So I decided to initialize a new datadir on my MariaDB installation. I’m trying to make sure that I can both CRUD databases, and also read and write them in the File Manager.
I’ve managed to get mysql_install_db to work after some initial problems, leading me to discover ACL. I’ve tried to set it up so that I get an rwx mask, with full group permissions, as I have added my username to the mysql group.
So the datadir is /media/pi/Data/MariaDB. Data is the label of the partition on an external harddrive, and MariaDB is where I intend to store my databases.
So the problem is that no matter what I try, once the database has been initialized, I don’t have access to view the new folders in my file manager. This is due to the ACL mask for the new folders being set to -, even though the default is rwx.
So here’s what I’ve tried so far. I ran
sudo usermod -a -G mysql pi
to add my user to the mysql group.
I run the following command to set the ACL for the MariaDB folder, as well as defaults for any files and subdirectories inside.
sudo setfacl -R -m g:mysql:rwx,m:rwx,d:g:mysql:rwx,d:m:rwx /media/pi/Data/MariaDB
So the mysql group is supposed to get full permissions for the MariaDB folder, as well as any files and folders inside, and the same goes for the mask entry, so that I’m sure I actually get full permissions.
I also run chgrp on /media and all subfolders, as it turned out that the problem I was having with getting mysql_install_db to initialize the new datadir, was due to the mysql user not having proper permissions to the parent folders /media and /media/pi.
sudo chgrp -R mysql /media/
And finally I have even tried setting UMASK and UMASK_DIR to 770 (and even tried 007 as I read somewhere that MariaDB uses the opposite bits to what ACL does, i.e. 7 being rwx would need to be 0 in UMASK and UMASK_DIR). I did so by creating a new mariadb.sh file in /etc/profile.d/, and adding the following lines to it.
export UMASK=0770 export UMASK_DIR=0770
I even checked that the mysql user actually has both variables set, not just the pi user, and it does.
And of course I change the datadir line in /etc/mysql.d/50-server.cnf to this.
datadir = /media/pi/Data/MariaDB
After having done all of the above, I run the following line to initialize the datadir.
sudo mysql_install_db --defaults-file=/etc/mysql/my.cnf --basedir=/usr --user=mysql
So now I run two getfacl commands and get the following results.
getfacl /media/pi/Data/MariaDB/ getfacl: Removing leading '/' from absolute path names # file: media/pi/Data/MariaDB/ # owner: mysql # group: mysql # flags: -s- user::rwx group::r-x group:mysql:rwx mask::rwx other::r-x default:user::rwx default:group::r-x default:group:mysql:rwx default:mask::rwx default:other::r-x
getfacl /media/pi/Data/MariaDB/mysql/ getfacl: Removing leading '/' from absolute path names # file: media/pi/Data/MariaDB/mysql/ # owner: mysql # group: mysql # flags: -s- user::rwx group::r-x #effective:--- group:mysql:rwx #effective:--- mask::--- other::--- default:user::rwx default:group::r-x default:group:mysql:rwx default:mask::rwx default:other::r-x
As you can see, the MariaDB folder has the ACL permissions I would expect, and its default permissions are also as they should be. I can see that the mysql folder also inherits the default permissions, but for some reason the default mask isn’t used, instead being set to —, which of course means no effective permissions for the groups.
Furthermore, this problem means that when I reboot, the MariaDB server won’t start up, so when I run
systemctl -l status mariadb
one of the lines in the output reads
[Warning] Can't create test file /media/pi/Data/MySQL/raspberrypi.lower-test
However, oddly enough I can start the server just fine by running
sudo systemctl start mariadb
and then I can login to the server.
So the problem is two-fold. I need to be able to view all the schema folders and tables in my file manager, and I need the server to be able to start upon reboot. But for some reason I cannot begin to fathom, mysql_install_db ignores both UMASK/UMASK_DIR and the ACL permissions I’ve set. Can anyone help me achieve some enlightment here, help get these problems solved?