我已经更改了mysql的数据目录。
\n\n为了那个原因
\n\n我将文件夹移至/var/lib/mysql新目录
更改了 datadir 中的数据目录/etc/mysql/mysql.conf.d/mysqld.cnf,
更改了 apparmor 配置/etc/apparmor.d/usr.sbin.mysqld:
/newDirectory/mysql/ r,\n/newDirectory/mysql/** rwk,\n添加alias /var/lib/mysql/ -> /newDirectory/mysql/,到
/etc/apparmor.d/tunables/alias\n授予 mysql 所有权和权限
\n\nsudo chown -R mysql.mysql /newDirectory/mysql\nsudo chmod -R 775 /newDirectory/mysql\n但我仍然无法启动 mysql 并收到以下错误:
\n\nmysqld: Can\'t change dir to \'/newDirectory/mysql/\' (Errcode: 13 - Permission denied)\n该错误的其他原因可能是什么?
\n\n编辑:
\n\njournalctl -xe\nAug 24 13:29:30 Server audit[2288]: AVC apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/2288/status" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=121\nAug 24 13:29:30 Server audit[2288]: AVC apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=0\nAug 24 13:29:30 Server audit[2288]: AVC apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/2288/status" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=121\nAug 24 13:29:30 Server kernel: audit: type=1400 audit(1535110170.413:3083): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/2288/status" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=121\nAug 24 13:29:30 Server kernel: audit: type=1400 audit(1535110170.413:3084): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=0\nAug 24 13:29:30 TIE-Server kernel: audit: type=1400 audit(1535110170.413:3085): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/2288/status" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=121\nAug 24 13:29:30 Server mysqld[2288]: mysqld: Can\'t change dir to \'/newDirectory/mysql/\' (Errcode: 13 - Permission denied)\n编辑2:
\n\n受这篇文章https://askubuntu.com/a/953988/863451的启发,我在文件中添加了/etc/apparmor.d/usr.sbin.mysqld
/proc/*/status r,\n/sys/devices/system/node/ r,\n不幸的是这并没有改变任何事情。
\n\n编辑3:
\n\n尝试运行 George Udosen ( https://askubuntu.com/a/1068832/863451 ) 的解决方案后,错误日志如下所示:
\n\n**journalctl -xe**\nAug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.673061Z 0 [Warning] Changed limits: table_open_cache: 431 (requested 2000)\nAug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.844943Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_\nAug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.845053Z 0 [Warning] Can\'t create test file /newDirectory/Server.lower-test\nAug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.845104Z 0 [Note] /usr/sbin/mysqld (mysqld 5.7.23-0ubuntu0.16.04.1) starting as process 19214 ...\nAug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.849145Z 0 [Warning] Can\'t create test file /newDirectory/mysql/Server.lower-test\nAug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.849168Z 0 [Warning] Can\'t create test file newDirectory/mysql/Server.lower-test\nAug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.850029Z 0 [ERROR] failed to set datadir to /newDirectory/mysql/\nAug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.850049Z 0 [ERROR] Aborting\nAug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.850071Z 0 [Note] Binlog end\nAug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.850133Z 0 [Note] /usr/sbin/mysqld: Shutdown complete\nAug 27 11:04:33 Server systemd[1]: mysql.service: Main process exited, code=exited, status=1/FAILURE\nAug 27 11:05:03 Server systemd[1]: Failed to start MySQL Community Server.\n-- Subject: Unit mysql.service has failed\n-- Defined-By: systemd\n-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel\n-- \n-- Unit mysql.service has failed.\n-- \n-- The result is failed.\nAug 27 11:05:03 Server systemd[1]: mysql.service: Unit entered failed state.\nAug 27 11:05:03 Server systemd[1]: mysql.service: Failed with result \'exit-code\'.\nAug 27 11:05:04 Server systemd[1]: mysql.service: Service hold-off time over, scheduling restart.\nAug 27 11:05:04 Server systemd[1]: Stopped MySQL Community Server.\n-- Subject: Unit mysql.service has finished shutting down\n-- Defined-By: systemd\n-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel\n-- \n-- Unit mysql.service has finished shutting down.\nAug 27 11:05:04 TIE-Server systemd[1]: Starting MySQL Community Server...\n-- Subject: Unit mysql.service has begun start-up\n-- Defined-By: systemd\n-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel\n-- \n-- Unit mysql.service has begun starting up.\nAug 27 11:05:04 Server mysqld[19313]: mysqld: Can\'t change dir to \'/newDirectory/mysql/\' (Errcode: 13 - Permission denied)\nAug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.170717Z 0 [Warning] Changed limits: max_open_files: 1024 (requested 5000)\nAug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.170788Z 0 [Warning] Changed limits: table_open_cache: 431 (requested 2000)\nAug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.345141Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_\nAug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.345239Z 0 [Warning] Can\'t create test file /newDirectory/mysql/Server.lower-test\nAug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.345288Z 0 [Note] /usr/sbin/mysqld (mysqld 5.7.23-0ubuntu0.16.04.1) starting as process 19313 ...\nAug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.349475Z 0 [Warning] Can\'t create test file /newDirectory/mysql/Server.lower-test\nAug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.349498Z 0 [Warning] Can\'t create test file /newDirectory/mysql/Server.lower-test\nAug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.350320Z 0 [ERROR] failed to set datadir to /newDirectory/mysql/\nAug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.350339Z 0 [ERROR] Aborting\nAug 27 11:05:04Server mysqld[19313]: 2018-08-27T09:05:04.350357Z 0 [Note] Binlog end\nAug 27 11:05:04 TIE-Server mysqld[19313]: 2018-08-27T09:05:04.350414Z 0 [Note] /usr/sbin/mysqld: Shutdown complete\nAug 27 11:05:04 TIE-Server systemd[1]: mysql.service: Main process exited, code=exited, status=1/FAILURE\n\n\n\n**systemctl status mysql.service**\n mysql.service - MySQL Community Server\n Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)\n Active: activating (start-post) (Result: exit-code) since Mon 2018-08-27 11:18:01 CEST; 11s ago\n Process: 21747 ExecStart=/usr/sbin/mysqld (code=exited, status=1/FAILURE)\n Process: 21730 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, status=0/SUCCESS)\n Main PID: 21747 (code=exited, status=1/FAILURE); : 21749 (mysql-systemd-s)\n Tasks: 2\n Memory: 6.2M\n CPU: 291ms\n CGroup: /system.slice/mysql.service\n \xe2\x94\x94\xe2\x94\x80control\n \xe2\x94\x9c\xe2\x94\x8021749 /bin/bash /usr/share/mysql/mysql-systemd-start post\n \xe2\x94\x94\xe2\x94\x8021779 sleep 1\n\n Aug 27 11:18:01 Server systemd[1]: Starting MySQL Community Server...\n Aug 27 11:18:01 TIE-Server mysqld[21747]: mysqld: Can\'t change dir to \'newDirectory/mysql/\' (Errcode: 13 - Permission denied)\n Aug 27 11:18:01 Server mysqld[21747]: 2018-08-27T09:18:01.671709Z 0 [Warning] Changed limits: max_open_files: 1024 (requested 5000)\n Aug 27 11:18:01 Server mysqld[21747]: 2018-08-27T09:18:01.671780Z 0 [Warning] Changed limits: table_open_cache: 431 (requested 2000)\n Aug 27 11:18:01 Server mysqld[21747]: 2018-08-27T09:18:01.844978Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_\n Aug 27 11:18:01 Server mysqld[21747]: 2018-08-27T09:18:01.845090Z 0 [Warning] Can\'t create test file /newDirectory/mysql/Server.lower-test\n Aug 27 11:18:01 Server mysqld[21747]: 2018-08-27T09:18:01.845141Z 0 [Note] /usr/sbin/mysqld (mysqld 5.7.23-0ubuntu0.16.04.1) starting as process 21747 ...\n Aug 27 11:18:01 Server systemd[1]: mysql.service: Main process exited, code=exited, status=1/FAILURE\n编辑4:
\n\nmysql apparmor配置文件的当前状态:
\n\nsudo aa-status | grep -e "^[[:alnum:]]" -e mysql\napparmor module is loaded.\n80 profiles are loaded.\n41 profiles are in enforce mode.\n39 profiles are in complain mode.\n /usr/bin/mysql\n /usr/sbin/mysqld\n12 processes have profiles defined.\n8 processes are in enforce mode.\n4 processes are in complain mode.\n /usr/sbin/mysqld (8455) \n0 processes are unconfined but have a profile defined.\n编辑5:
\n\n绑定安装也没有帮助:https://askubuntu.com/a/663945/863451
\n我想你可以尝试一下
/etc/apparmor.d/usr.sbin.mysqld将 r 权限添加到内部部分中/usr/sbin/mysqld,如下所示:
/proc/*/status r,
/sys/devices/system/node/ r,
然后你可以使用重新加载apparmor,
service apparmor reload
并使用再次启动您的 MySql,
service mysql start
编辑
我想尝试删除你没有的/sys/devices/system/node/node0/meminfo r,地方。systemctl
希望这可以帮助。
让我分享一个更简单的方法来解决这个问题。现在我按照你的步骤进行:
我使用以下命令将文件夹移动/var/lib/mysql到 newDirectory:
sudo cp -r --preserve /var/lib/mysql /new/location
更改了 datadir 中的数据目录/etc/mysql/mysql.conf.d/mysqld.cnf,
更改了 apparmor 配置/etc/apparmor.d/usr.sbin.mysqld:
/newDirectory/mysql/ r,
/newDirectory/mysql/** rwk,
注意:我没有执行步骤 4,因为步骤 1 已经解决了这个问题。
现在安装apparmor tools:
sudo apt install apparmor*
这将安装:
apparmor-easyprof
apparmor-notify
apparmor-profiles
apparmor-profiles-extra
apparmor-utils
mysql 的 apparmor 配置文件不允许它访问该新目录位置,此处由enforce运行时看到的状态表示
sudo aa-status | grep -e "^[[:alnum:]]" -e mysql
结果:
[sudo] password for georgek:
apparmor module is loaded.
114 profiles are loaded.
72 profiles are in enforce mode.
/usr/sbin/mysqld
42 profiles are in complain mode.
9 processes have profiles defined.
7 processes are in enforce mode.
/usr/sbin/mysqld (2066)
2 processes are in complain mode.
0 processes are unconfined but have a profile defined.
现在我们将使用命令修改 mysql 的当前配置文件sudo aa-genprof。这将扫描/var/log/syslog文件并查找apparmormysql 的异常,并使用它为其生成新的配置文件。让我们开始,分别从两个终端运行命令。首先运行aa-genprof一个,然后根据aa-genprof命令指示运行另一个:
sudo systemctl restart mysql
sudo aa-genprof /usr/bin/mysql
您将在此格式中看到几个可供选择的选项
[(S)can system log for AppArmor events] / (F)inish
...
(A)llow / [(D)eny] / (I)gnore / Audi(t) / Abo(r)t / (F)inish
阅读要添加的规则,然后单击键盘上的这些键以接受或拒绝您认为合适的规则。就我而言,我接受了一切。然后完成后你会看到这一行:
(S)ave Changes / Save Selec(t)ed Profile / [(V)iew Changes] / View Changes b/w (C)lean profiles / Abo(r)t
单击S完成。最后我的意愿/etc/apparmor.d/usr.sbin.mysqld会更新。现在运行sudo systemctl restart mysql它现在应该允许访问该文件夹。
| 归档时间: |
|
| 查看次数: |
13637 次 |
| 最近记录: |