Hello community, here is the log from the commit of package mariadb for openSUSE:Factory checked in at 2017-05-30 16:10:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mariadb (Old) and /work/SRC/openSUSE:Factory/.mariadb.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mariadb" Tue May 30 16:10:44 2017 rev:57 rq:499777 version:10.1.22 Changes: -------- --- /work/SRC/openSUSE:Factory/mariadb/mariadb.changes 2017-04-18 13:46:56.799782610 +0200 +++ /work/SRC/openSUSE:Factory/.mariadb.new/mariadb.changes 2017-05-30 16:10:47.485683357 +0200 @@ -1,0 +2,15 @@ +Tue May 30 13:12:47 UTC 2017 - fv...@suse.com + +- Add mariadb-10.1.22-xtradb_null_checks.patch (boo#1041525) + (See also https://jira.mariadb.org/browse/MDEV-12358) +- switch from '/var/run' to '/run' as /var/run is just a symlink to /run +- fix permissions for /var/run/mysql that were wrongly set to + 700 instead of 755 due to added umask. This prevented non-root + from connecting to the database [bsc#1038740] +- change permissions of the configuration dir/files to 755/644. + Please note that storing the password in the /etc/my.cnf file is + not safe. Use for example an option file that is accessible only + by yourself [bsc#889126] +- set the default umask to 077 in mysql-systemd-helper [bsc#1020976] + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mariadb.spec ++++++ --- /var/tmp/diff_new_pack.sMWJfM/_old 2017-05-30 16:10:49.265432366 +0200 +++ /var/tmp/diff_new_pack.sMWJfM/_new 2017-05-30 16:10:49.269431802 +0200 @@ -544,7 +544,7 @@ install -m 644 "${i}" "${DOCDIR}" || true done # Default configuration file -install -m 660 %{SOURCE14} %{buildroot}%{_sysconfdir}/my.cnf +install -m 664 %{SOURCE14} %{buildroot}%{_sysconfdir}/my.cnf # Systemd/initscript install -D -m 755 %{_sourcedir}/mysql-systemd-helper '%{buildroot}'%{_libexecdir}/mysql/mysql-systemd-helper @@ -744,9 +744,9 @@ %files -f mysql.files %defattr(-, root, root) -%config(noreplace) %attr(0640, root, mysql) %{_sysconfdir}/my.cnf -%dir %attr(0750, root, mysql) %{_sysconfdir}/my.cnf.d -%config(noreplace) %attr(0640, root, mysql) %{_sysconfdir}/my.cnf.d/* +%config(noreplace) %attr(0644, root, mysql) %{_sysconfdir}/my.cnf +%dir %attr(0755, root, mysql) %{_sysconfdir}/my.cnf.d +%config(noreplace) %attr(0644, root, mysql) %{_sysconfdir}/my.cnf.d/* %config %{_sysconfdir}/logrotate.d/%{name} %doc %{_defaultdocdir}/%{name} %dir %{_libexecdir}/mysql ++++++ README.SUSE ++++++ --- /var/tmp/diff_new_pack.sMWJfM/_old 2017-05-30 16:10:49.341421649 +0200 +++ /var/tmp/diff_new_pack.sMWJfM/_new 2017-05-30 16:10:49.345421085 +0200 @@ -35,7 +35,7 @@ File locations changes: - MySQL socket file and pid file were moved from /var/lib/mysql to more - reasonable location ( /var/run/mysql ) by default. + reasonable location ( /run/mysql ) by default. - MySQL log files are in /var/log/mysql. 3) BerkeleyDB: ++++++ configuration-tweaks.tar.xz ++++++ ++++++ my.ini ++++++ --- /var/tmp/diff_new_pack.sMWJfM/_old 2017-05-30 16:10:49.485401344 +0200 +++ /var/tmp/diff_new_pack.sMWJfM/_new 2017-05-30 16:10:49.485401344 +0200 @@ -2,11 +2,14 @@ # It is based on upstream defaults with some additional examples. -# The following options will be passed to all MariaDB clients +# The following options will be passed to all MySQL/MariaDB clients [client] -# password = your_password +# Please note that storing the password in this file is not safe. For this +# purpose you can, for example, list your password in the [client] section +# of the '~/.my.cnf' configuration file with an access mode set to 400 or 600. +# password = your_password # port = 3306 -# socket = /var/run/mysql/mysql.sock +# socket = /run/mysql/mysql.sock [mysqld] @@ -38,7 +41,7 @@ # These are commonly set, remove the # and set as required. # port = 3306 -# socket = /var/run/mysql/mysql.sock +# socket = /run/mysql/mysql.sock # Don't listen on a TCP/IP port at all. This can be a security enhancement, # if all processes that need to connect to mysqld run on the same host. ++++++ mysql-patches.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mysql-patches/mysql-patches/mariadb-10.1.22-xtradb_null_checks.patch new/mysql-patches/mysql-patches/mariadb-10.1.22-xtradb_null_checks.patch --- old/mysql-patches/mysql-patches/mariadb-10.1.22-xtradb_null_checks.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/mysql-patches/mysql-patches/mariadb-10.1.22-xtradb_null_checks.patch 2017-05-30 14:51:50.656604976 +0200 @@ -0,0 +1,21 @@ +PATCH-P1-FIX-HACK: Disable attributes globally to avoid GCC7 optimizing away null checks + +See boo#1041525. +Source of this patch: +https://jira.mariadb.org/browse/MDEV-12358?focusedCommentId=94692&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-94692 + +Maintainer: Fabian Vogt <fv...@suse.com> + +Index: mariadb-10.1.22/storage/xtradb/include/univ.i +=================================================================== +--- mariadb-10.1.22.orig/storage/xtradb/include/univ.i ++++ mariadb-10.1.22/storage/xtradb/include/univ.i +@@ -261,7 +261,7 @@ operations (very slow); also UNIV_DEBUG + that are only referenced from within InnoDB, not from MySQL. We disable the + GCC visibility directive on all Sun operating systems because there is no + easy way to get it to work. See http://bugs.mysql.com/bug.php?id=52263. */ +-#define MY_ATTRIBUTE __attribute__ ++#define MY_ATTRIBUTE(X) /* empty */ + #if defined(__GNUC__) && (__GNUC__ >= 4) && !defined(sun) || defined(__INTEL_COMPILER) + # define UNIV_INTERN MY_ATTRIBUTE((visibility ("hidden"))) + #else ++++++ mysql-systemd-helper ++++++ --- /var/tmp/diff_new_pack.sMWJfM/_old 2017-05-30 16:10:49.565390064 +0200 +++ /var/tmp/diff_new_pack.sMWJfM/_new 2017-05-30 16:10:49.569389500 +0200 @@ -12,10 +12,10 @@ mysql_daemon_group=mysql if [[ -z "$INSTANCE" ]]; then datadir=/var/lib/mysql - socket="/var/run/mysql/mysql.sock" + socket="/run/mysql/mysql.sock" else datadir="/var/lib/mysql-$INSTANCE" - socket="/var/run/mysql/mysql.${INSTANCE}.sock" + socket="/run/mysql/mysql.${INSTANCE}.sock" fi # Read options - important for multi setup @@ -75,7 +75,7 @@ echo "Trying to run upgrade of MySQL databases..." # Check whether upgrade process is not already running - protected="$(cat "/var/run/mysql/protecteddir.$INSTANCE" 2> /dev/null)" + protected="$(cat "/run/mysql/protecteddir.$INSTANCE" 2> /dev/null)" if [[ -n "$protected" && -d "$protected" ]]; then pid="$(cat "$protected/mysqld.pid" 2> /dev/null)" if [[ "$pid" && -d "/proc/$pid" ]] && @@ -84,10 +84,10 @@ else echo "Stale files from previous upgrade detected, cleaned them up" rm -rf "$protected" - rm -f "/var/run/mysql/protecteddir.$INSTANCE" + rm -f "/run/mysql/protecteddir.$INSTANCE" fi fi - protected="$(mktemp -d -p /var/tmp mysql-protected.XXXXXX | tee "/var/run/mysql/protecteddir.$INSTANCE")" + protected="$(mktemp -d -p /var/tmp mysql-protected.XXXXXX | tee "/run/mysql/protecteddir.$INSTANCE")" [ -n "$protected" ] || die "Can't create a tmp dir '$protected'" # Create a secure tmp dir @@ -134,7 +134,7 @@ # Cleanup echo "Final cleanup" if [[ -z "$up_ok" ]]; then - rm -rf "$protected" "/var/run/mysql/protecteddir.$INSTANCE" + rm -rf "$protected" "/run/mysql/protecteddir.$INSTANCE" else die "Something failed during upgrade, please check logs" fi @@ -167,10 +167,15 @@ # We rely on output in english at some points LC_ALL=C +# set the default umask bsc#1020976 +umask 077 + INSTANCE="$2" read_config -mkdir -p /var/run/mysql -chown --no-dereference "$mysql_daemon_user:$mysql_daemon_group" /var/run/mysql +mkdir -p /run/mysql +# fix permissions for /run/mysql (bsc#1038740) +chmod 755 /run/mysql +chown --no-dereference "$mysql_daemon_user:$mysql_daemon_group" /run/mysql case "$1" in install) mysql_install ;; ++++++ series ++++++ --- /var/tmp/diff_new_pack.sMWJfM/_old 2017-05-30 16:10:49.645378783 +0200 +++ /var/tmp/diff_new_pack.sMWJfM/_new 2017-05-30 16:10:49.645378783 +0200 @@ -10,3 +10,4 @@ mariadb-10.1.12-fortify-and-O.patch mariadb-10.1.16-systemd-cmake.patch mariadb-10.1.18-mysql_install_db-mariadb_dirs.patch +mariadb-10.1.22-xtradb_null_checks.patch