On 11/18/2016 08:00 AM, Lars Tangvald wrote:
Hi,
On 11/17/2016 06:02 PM, Jean Louis wrote:
I am sorry, that I filed bug in the wrong package, it was
unintentional mistake. It should be in mysql-server. And I know all
about specifics.
In my case, there is nothing that I have changed in my Mysql
configuration from the plain install. That is why I filed the
bug. Otherwise I would look first on my side.
And I was surprised it did not work, as I was used to the stability
and certainty when upgrading.
I could not find the solution
I was reading other bugs and I found:
[mysqld]
secure_file_priv = /var/lib/mysql
So I have put it in /etc/mysql/conf.d and now I got it working. Even I
don't even know what is it about, as being so lazy to read the
documentation. Sorry.
Still I think it should not be like that, the upgrade should go
smooth, especially for databases. Nothing angers me, thank you for
putting attention. I am supporter of free software and use Debian on
remote servers.
Jean Louis
Hi,
In this case, the server defaults to
secure_file_priv=/var/lib/mysql-files, and will require this directory
to be created.
This is a big change to make in a stable release, but the old behavior
was a potential security risk, so we felt it was justified. The
upgrade _should_ have created this directory automatically, so if it
failed for you then there's probably something with your environment
we didn't account for. If you have any console logs or mysql error
logs from the update it would be good if you can attach them to the bug.
One important note, however:
The solution you note, setting secure_file_priv=/var/lib/mysql (the
data directory) is not a good one. You should either set it to NULL or
to a separate, empty directory owned by the mysql user.
The secure_file_priv setting determines where the server is allowed to
read and write files using import/export operations. Setting it to the
same location as the database will mean that any user of your database
can get full access.
Correction here: You need the FILE privilege to use these operations.
--
Lars
