Hi Russell, Thank you for explaining this to me.
On Thu, Oct 15, 2015 at 01:19:23PM +1100, Russell Coker wrote: > Every directory that is in a Debian package has it's context set by dpkg. So > if you were to add /var/lib/mysql/mysql and /var/log/mysql to the package > then > they would have their context set correctly. > > For /var/run directories if you add them to a systemd-tmpfiles configuration > they will get the right context. Add a file named /usr/lib/tmpfiles.d/mysql- > server.conf with the following contents: > D /var/run/mysqld 0755 mysql root This sounds like a better route to me. > With those changes (adding directories to packages and using > systemd-tmpfiles) > there would be no risk of regression and no SE Linux specific code in your > package. > > Systemd is now the default init system in Debian so eventually you have to > write a systemd service file for mysql. When you do that you have to use the > tmpfiles.d configuration which will solve this issue. I'd be happy if you > just > told everyone who uses MySQL on SE Linux to use systemd and didn't bother > fixing the old SysVInit script. But while MySQL users are forced to start > the > daemon in the old way it would be good to make it work properly on SE Linux. We are actually already using systemd: https://anonscm.debian.org/cgit/pkg-mysql/mysql-5.6.git/tree/debian/mysql-server-5.6.mysql.service Given that we're using systemd, should we adjust your patch to do what you described above instead before applying? That is, ship /var/lib/mysql and /var/log/mysql using dh_installdirs (if I understand you correctly)? The systemd service already uses RuntimeDirectory so will this cause the right thing to happen, or do we still need a /usr/lib/tmpfiles.d entry? Robie
signature.asc
Description: Digital signature
