mysqld_safe is the recommended way to start the server on non-systemd
systems ([1]). For instance, it has a crash detection with auto-restart
function, can update ulimits, setup core files, set the niceness of the
server etc. It looks like it could also be helpful when trying to set up
clusters. It's maintained upstream and adding it means we don't need to
add these features into our init script.
mysqld_safe is a script itself, so it's added to conffiles in case users
want to edit it.
It can't be run under procd, so the init script is converted to a normal
System V type. To stop the server and to reload the privileges tables
mysqladmin is used. To that end mysqladmin is moved into the server
package.
While changing the init script, the Debian init script was used for
ideas. It wasn't copied verbatim and adapted a bit here and there.
Thanks to whoever wrote it!
This commit removes the support for starting the service as a user other
than "mariadb". This makes the init script simpler. If anybody wants to
play around with the user then it's up to them to fix the permissions.
[1] https://mariadb.com/kb/en/mysqld_safe/
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Highlights:
- Bump from 10.2.26 to 10.4.10
- auth_pam got replaced with never version, old one still available as
auth_pam_v1
- semisync plugins were merged into the core
- Upstream now installs symlinks for binaries with mariadb prefix. To
accommodate that this commit updates Package/mariadb/install/bin
accordingly.
- Patches are updated with new ones from Debian and Arch (thanks!)
- libedit patch dropped because it's upstream now.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
New upstream release. Addresses:
CVE-2019-2805
CVE-2019-2740
CVE-2019-2739
CVE-2019-2737
CVE-2019-2758
Package updates:
- includes "THIRDPARTY" in PKG_LICENSE_FILES
- drops client_ed25519 as a dynamic plugin and install it with the lib
as per upstream decision
- refreshes patches
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
From Release Notes:
Security
MDEV-18686 - Add option to PAM authentication plugin to allow case insensitive username matching
bugfix - multi-update checked privileges on views incorrectly (commit 5057d46375)
MDEV-19276 - during connect, write error log warning for ER_DBACCESS_DENIED_ERROR, if log_warnings > 1
MDEV-17456 - Malicious SUPER user can possibly change audit log configuration without leaving traces.
Fixes for the following security vulnerabilities:
CVE-2019-2614
CVE-2019-2627
CVE-2019-2628
OpenWrt changes:
- added PKG_CPE_ID
- shortened default description to make "opkg info" output easier on the eyes
- refreshed patches
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
libedit changed its interface a while back. mariadb currently does not
recognize this interface and instead uses a static old readline version.
It does not link in the system readline due to licence incompatibility.
This commit adds a patch that enables mariadb to detect and use the
system libedit. The patch was sent upstream already ([1]).
[1] https://github.com/MariaDB/server/pull/1001
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Include fix from upstream for MDEV-17200. musl-1.1.20 segfaults when
pthread_detach() is called for already detached threads.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
From Release Notes:
- New variable innodb_log_optimize_ddl for avoiding delay due to page flushing and allowing concurrent backup
- InnoDB updated to 5.7.23
- ALTER TABLE fixes:
MDEV-14637 - Fix hang due to DDL with FOREIGN KEY or persistent statistics
MDEV-15953 - Alter InnoDB Partitioned Table Moves Files (which were originally not in the datadir) to the datadir
MDEV-16515 - InnoDB: Failing assertion: ++retries < 10000 in file dict0dict.cc line 2737
MDEV-16809 - Allow full redo logging for ALTER TABLE
- Temporary tables: MDEV-16713 - InnoDB hang with repeating log entry
- indexed virtual columns: MDEV-15855 - Deadlock between purge thread and DDL statement
- locking: MDEV-16664 - Change the default to innodb_lock_schedule_algorithm=fcfs
- Galera: MDEV-15822 - WSREP: BF lock wait long for trx
- Fixes for the following security vulnerabilities:
CVE-2018-3060
CVE-2018-3064
CVE-2018-3063
CVE-2018-3058
CVE-2018-3066
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Bump to 10.2.x release series which has support for OpenSSL 1.1.x.
- libmariadbclient was replaced by libmaria
- libmaria uses LGPL, hence license info updated
- upstream disabled xtradb engine, innodb is now default (cannot be
built as plugin anymore)
- complex charsets are now all included (size increase), as otherwise
compile fails
- patches adapted/refreshed
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
MariaDB is a drop-in replacement for MySQL. This commit adds a current
and stable version of MariaDB to the tree.
Quite a few ideas/patches were copied from Alpine Linux, Busybox Buildroot
and Debian.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>