[Buildroot] [PATCH 0/3] oracle-mysql bugfix, security fix, and enhancement

[Buildroot] [PATCH 0/3] oracle-mysql bugfix, security fix, and enhancement

[Christopher McCrory]

0001-oracle-mysql-fix-hostname-path.patch
configure script picks up the hosts /usr/bin/hostname,  but buildroot
uses /bin/hostname. This breaks several helper scripts. For example the
startup wrapper ends up using a logfile of /var/mysql/.err instead of
/var/mysql/buildroot.err

0002-oracle-mysql-use-group-mysql-not-nogroup.patch
The makefile specifies a user mysql using group nogroup.  The /var/mysql
directory is world readable.  mysqld creates files with permisions 660.
If another process or user also has access to nogroup, then they have
access to all of the database data.  IMHO, this is bad.

0003-oracle-mysql-check-for-my.cnf-before-starting.patch
enhancement, don't start the daemon unless there is a configuration file

Christopher McCrory (3):
  oracle-mysql: fix hostname path
  oracle-mysql: use group mysql, not nogroup
  oracle-mysql: check for my.cnf before starting

 package/oracle-mysql/S97mysqld       | 1 +
 package/oracle-mysql/oracle-mysql.mk | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

-- 
2.14.4

[Buildroot] [PATCH 1/3] oracle-mysql: fix hostname path

[Christopher McCrory]

Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
---
 package/oracle-mysql/oracle-mysql.mk | 1 +
 1 file changed, 1 insertion(+)

diff --git a/package/oracle-mysql/oracle-mysql.mk b/package/oracle-mysql/oracle-mysql.mk
index 7da5c547d9..0275a8428f 100644
--- a/package/oracle-mysql/oracle-mysql.mk
+++ b/package/oracle-mysql/oracle-mysql.mk
@@ -21,6 +21,7 @@ MYSQL_SOCKET = /run/mysql/mysql.sock
 ORACLE_MYSQL_CONF_ENV = \
 	ac_cv_sys_restartable_syscalls=yes \
 	ac_cv_path_PS=/bin/ps \
+	ac_cv_path_HOSTNAME=/bin/hostname \
 	ac_cv_FIND_PROC="/bin/ps p \$\$PID | grep -v grep | grep mysqld > /dev/null" \
 	ac_cv_have_decl_HAVE_IB_ATOMIC_PTHREAD_T_GCC=yes \
 	ac_cv_have_decl_HAVE_IB_ATOMIC_PTHREAD_T_SOLARIS=no \
-- 
2.14.4

[Buildroot] [PATCH 2/3] oracle-mysql: use group mysql, not nogroup

[Christopher McCrory]

Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
---
 package/oracle-mysql/oracle-mysql.mk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package/oracle-mysql/oracle-mysql.mk b/package/oracle-mysql/oracle-mysql.mk
index 0275a8428f..aa9d8942f4 100644
--- a/package/oracle-mysql/oracle-mysql.mk
+++ b/package/oracle-mysql/oracle-mysql.mk
@@ -99,7 +99,7 @@ ORACLE_MYSQL_CONF_OPTS += --without-debug
 endif
 
 define ORACLE_MYSQL_USERS
-	mysql -1 nogroup -1 * /var/mysql - - MySQL daemon
+	mysql -1 mysql -1 * /var/mysql - - MySQL daemon
 endef
 
 define ORACLE_MYSQL_ADD_FOLDER
-- 
2.14.4

[Buildroot] [PATCH 3/3] oracle-mysql: check for my.cnf before starting

[Christopher McCrory]

Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
---
 package/oracle-mysql/S97mysqld | 1 +
 1 file changed, 1 insertion(+)

diff --git a/package/oracle-mysql/S97mysqld b/package/oracle-mysql/S97mysqld
index 110ca2cd12..9777ff7775 100644
--- a/package/oracle-mysql/S97mysqld
+++ b/package/oracle-mysql/S97mysqld
@@ -3,6 +3,7 @@
 MYSQL_DIR="/var/mysql"
 MYSQL_USER="mysql"
 
+[ -r /etc/my.cnf ] || exit 0
 [ -r /etc/default/mysql ] && . /etc/default/mysql
 
 case "$1" in
-- 
2.14.4

[Buildroot] [PATCH 1/3] oracle-mysql: fix hostname path

[Thomas Petazzoni]

Hello Christopher,

On Mon, 20 Aug 2018 04:13:02 -0700, Christopher McCrory wrote:
> Signed-off-by: Christopher McCrory <chrismcc@gmail.com>

An empty commit log for such a change is really not good. What is
broken ? How does this fix what was broken ?

In general, a good rule: if your commit log is empty, something is
wrong.

So for this time, I've added a commit log and applied your patch to
master, see at
https://git.buildroot.org/buildroot/commit/?id=0bf656ead9801552f939217c5cc019fa24583b90
what I added. For your next contributions, I will now expect a
non-empty commit log actually explaining what the issue was, and how
the patch solves it.

Thanks,

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 2/3] oracle-mysql: use group mysql, not nogroup

[Thomas Petazzoni]

Hello,

On Mon, 20 Aug 2018 04:13:03 -0700, Christopher McCrory wrote:
> Signed-off-by: Christopher McCrory <chrismcc@gmail.com>

Why ?

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 3/3] oracle-mysql: check for my.cnf before starting

[Thomas Petazzoni]

Hello,

On Mon, 20 Aug 2018 04:13:04 -0700, Christopher McCrory wrote:
> Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
> ---
>  package/oracle-mysql/S97mysqld | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/package/oracle-mysql/S97mysqld b/package/oracle-mysql/S97mysqld
> index 110ca2cd12..9777ff7775 100644
> --- a/package/oracle-mysql/S97mysqld
> +++ b/package/oracle-mysql/S97mysqld
> @@ -3,6 +3,7 @@
>  MYSQL_DIR="/var/mysql"
>  MYSQL_USER="mysql"
>  
> +[ -r /etc/my.cnf ] || exit 0

Actually my preference is to fail hard if the configuration file
doesn't exist. I don't like those errors that are silently ignored, and
I've been lobbying to drop those test from our init scripts, and I
think most of the core contributors agreed with that.

If an /etc/my.cnf is mandatory for mysqld to start, then I would
suggest that we install an example/minimal /etc/my.cnf so that the
mysqld server starts properly in an out of the box Buildroot
installation.

Thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com