:00
|
|
|
--- a/support-files/mariadb@.service.in
|
|
|
|
|
+++ b/support-files/mariadb@.service.in
|
2024-06-03 00:09:01 +00:00
|
|
|
@@ -290,6 +290,7 @@ LimitNOFILE=32768
|
2019-02-24 21:19:41 +00:00
|
|
|
# Library substitutions. previously [mysqld_safe] malloc-lib with explicit paths
|
|
|
|
|
# (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD).
|
|
|
|
|
# Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD=
|
|
|
|
|
+Environment="LD_PRELOAD=/usr/lib/libjemalloc.so"
|
|
|
|
|
|
|
|
|
|
# Flush caches. previously [mysqld_safe] flush-caches=1
|
|
|
|
|
# ExecStartPre=sync
|
2024-06-03 00:09:01 +00:00
|
|
|
--
|
2024-08-19 10:24:43 +00:00
|
|
|
2.46.0
|
2020-05-14 14:06:22 +00:00
|
|
|
|
2024-06-03 00:09:01 +00:00
|
|
|
|
2024-08-19 10:24:43 +00:00
|
|
|
From 805eab247057095b013cda026ab211e9805177da Mon Sep 17 00:00:00 2001
|
2019-02-24 21:19:41 +00:00
|
|
|
From: Christian Hesse <mail@eworm.de>
|
2020-05-14 14:06:22 +00:00
|
|
|
Date: Wed, 19 Feb 2020 13:11:31 +0100
|
|
|
|
|
Subject: [PATCH 3/3] Make systemd-tmpfiles create MYSQL_DATADIR
|
|
|
|
|
|
|
|
|
|
This is a no-op if the directory exists, but makes sure it is created by
|
|
|
|
|
systemd-tmpfiles with proper permissions otherwise.
|
|
|
|
|
|
|
|
|
|
This solves packaging issues when the user MYSQLD_USER is created by
|
|
|
|
|
systemd-sysusers and uid is not known in advance.
|
2020-08-10 17:38:59 +00:00
|
|
|
|
|
|
|
|
Also this now sets the No_COW attribute.
|
2019-02-24 21:19:41 +00:00
|
|
|
---
|
2024-06-03 00:09:01 +00:00
|
|
|
support-files/tmpfiles.conf.in | 2 ++
|
|
|
|
|
1 file changed, 2 insertions(+)
|
2019-02-24 21:19:41 +00:00
|
|
|
|
2020-05-14 14:06:22 +00:00
|
|
|
diff --git a/support-files/tmpfiles.conf.in b/support-files/tmpfiles.conf.in
|
2024-06-03 00:09:01 +00:00
|
|
|
index 70de7a12fdb..101b37f306a 100644
|
2020-05-14 14:06:22 +00:00
|
|
|
--- a/support-files/tmpfiles.conf.in
|
|
|
|
|
+++ b/support-files/tmpfiles.conf.in
|
2024-06-03 00:09:01 +00:00
|
|
|
@@ -9,3 +9,5 @@
|
|
|
|
|
# It shouldn't be used for datadir which is why it
|
|
|
|
|
# may be disabled.
|
|
|
|
|
@DISABLE_TMP@d @MYSQL_UNIX_DIR@ 0755 @MYSQLD_USER@ @MYSQLD_USER@ -
|
2020-05-14 14:06:22 +00:00
|
|
|
+d @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ -
|
2020-08-10 17:38:59 +00:00
|
|
|
+h @MYSQL_DATADIR@ - - - - +C
|
2024-06-03 00:09:01 +00:00
|
|
|
--
|
2024-08-19 10:24:43 +00:00
|
|
|
2.46.0
|
2024-06-03 00:09:01 +00:00
|
|
|
|
