我已经改变了mysql的数据目录。
为了那个原因
我将文件夹移至
/var/lib/mysql新目录改变了 datadir
/etc/mysql/mysql.conf.d/mysqld.cnf,更改了 apparmor 配置
/etc/apparmor.d/usr.sbin.mysqld:/newDirectory/mysql/ r, /newDirectory/mysql/** rwk,添加
alias /var/lib/mysql/ -> /newDirectory/mysql/,到/etc/apparmor.d/tunables/alias授予 mysql 所有权和权限
sudo chown -R mysql.mysql /newDirectory/mysql sudo chmod -R 775 /newDirectory/mysql
但我仍然无法启动mysql并出现以下错误:
mysqld: Can't change dir to '/newDirectory/mysql/' (Errcode: 13 - Permission denied)
造成该错误的其他原因还有什么?
编辑:
journalctl -xe
Aug 24 13:29:30 Server audit[2288]: AVC apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/2288/status" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Aug 24 13:29:30 Server audit[2288]: AVC apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=0
Aug 24 13:29:30 Server audit[2288]: AVC apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/2288/status" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Aug 24 13:29:30 Server kernel: audit: type=1400 audit(1535110170.413:3083): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/2288/status" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Aug 24 13:29:30 Server kernel: audit: type=1400 audit(1535110170.413:3084): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=0
Aug 24 13:29:30 TIE-Server kernel: audit: type=1400 audit(1535110170.413:3085): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/2288/status" pid=2288 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=121 ouid=121
Aug 24 13:29:30 Server mysqld[2288]: mysqld: Can't change dir to '/newDirectory/mysql/' (Errcode: 13 - Permission denied)
编辑2:
受到这篇文章的启发https://askubuntu.com/a/953988/863451,我在文件中添加了/etc/apparmor.d/usr.sbin.mysqld
/proc/*/status r,
/sys/devices/system/node/ r,
不幸的是,这并没有改变任何事情。
编辑3:
尝试运行 George Udosen 的解决方案后(https://askubuntu.com/a/1068832/863451)错误日志如下所示:
**journalctl -xe**
Aug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.673061Z 0 [Warning] Changed limits: table_open_cache: 431 (requested 2000)
Aug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.844943Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_
Aug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.845053Z 0 [Warning] Can't create test file /newDirectory/Server.lower-test
Aug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.845104Z 0 [Note] /usr/sbin/mysqld (mysqld 5.7.23-0ubuntu0.16.04.1) starting as process 19214 ...
Aug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.849145Z 0 [Warning] Can't create test file /newDirectory/mysql/Server.lower-test
Aug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.849168Z 0 [Warning] Can't create test file newDirectory/mysql/Server.lower-test
Aug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.850029Z 0 [ERROR] failed to set datadir to /newDirectory/mysql/
Aug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.850049Z 0 [ERROR] Aborting
Aug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.850071Z 0 [Note] Binlog end
Aug 27 11:04:33 Server mysqld[19214]: 2018-08-27T09:04:33.850133Z 0 [Note] /usr/sbin/mysqld: Shutdown complete
Aug 27 11:04:33 Server systemd[1]: mysql.service: Main process exited, code=exited, status=1/FAILURE
Aug 27 11:05:03 Server systemd[1]: Failed to start MySQL Community Server.
-- Subject: Unit mysql.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit mysql.service has failed.
--
-- The result is failed.
Aug 27 11:05:03 Server systemd[1]: mysql.service: Unit entered failed state.
Aug 27 11:05:03 Server systemd[1]: mysql.service: Failed with result 'exit-code'.
Aug 27 11:05:04 Server systemd[1]: mysql.service: Service hold-off time over, scheduling restart.
Aug 27 11:05:04 Server systemd[1]: Stopped MySQL Community Server.
-- Subject: Unit mysql.service has finished shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit mysql.service has finished shutting down.
Aug 27 11:05:04 TIE-Server systemd[1]: Starting MySQL Community Server...
-- Subject: Unit mysql.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit mysql.service has begun starting up.
Aug 27 11:05:04 Server mysqld[19313]: mysqld: Can't change dir to '/newDirectory/mysql/' (Errcode: 13 - Permission denied)
Aug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.170717Z 0 [Warning] Changed limits: max_open_files: 1024 (requested 5000)
Aug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.170788Z 0 [Warning] Changed limits: table_open_cache: 431 (requested 2000)
Aug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.345141Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_
Aug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.345239Z 0 [Warning] Can't create test file /newDirectory/mysql/Server.lower-test
Aug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.345288Z 0 [Note] /usr/sbin/mysqld (mysqld 5.7.23-0ubuntu0.16.04.1) starting as process 19313 ...
Aug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.349475Z 0 [Warning] Can't create test file /newDirectory/mysql/Server.lower-test
Aug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.349498Z 0 [Warning] Can't create test file /newDirectory/mysql/Server.lower-test
Aug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.350320Z 0 [ERROR] failed to set datadir to /newDirectory/mysql/
Aug 27 11:05:04 Server mysqld[19313]: 2018-08-27T09:05:04.350339Z 0 [ERROR] Aborting
Aug 27 11:05:04Server mysqld[19313]: 2018-08-27T09:05:04.350357Z 0 [Note] Binlog end
Aug 27 11:05:04 TIE-Server mysqld[19313]: 2018-08-27T09:05:04.350414Z 0 [Note] /usr/sbin/mysqld: Shutdown complete
Aug 27 11:05:04 TIE-Server systemd[1]: mysql.service: Main process exited, code=exited, status=1/FAILURE
**systemctl status mysql.service**
mysql.service - MySQL Community Server
Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
Active: activating (start-post) (Result: exit-code) since Mon 2018-08-27 11:18:01 CEST; 11s ago
Process: 21747 ExecStart=/usr/sbin/mysqld (code=exited, status=1/FAILURE)
Process: 21730 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, status=0/SUCCESS)
Main PID: 21747 (code=exited, status=1/FAILURE); : 21749 (mysql-systemd-s)
Tasks: 2
Memory: 6.2M
CPU: 291ms
CGroup: /system.slice/mysql.service
└─control
├─21749 /bin/bash /usr/share/mysql/mysql-systemd-start post
└─21779 sleep 1
Aug 27 11:18:01 Server systemd[1]: Starting MySQL Community Server...
Aug 27 11:18:01 TIE-Server mysqld[21747]: mysqld: Can't change dir to 'newDirectory/mysql/' (Errcode: 13 - Permission denied)
Aug 27 11:18:01 Server mysqld[21747]: 2018-08-27T09:18:01.671709Z 0 [Warning] Changed limits: max_open_files: 1024 (requested 5000)
Aug 27 11:18:01 Server mysqld[21747]: 2018-08-27T09:18:01.671780Z 0 [Warning] Changed limits: table_open_cache: 431 (requested 2000)
Aug 27 11:18:01 Server mysqld[21747]: 2018-08-27T09:18:01.844978Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_
Aug 27 11:18:01 Server mysqld[21747]: 2018-08-27T09:18:01.845090Z 0 [Warning] Can't create test file /newDirectory/mysql/Server.lower-test
Aug 27 11:18:01 Server mysqld[21747]: 2018-08-27T09:18:01.845141Z 0 [Note] /usr/sbin/mysqld (mysqld 5.7.23-0ubuntu0.16.04.1) starting as process 21747 ...
Aug 27 11:18:01 Server systemd[1]: mysql.service: Main process exited, code=exited, status=1/FAILURE
编辑4:
mysql apparmor 配置文件的当前状态:
sudo aa-status | grep -e "^[[:alnum:]]" -e mysql
apparmor module is loaded.
80 profiles are loaded.
41 profiles are in enforce mode.
39 profiles are in complain mode.
/usr/bin/mysql
/usr/sbin/mysqld
12 processes have profiles defined.
8 processes are in enforce mode.
4 processes are in complain mode.
/usr/sbin/mysqld (8455)
0 processes are unconfined but have a profile defined.
编辑5:
绑定安装也无济于事:https://askubuntu.com/a/663945/863451
答案1
我认为你可以尝试
将以下几行添加到/etc/apparmor.d/usr.sbin.mysqld内部/usr/sbin/mysqld部分中的 r 权限,它将是这样的:
/proc/*/status r,
/sys/devices/system/node/ r,
然后你可以使用以下方式重新加载 apparmor,
service apparmor reload
然后重新启动 MySql 使用,
service mysql start
编辑
我认为尝试删除你没有的/sys/devices/system/node/node0/meminfo r,位置。systemctl
希望这可以帮助。
答案2
警告:备份 /etc/apparmor.d/usr.sbin.mysqld 和你的 mysql 数据库
让我分享一个更简单的方法来解决这个问题。现在我按照你的步骤进行操作:
/var/lib/mysql我使用以下命令将文件夹移动到新目录:sudo cp -r --preserve /var/lib/mysql /new/location改变了 datadir
/etc/mysql/mysql.conf.d/mysqld.cnf,更改了 apparmor 配置
/etc/apparmor.d/usr.sbin.mysqld:/newDirectory/mysql/ r, /newDirectory/mysql/** rwk,
笔记:我没做过步骤4因为步骤 1 已经处理好了这个问题。
现在安装apparmor tools:
sudo apt install apparmor*
这将安装:
apparmor-easyprof
apparmor-notify
apparmor-profiles
apparmor-profiles-extra
apparmor-utils
mysql 的 apparmor 配置文件不允许它访问新的目录位置,这里表示enforce运行时看到的状态
sudo aa-status | grep -e "^[[:alnum:]]" -e mysql
结果:
[sudo] password for georgek:
apparmor module is loaded.
114 profiles are loaded.
72 profiles are in enforce mode.
/usr/sbin/mysqld
42 profiles are in complain mode.
9 processes have profiles defined.
7 processes are in enforce mode.
/usr/sbin/mysqld (2066)
2 processes are in complain mode.
0 processes are unconfined but have a profile defined.
现在我们将使用命令修改 mysql 的当前配置文件sudo aa-genprof。这将扫描/var/log/syslog文件并查找apparmormysql 的异常,并使用该异常为其生成新的配置文件。让我们开始吧,从两个终端分别运行命令。aa-genprof先运行一个,然后在命令的引导下运行另一个aa-genprof:
sudo systemctl restart mysql
sudo aa-genprof /usr/bin/mysql
您将以这种格式看到几个可供选择的选项
[(S)can system log for AppArmor events] / (F)inish
...
(A)llow / [(D)eny] / (I)gnore / Audi(t) / Abo(r)t / (F)inish
阅读要添加的规则,然后根据需要单击键盘上的这些键以接受或拒绝它们。就我而言,我全部接受。完成后,您将看到以下行:
(S)ave Changes / Save Selec(t)ed Profile / [(V)iew Changes] / View Changes b/w (C)lean profiles / Abo(r)t
单击S完成。最后我的/etc/apparmor.d/usr.sbin.mysqld将被更新。现在运行sudo systemctl restart mysql它应该被允许访问该文件夹。