|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
#!/bin/bash
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# This function returns all config files that daemon uses and their path
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# includes /opt. It is used to get correct path to the config file.
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
mysql_get_config_files_scl() {
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
scl enable ${ENABLED_COLLECTIONS} -- my_print_defaults --help --verbose | \
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
grep --after=1 '^Default options' | \
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
tail -n 1 | \
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
grep -o '[^ ]*opt[^ ]*my.cnf'
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
}
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# This function picks the main config file that deamon uses and we ship in rpm
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
mysql_get_correct_config() {
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# we use the same config in non-SCL packages, not necessary to guess
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
[ -z "${ENABLED_COLLECTIONS}" ] && echo -n "/etc/my.cnf" && return
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# from all config files read by daemon, pick the first that exists
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
for f in `mysql_get_config_files_scl` ; do
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
[ -f "$f" ] && echo "$f"
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
done | head -n 1
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
}
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
export MYSQL_CONFIG_FILE=$(mysql_get_correct_config)
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
[ -z "$MYSQL_CONFIG_FILE" ] && echo "MYSQL_CONFIG_FILE is empty" && exit 1
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
unset -f mysql_get_correct_config mysql_get_config_files_scl
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# we provide own config files for the container, so clean what rpm ships here
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
mkdir -p ${MYSQL_CONFIG_FILE}.d
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
rm -f ${MYSQL_CONFIG_FILE}.d/*
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# we may add options during service init, so we need to have this dir writable by daemon user
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
chown -R mysql:0 ${MYSQL_CONFIG_FILE}.d ${MYSQL_CONFIG_FILE}
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
restorecon -R ${MYSQL_CONFIG_FILE}.d ${MYSQL_CONFIG_FILE}
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# API of the container are standard paths /etc/my.cnf and /etc/my.cnf.d
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# we already include own /etc/my.cnf for container, but for cases the
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# actually used config file is not on standard path /etc/my.cnf, we
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# need to move it to the location daemon expects it and create symlinks
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
if [ "$MYSQL_CONFIG_FILE" != "/etc/my.cnf" ] ; then
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
rm -rf /etc/my.cnf.d
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
mv /etc/my.cnf ${MYSQL_CONFIG_FILE}
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
ln -s ${MYSQL_CONFIG_FILE} /etc/my.cnf
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
ln -s ${MYSQL_CONFIG_FILE}.d /etc/my.cnf.d
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
fi
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# setup directory for data
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
mkdir -p /var/lib/mysql/data
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
chown -R mysql:0 /var/lib/mysql
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
restorecon -R /var/lib/mysql
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# Loosen permission bits for group to avoid problems running container with
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# arbitrary UID
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# When only specifying user, group is 0, that's why /var/lib/mysql must have
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
# owner mysql.0; that allows to avoid a+rwx for this dir
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
chmod g+w -R /var/lib/mysql ${MYSQL_CONFIG_FILE}.d
|
|
![](https://seccdn.libravatar.org/avatar/3d0a4f295af5f9857ef04c3d8f6e89d5b4154c2463647b61e8e48ed700d065c7?s=16&d=retro) |
d27be39 |
|