diff options
author | João Figueiredo | 2021-07-22 23:21:45 +0100 |
---|---|---|
committer | João Figueiredo | 2021-07-22 23:21:45 +0100 |
commit | 94c750292fe0e4168386cf521d9d1e1cd0e6fb6b (patch) | |
tree | 30279d09f109393a79f3131e3d63eeda29d9c9d6 /0001-arch-specific.patch | |
parent | c81f5274327271866a103ecf7504c016653a78c4 (diff) | |
download | aur-94c750292fe0e4168386cf521d9d1e1cd0e6fb6b.tar.gz |
Merged with official ABS mariadb PKGBUILD
Diffstat (limited to '0001-arch-specific.patch')
-rw-r--r-- | 0001-arch-specific.patch | 128 |
1 files changed, 44 insertions, 84 deletions
diff --git a/0001-arch-specific.patch b/0001-arch-specific.patch index 26c307bd9382..d194e7d42caf 100644 --- a/0001-arch-specific.patch +++ b/0001-arch-specific.patch @@ -1,52 +1,53 @@ -From 07abbcbbe129a4c44c58fa2496b0921e52a759c2 Mon Sep 17 00:00:00 2001 +From bf66e7d610de0d7d3651742342c01ed9ff93f363 Mon Sep 17 00:00:00 2001 From: Christian Hesse <mail@eworm.de> -Date: Tue, 29 Jan 2019 23:12:01 +0100 -Subject: enable PrivateTmp for a little bit more security +Date: Wed, 19 Feb 2020 13:10:17 +0100 +Subject: [PATCH 1/3] enable PrivateTmp for a little bit more security --- support-files/mariadb.service.in | 2 +- support-files/mariadb@.service.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in -index 8d43b6db428..a96fbcc9d2c 100644 +index e7665ed1219..a1fe69d61c4 100644 --- a/support-files/mariadb.service.in +++ b/support-files/mariadb.service.in -@@ -117,7 +117,7 @@ UMask=007 +@@ -129,7 +129,7 @@ UMask=007 # If you don't use the /tmp directory for SELECT ... OUTFILE and # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security. -PrivateTmp=false +PrivateTmp=true - ## - ## Options previously available to be set via [mysqld_safe] + # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!) + # this is the same value as used in SysV init scripts in the past diff --git a/support-files/mariadb@.service.in b/support-files/mariadb@.service.in -index a2f5cff0828..83d75f80b87 100644 +index ffefc2f22d8..f8b0b8aad8d 100644 --- a/support-files/mariadb@.service.in +++ b/support-files/mariadb@.service.in -@@ -41,7 +41,7 @@ Type=notify +@@ -241,7 +241,7 @@ UMask=007 - # Setting this to true can break replication and the Type=notify settings - # See also bind-address mysqld option. --PrivateNetwork=false -+PrivateNetwork=true + # If you don't use the /tmp directory for SELECT ... OUTFILE and + # LOAD DATA INFILE you can enable PrivateTmp=true for a little more security. +-PrivateTmp=false ++PrivateTmp=true - ############################################################################## - ## Package maintainers -From 0e4a158086b765aa3a12b84646aefb9b192443f7 Mon Sep 17 00:00:00 2001 + # Set an explicit Start and Stop timeout of 900 seconds (15 minutes!) + # this is the same value as used in SysV init scripts in the past + +From 00aab78891a19a14a92039fcc6a73e391a3bb471 Mon Sep 17 00:00:00 2001 From: Christian Hesse <mail@eworm.de> -Date: Tue, 29 Jan 2019 23:12:54 +0100 -Subject: force preloading jemalloc for memory management +Date: Wed, 19 Feb 2020 13:10:46 +0100 +Subject: [PATCH 2/3] force preloading jemalloc for memory management --- support-files/mariadb.service.in | 1 + support-files/mariadb@.service.in | 1 + 2 files changed, 2 insertions(+) diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in -index a96fbcc9d2c..6bb5d4227b9 100644 +index a1fe69d61c4..9a2941ae917 100644 --- a/support-files/mariadb.service.in +++ b/support-files/mariadb.service.in -@@ -140,6 +140,7 @@ LimitNOFILE=16364 +@@ -159,6 +159,7 @@ LimitNOFILE=16364 # Library substitutions. previously [mysqld_safe] malloc-lib with explicit paths # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD). # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD= @@ -55,10 +56,10 @@ index a96fbcc9d2c..6bb5d4227b9 100644 # Flush caches. previously [mysqld_safe] flush-caches=1 # ExecStartPre=sync diff --git a/support-files/mariadb@.service.in b/support-files/mariadb@.service.in -index 83d75f80b87..d1d24d685f9 100644 +index f8b0b8aad8d..3309127330c 100644 --- a/support-files/mariadb@.service.in +++ b/support-files/mariadb@.service.in -@@ -161,6 +161,7 @@ LimitNOFILE=16364 +@@ -282,6 +282,7 @@ LimitNOFILE=16364 # Library substitutions. previously [mysqld_safe] malloc-lib with explicit paths # (in LD_LIBRARY_PATH) and library name (in LD_PRELOAD). # Environment="LD_LIBRARY_PATH=/path1 /path2" "LD_PRELOAD= @@ -66,69 +67,28 @@ index 83d75f80b87..d1d24d685f9 100644 # Flush caches. previously [mysqld_safe] flush-caches=1 # ExecStartPre=sync -From 72b42fb1a344bfc3f3c3c905fe85c93ac4a752e3 Mon Sep 17 00:00:00 2001 -From: Christian Hesse <mail@eworm.de> -Date: Tue, 29 Jan 2019 23:14:23 +0100 -Subject: fix path to our config ---- - support-files/rpm/enable_encryption.preset | 2 +- - support-files/rpm/my.cnf | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) -diff --git a/support-files/rpm/enable_encryption.preset b/support-files/rpm/enable_encryption.preset -index 722db7e5fa1..978a7494c6b 100644 ---- a/support-files/rpm/enable_encryption.preset -+++ b/support-files/rpm/enable_encryption.preset -@@ -1,5 +1,5 @@ - # --# !include this file into your my.cnf (or any of *.cnf files in /etc/my.cnf.d) -+# !include this file into your my.cnf (or any of *.cnf files in /etc/mysql/my.cnf.d) - # and it will enable data at rest encryption. This is a simple way to - # ensure that everything that can be encrypted will be and your - # data will not leak unencrypted. -diff --git a/support-files/rpm/my.cnf b/support-files/rpm/my.cnf -index 913b88f8328..17d25361178 100644 ---- a/support-files/rpm/my.cnf -+++ b/support-files/rpm/my.cnf -@@ -7,5 +7,5 @@ - # - # include all files from the config directory - # --!includedir /etc/my.cnf.d -+!includedir /etc/mysql/my.cnf.d - -From 820b47c1e70d36f1272cca3ddbdf4bbd2dd62bde Mon Sep 17 00:00:00 2001 +From a78ff18c83a5eb2556d4f3716f13786dcd8395d2 Mon Sep 17 00:00:00 2001 From: Christian Hesse <mail@eworm.de> -Date: Wed, 30 Jan 2019 00:46:47 +0100 -Subject: remove aliases from systemd unit files +Date: Wed, 19 Feb 2020 13:11:31 +0100 +Subject: [PATCH 3/3] Make systemd-tmpfiles create MYSQL_DATADIR + +This is a no-op if the directory exists, but makes sure it is created by +systemd-tmpfiles with proper permissions otherwise. + +This solves packaging issues when the user MYSQLD_USER is created by +systemd-sysusers and uid is not known in advance. + +Also this now sets the No_COW attribute. --- - support-files/mariadb.service.in | 2 -- - support-files/mariadb@.service.in | 2 -- - 2 files changed, 4 deletions(-) + support-files/tmpfiles.conf.in | 2 + + 1 file changed, 2 insertion(+) -diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in -index 8d43b6db428..d7fa6bf5b14 100644 ---- a/support-files/mariadb.service.in -+++ b/support-files/mariadb.service.in -@@ -20,8 +20,6 @@ After=network.target - - [Install] - WantedBy=multi-user.target --Alias=mysql.service --Alias=mysqld.service - - - [Service] -diff --git a/support-files/mariadb@.service.in b/support-files/mariadb@.service.in -index a2f5cff0828..3fc41358e14 100644 ---- a/support-files/mariadb@.service.in -+++ b/support-files/mariadb@.service.in -@@ -27,8 +27,6 @@ ConditionPathExists=@sysconf2dir@/my%I.cnf - - [Install] - WantedBy=multi-user.target --Alias=mysql.service --Alias=mysqld.service - - - [Service] +diff --git a/support-files/tmpfiles.conf.in b/support-files/tmpfiles.conf.in +index 03d66abc0c7..3c89cb258c9 100644 +--- a/support-files/tmpfiles.conf.in ++++ b/support-files/tmpfiles.conf.in +@@ -1 +1,3 @@ + d @MYSQL_UNIX_DIR@ 0755 @MYSQLD_USER@ @MYSQLD_USER@ - ++d @MYSQL_DATADIR@ 0700 @MYSQLD_USER@ @MYSQLD_USER@ - ++h @MYSQL_DATADIR@ - - - - +C |