Ubuntu 8.04 “Bug” With MySQL and AppArmor

This one drove me nuts FOR HOURS! I tried setting up my new LAMP server with the newly-released Ubuntu 8.04. When it came time to switch the configuration files so that Apache and MySQL would use /srv instead of /var/lib, Apache worked but MySQL did not.

The prolonged brain-strain stemmed from these three things:

  • I insist on using custom directories.
  • Debian switches logging from MySQL’s mysql.log and mysql.err files under /var/log/mysql and into /var/log/syslog.
  • AppArmor is something new to Ubuntu, so I wasn’t familiar with what its logs look like.
  • The logs generated by tripping AppArmor aren’t too specific.

I’ve included a copy of my logs so you can see why. I’ve color-coded things so you won’t have a headache trying to decipher what’s going on. The time stamp is blue, machine name is red, messages from MySQL are in green, and kernel messages due to AppArmor are in purple.

Apr 24 21:03:05 sara mysqld_safe[7586]: started
Apr 24 21:03:05 sara kernel: [ 1156.950776] audit(1209085385.976:14): type=1503 operation=”inode_create” requested_mask=”w::” denied_mask=”w::” name=”/srv/mysql/sara.lower-test” pid=7588 profile=”/usr/sbin/mysqld” namespace=”default”
Apr 24 21:03:05 sara mysqld[7589]: 080424 21:03:05 [Warning] Can’t create test file /srv/mysql/sara.lower-test
Apr 24 21:03:05 sara kernel: [ 1156.955085] audit(1209085385.980:15): type=1503 operation=”inode_create” requested_mask=”w::” denied_mask=”w::” name=”/srv/mysql/sara.lower-test” pid=7588 profile=”/usr/sbin/mysqld” namespace=”default”
Apr 24 21:03:05 sara mysqld[7589]: 080424 21:03:05 [Warning] Can’t create test file /srv/mysql/sara.lower-test
Apr 24 21:03:06 sara kernel: [ 1157.018500] audit(1209085386.044:16): type=1503 operation=”inode_permission” requested_mask=”rw::” denied_mask=”rw::” name=”/srv/mysql/ibdata1″ pid=7588 profile=”/usr/sbin/mysqld” namespace=”default”
Apr 24 21:03:06 sara mysqld[7589]: 080424 21:03:06 InnoDB: Operating system error number 13 in a file operation.
Apr 24 21:03:06 sara mysqld[7589]: InnoDB: The error means mysqld does not have the access rights to
Apr 24 21:03:06 sara mysqld[7589]: InnoDB: the directory.
Apr 24 21:03:06 sara mysqld[7589]: InnoDB: File name ./ibdata1
Apr 24 21:03:06 sara mysqld[7589]: InnoDB: File operation call: ‘open’.
Apr 24 21:03:06 sara mysqld[7589]: InnoDB: Cannot continue operation.
Apr 24 21:03:06 sara mysqld_safe[7597]: ended

Hindsight being 20/20, it’s easy to see what’s going on now. MySQL was trying to access something, and AppArmor was saying, “No!” To those of us new to this, it looks like the MySQL process might not have the proper access rights to the files or directories it needs to have access to. I stared for double-digit minutes comparing access rights between /var/lib/mysql and /srv/mysql. It was only after I started Googling that I came across the bug report for Ubuntu 8.04 while it was in beta.

From now on, I’m mounting my partitions to /var/lib instead of /srv. :x

About these ads