summarylogtreecommitdiffstats
path: root/0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch
diff options
context:
space:
mode:
Diffstat (limited to '0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch')
-rw-r--r--0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch32
1 files changed, 0 insertions, 32 deletions
diff --git a/0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch b/0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch
deleted file mode 100644
index f3de571d86a..00000000000
--- a/0005-fix-galera_recovery-with-fs.protected_regular-enabled.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 5936f0be4a49eda7b05ea1591bbbba3d72e4d7b9 Mon Sep 17 00:00:00 2001
-From: Christian Hesse <mail@eworm.de>
-Date: Fri, 25 Jan 2019 14:50:53 +0100
-Subject: fix galera_recovery with fs.protected_regular enabled
-
-The fs.protected_regular sysctls was added in Linux 4.19 to make some
-data spoofing attacks harder. With systemd v241 these will be enabled
-by default.
-
-With this protection enabled galera_recovery fails with EPERM
-(permission denied). This is caused by a wrong security measure:
-The script changes ownership of $log_file to $user, though $user never
-touches it. The shell redirection writes output to the file, not mysqld.
-So just drop chown to fix this.
----
- scripts/galera_recovery.sh | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/scripts/galera_recovery.sh b/scripts/galera_recovery.sh
-index c58f3d8f6b9..c70decc0005 100644
---- a/scripts/galera_recovery.sh
-+++ b/scripts/galera_recovery.sh
-@@ -101,8 +101,7 @@ wsrep_recover_position() {
-
- # Safety checks
- if [ -n "$log_file" -a -f "$log_file" ]; then
-- [ "$euid" = "0" ] && chown $user $log_file
-- chmod 600 $log_file
-+ chmod 600 $log_file
- else
- log "WSREP: mktemp failed"
- fi