MySQL 因 AppArmor 而无法启动?

MySQL 因 AppArmor 而无法启动?

我正在尝试在 Kubuntu 16.04 上安装 mysql-server-5.7,但是遇到了麻烦。

sudo apt install mysql-server给出以下输出。

Setting up mysql-server-5.7 (5.7.18-0ubuntu0.16.04.1) ...
Renaming removed key_buffer and myisam-recover options (if present)
Job for mysql.service failed because the control process exited with error code. See "systemctl status mysql.service" and "journalctl -xe" for details.
invoke-rc.d: initscript mysql, action "start" failed.
● mysql.service - MySQL Community Server
   Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
   Active: activating (auto-restart) (Result: exit-code) since ons 2017-05-17 09:48:39 CEST; 10ms ago
  Process: 13622 ExecStartPost=/usr/share/mysql/mysql-systemd-start post (code=exited, status=0/SUCCESS)
  Process: 13621 ExecStart=/usr/sbin/mysqld (code=exited, status=2)
  Process: 13612 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, status=0/SUCCESS)
 Main PID: 13621 (code=exited, status=2)

maj 17 09:48:39 anis systemd[1]: Failed to start MySQL Community Server.
maj 17 09:48:39 anis systemd[1]: mysql.service: Unit entered failed state.
maj 17 09:48:39 anis systemd[1]: mysql.service: Failed with result 'exit-code'.
dpkg: error processing package mysql-server-5.7 (--configure):
 subprocess installed post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of mysql-server:
 mysql-server depends on mysql-server-5.7; however:
  Package mysql-server-5.7 is not configured yet.

dpkg: error processing package mysql-server (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 mysql-server-5.7
 mysql-server
E: Sub-process /usr/bin/dpkg returned an error code (1)

当尝试通过运行进行故障排除时,journalctl -xe我得到了如下的输出,这似乎表明 AppArmor 给我带来了麻烦。

maj 17 09:53:14 anis systemd[1]: Starting MySQL Community Server...
-- Subject: Unit mysql.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit mysql.service has begun starting up.
maj 17 09:53:14 anis audit[14767]: AVC apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/14767/status" pid=14767 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=124 ouid=124
maj 17 09:53:14 anis audit[14767]: AVC apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=14767 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=124 ouid=0
maj 17 09:53:14 anis kernel: audit: type=1400 audit(1495007594.314:240): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/14767/status" pid=14767 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=124 ouid=124
maj 17 09:53:14 anis kernel: audit: type=1400 audit(1495007594.314:241): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=14767 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=124 ouid=0
maj 17 09:53:14 anis kernel: audit: type=1400 audit(1495007594.314:242): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/14767/status" pid=14767 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=124 ouid=124
maj 17 09:53:14 anis audit[14767]: AVC apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/14767/status" pid=14767 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=124 ouid=124
maj 17 09:53:14 anis audit[14767]: AVC apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/14767/task/14767/mem" pid=14767 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=124 ouid=124
maj 17 09:53:14 anis kernel: audit: type=1400 audit(1495007594.658:243): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/14767/task/14767/mem" pid=14767 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=124 ouid=124
maj 17 09:53:14 anis systemd[1]: mysql.service: Main process exited, code=exited, status=2/INVALIDARGUMENT

我该如何解决这个问题?

答案1

您需要编辑 apparmor 配置以允许 MySQL 访问这些文件。日志消息告诉您/usr/sbin/mysqld需要读取 ( r) 权限才能打开/proc/14767/status/sys/devices/system/node/(尾部斜杠是因为它想要读取目录)和/proc/14767/task/14767/mem。要编辑的文件是/etc/apparmor.d/usr.sbin.mysqld

就我而言,我通过在中间某处添加以下几行(每行前面有两个空格)解决了该问题:

  /proc/*/status r,
  /sys/devices/system/node/ r,
  /sys/devices/system/node/node0/meminfo r,

(请注意第二行末尾的斜杠。)

完成后,尝试启动 MySQL,如果出现更多错误,也添加这些文件并重试。

这里是我在其他地方对这个问题给出的答案。

答案2

可能是这样的: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739846 所以尝试使用

echo "exit 0" >> /etc/init.d/mysql
dpkg --configure -a

如果没有帮助,请使用:

sudo apt-get purge mysql-server mysql-client mysql-common mysql-server-5.5
sudo apt-get install mysql-server

完全删除你的 mysql 并重新安装警告:如果你有任何数据库,它们将被删除。

答案3

我用这个解决了这个问题:

编辑/etc/apparmor.d/local/usr.sbin.mysqld

添加以下行:

/data/ r,
/data/** rwk,

重新加载装甲服务

sudo service apparmor reload

答案4

就我而言,在使用上述答案后尝试在 Ubuntu 16.04 上安装 mysql-server-5.7,唯一有效的方法是:

  1. 跑步sudo apt install mysql-server
  2. 检查上述确切错误
  3. 重启
  4. 再次运行sudo apt install mysql-server继续安装

安装完成。

相关内容