When running mysqld in this Dockerfile (on my Linux box, Linux 12.04)
Dockerfile:
FROM ubuntu:precise
RUN apt-get update
RUN apt-get install -y mysql-server
CMD ["/usr/sbin/mysqld"]
I get mysqld: error while loading shared libraries: libz.so.1: cannot open shared object file: Permission denied
Whereas running it on my Mac through boot2docker mysqld starts up just fine.
I have tried different base docker images:
phusion/baseimage:0.9.8
phusion/baseimage:0.9.1
ubuntu:latest
I have run apt-get update and apt-get upgrade (including updating Mysql) on the host system, I have rebooted the host system.
Any ideas on how to proceed?
Info about my system:
$ docker version
Client version: 0.9.0
Go version (client): go1.2.1
Git commit (client): 2b3fdf2
Server version: 0.9.0
Git commit (server): 2b3fdf2
Go version (server): go1.2.1
Last stable version: 0.9.0
$ docker info
Containers: 37
Images: 340
Driver: aufs
Root Dir: /var/lib/docker/aufs
Dirs: 414
WARNING: No swap limit support
$ uname -a
Linux Ubuntu-1204-precise-64-minimal 3.8.0-37-generic #53~precise1-Ubuntu SMP Wed Feb 19 21:37:54 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
Answer to leeduhem comments about permissions of libz.so.1:
$ ls -l /lib/x86_64-linux-gnu/libz.so.1
lrwxrwxrwx 1 root root 15 Nov 10 2011 /lib/x86_64-linux-gnu/libz.so.1 -> libz.so.1.2.3.4
$ ls -l /lib/x86_64-linux-gnu/libz.so.1.2.3.4
-rw-r--r-- 1 root root 92720 Nov 10 2011 /lib/x86_64-linux-gnu/libz.so.1.2.3.4
Changing permissions with
$ chmod +x /lib/x86_64-linux-gnu/libz.so.1.2.3.4
I still get the error.
Running strace -o /tmp/mysql.strace mysqld and cat /tmp/mysql.strace gives
execve("/usr/sbin/mysqld", ["mysqld"], [/* 7 vars */]) = 0
brk(0) = 0x7f4d41f7c000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4d403c5000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)
open("/lib/x86_64-linux-gnu/tls/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64-linux-gnu/tls/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/tls/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64-linux-gnu/tls", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64-linux-gnu/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)
stat("/lib/x86_64-linux-gnu", 0x7fff713907f0) = -1 EACCES (Permission denied)
open("/usr/lib/x86_64-linux-gnu/tls/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu/tls/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/tls/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu/tls", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu", 0x7fff713907f0) = -1 EACCES (Permission denied)
open("/lib/tls/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/tls/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/lib/tls/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/tls", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/lib/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/lib/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib", 0x7fff713907f0) = -1 EACCES (Permission denied)
open("/usr/lib/tls/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/tls/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/tls", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib", 0x7fff713907f0) = -1 EACCES (Permission denied)
writev(2, [{"mysqld", 6}, {": ", 2}, {"error while loading shared libra"..., 36}, {": ", 2}, {"libz.so.1", 9}, {": ", 2}, {"cannot open shared object file", 30}, {": ", 2}, {"Permission denied", 17}, {"\n", 1}], 10) = 107
Looking at the directories /lib and /lib/x86_64-linux-gnu that the trace seems to indicate are not permitted:
$ ls -ld /lib
drwxr-xr-x 12 root root 4096 Dec 16 13:42 /lib
$ ls -ld /lib/x86_64-linux-gnu
drwxr-xr-x 3 root root 4096 Mar 17 13:39 /lib/x86_64-linux-gnu
Deleting the container solve this problem for me.
Update: That solution worked not so long.
So I kept searching and found something related with Apparmor.
If you have mysql installed on your host, Apparmor may restrict access of this shared library for mysql installed on your docker container. The following fixed the problem:
#Type this on your host terminal
sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
So I solved the issue by using the devicemapper storage backend, as suggested by #jpetazzo.
Steps I carried out:
Stopped the docker deamon
Started the docker deamon with command docker -d -s="devicemapper"
Ran the docker run on the Dockerfile command again. And it worked without any problems.
If you have mysql-server installed on your host machine, then it installs an apparmor profile for mysqld. For me, the problem went away after I disabled the mysqld apparmor profile on the host with the following commands:
sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
Of course, this also means that apparmor will be disabled for mysqld on your host. I don't use mysqld so I'm okay with that.
Try
sudo apt-get update
sudo apt-get install -y mysql-server
Related
I tried to run binary file with qemu-mipsel-static :
qemu-mipsel-static -L ../ ./MyBinary
But process is crashed when it tried to access to /dev/urandom
│access("../dev/urandom", F_OK) = -1 ENOENT (No such file or directory)
How can I fix that?
Ok, i'm following official Mysql docs to enable encryption on a mysql database on docker:
Using the keyring_file File-Based Plugin
Keyring Plugin Installation
keyring_file_data
So here's what i've done:
added early-plugin-load and keyring_file_data to /etc/mysql/my.cnf (i used echo stuff >> file since mysql docker image has no text editor), so now it is:
[mysqld]
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
secure-file-priv= NULL
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# Custom config should go here
!includedir /etc/mysql/conf.d/
early-plugin-load=keyring_file.so
keyring_file_data=/usr/local/mysql/mysql-keyring/keyring
created keyring file with
cd /usr/local/mysql
mkdir mysql-keyring
chmod 750 mysql-keyring
chown mysql mysql-keyring
chgrp mysql mysql-keyring
restarted container to restart mysql
connected to mysql and checked plugin availability (whith no luck) with
mysql> SELECT PLUGIN_NAME, PLUGIN_STATUS
FROM INFORMATION_SCHEMA.PLUGINS
WHERE PLUGIN_NAME LIKE 'keyring%';
Checked the logs for errors:
2020-03-15T12:30:08.669015Z 0 [ERROR] [MY-011370] [Server] Plugin keyring_file reported: 'File '/usr/local/mysql/mysql-keyring/keyring' not found (OS errno 20 - Not a directory)'
2020-03-15T12:30:08.669036Z 0 [ERROR] [MY-011355] [Server] Plugin keyring_file reported: 'keyring_file initialization failure. Please check if the keyring_file_data points to readable keyring file or keyring file can be created in the specified location. The keyring_file will stay unusable until correct path to the keyring file gets provided'
2020-03-15T12:30:08.669053Z 0 [ERROR] [MY-010202] [Server] Plugin 'keyring_file' init function returned error.
So it look like that i correctly enabled the plugin, but something is wrong with the file.
Am i missing some steps?
keyring file
root#8c3670db35d4:/# ls -la /usr/local/mysql/mysql-keyring/
total 8
drwxr-s--- 2 mysql mysql 4096 Mar 15 12:34 .
drwxr-sr-x 3 root staff 4096 Mar 15 12:33 ..
-rw-r----- 1 mysql mysql 0 Mar 15 12:34 keyring
Are you sure you created the keyring file correctly inside the container ? This is how I was able to achieve the above with a correctly crafted Dockerfile.
Create a folder for your image project (use whatever folder you like)
mkdir /tmp/testMysqlKeyring
cd /tmp/testMysqlKeyring
Create a mysql keyring dropin configuration file keyring.cnf with the following content:
[mysqld]
early-plugin-load=keyring_file.so
keyring_file_data=/usr/local/mysql/mysql-keyring/keyring
Create a Dockerfile with the following content
FROM mysql:8
# Place the dropin config file in the relevant folder
COPY keyring.cnf /etc/mysql/conf.d/
# Create the keyring folder and adapt perms
RUN mkdir -p /usr/local/mysql/mysql-keyring && \
chmod 750 /usr/local/mysql/mysql-keyring && \
chown mysql.mysql /usr/local/mysql/mysql-keyring
Build image from the above configuration:
docker build -t file_keyringed_mysql:latest .
Run a container from that image (you will adapt with your exact volumes and environment later...)
docker run -d --rm --name my_keyring_test -e MYSQL_ALLOW_EMPTY_PASSWORD=true file_keyringed_mysql:latest
Check that plugin is correctly installed inside the container
$ docker exec my_keyring_test mysql -e "SELECT PLUGIN_NAME, PLUGIN_STATUS FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME LIKE 'keyring%';"
PLUGIN_NAME PLUGIN_STATUS
keyring_file ACTIVE
I tried to install mysql advanced 5.7.19 to non-default location onto Solaris SPARC 64bit
Non-default location: /opt/app/mysql
But face the following error:
During pkgadd: ld.so.1: mysqld: fatal: libstdc++.so.6: version 'GLIBCXX_3.4.20' not found (required by file bin/mysqld)
During mysql_install_db: ld.so.1: mysql_install_db: fatal: libstdc++.so.6: version 'GLIBCXX_3.4.20' not found (required by file mysql_install_db)
Below are my steps:
# working directory: /export/home/admin
root#host:/export/home/admin# cat /var/sadm/install/admin/custom
basedir=/opt/app/$PKGINST
root#host:/export/home/admin# pkgadd -a custom -d mysql-advanced-5.7.19-solaris11-sparc-64bit.pkg
...
Executing postinstall script.
ld.so.1: mysqld: fatal: libstdc++.so.6: version 'GLIBCXX_3.4.20' not found (required by file bin/mysqld)
ld.so.1: mysqld: fatal: libstdc++.so.6: open failed: No such file or directory
/var/sadm/pkg/mysql/install/postinstall: line 89: 7487: Killed
...
Installation of <mysql> was successful.
You have mail in /var/mail/root
# Change permission on /opt/app/mysql
root#host:/opt/app# chown -R mysql:mysql /opt/app/mysql
# Change to user: mysql
root#host:/opt/app# su - mysql
mysql#host:~$ cd /opt/app/mysql/mysql/bin
mysql#host:/opt/app/mysql/mysql/bin$ ./mysql_install_db --user=mysql --ldata=/opt/app/mysql/mysql/data
ld.so.1: mysql_install_db: fatal: libstdc++.so.6: version 'GLIBCXX_3.4.20' not found (required by file mysql_install_db)
ld.so.1: mysql_install_db: fatal: libstdc++.so.6: open failed: No such file or directory
Killed
Questions:
What did I missed?
Did my step were correct?
Please advise how to correctly install mysql-advanced 5.7.19 to non default location (using tar preferably).
So I am trying to compile Bind with DLZ ( mysql ) support on CentOS 7
After doing
./configure --prefix=/usr --sysconfdir=/etc/bind --localstatedir=/var --mandir=/usr/share/man --infodir=/usr/share/info --enable-threads --enable-largefile --with-libtool --enable-shared --enable-static --with-openssl=/usr --with-gssapi=/usr --with-gnu-ld --with-dlz-postgres=no --with-dlz-mysql=yes --with-dlz-bdb=no --with-dlz-filesystem=yes --with-dlz-stub=yes --enable-ipv6
and
make
I get the error:
/opt/bind/bind-9.11.0-P3/lib/isc/.libs/libisc.so ../../lib/isc/.libs/libisc.so -lcrypto -L/usr/lib/mysql -lmysqlclient -lcrypt -lm -ldl -lz -lpthread
/usr/bin/ld: cannot find -lmysqlclient
collect2: error: ld returned 1 exit status
make[2]: *** [named] Error 1
make[2]: Leaving directory `/opt/bind/bind-9.11.0-P3/bin/named'
make[1]: *** [subdirs] Error 1
make[1]: Leaving directory `/opt/bind/bind-9.11.0-P3/bin'
make: *** [subdirs] Error 1
I have gotten it to work on one CentOS 7 box, however I installed all sorts of whacky stuff while trying to get it to work. I don't actually know why it compiles on that machine, and I would like to be able to replicate the process. So I created a fresh install of CentOS 7 and try and find out how to compile Bind with DLZ support. Bind 9.11.0-P3.
I have mariadb-libs installed and the /usr/lib64/mysql directory looks like this.
ll /usr/lib64/mysql/
total 16884
-rw-r--r--. 1 root root 2687 Nov 14 15:15 INFO_BIN
-rw-r--r--. 1 root root 170 Sep 12 2016 INFO_SRC
lrwxrwxrwx. 1 root root 17 Mar 29 16:40 libmysqlclient_r.so -> libmysqlclient.so
lrwxrwxrwx. 1 root root 20 Mar 29 16:40 libmysqlclient.so -> libmysqlclient.so.18
lrwxrwxrwx. 1 root root 24 Mar 29 16:40 libmysqlclient.so.18 -> libmysqlclient.so.18.0.0
-rwxr-xr-x. 1 root root 3135736 Nov 14 15:17 libmysqlclient.so.18.0.0
lrwxrwxrwx. 1 root root 15 Mar 29 16:40 libmysqld.so -> libmysqld.so.18
-rwxr-xr-x. 1 root root 14116296 Nov 14 15:17 libmysqld.so.18
-rwxr-xr-x. 1 root root 10474 Nov 14 15:14 mysqlbug
-rwxr-xr-x. 1 root root 6758 Nov 14 15:15 mysql_config
drwxr-xr-x. 2 root root 4096 Mar 29 16:40 plugin
The /usr/lib/mysql directory looks like this.
ll /usr/lib/mysql/
total 0
drwxr-xr-x. 2 root root 6 Mar 29 21:36 plugin
On the machine that Bind Compiles on the /usr/lib/mysql folder looks different, and when I do yum whatprovides on the other machine I get this result:
yum whatprovides /usr/lib/mysql/libmysqlclient.so.18.0.0
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: centos.mirror.ca.planethoster.net
* extras: centos.mirror.ca.planethoster.net
* updates: mirror.it.ubc.ca
* webtatic: us-east.repo.webtatic.com
1:mariadb-libs-5.5.52-1.el7.i686 : The shared libraries required for MariaDB/MySQL clients
Repo : base
Matched from:
Filename : /usr/lib/mysql/libmysqlclient.so.18.0.0
1:mariadb-libs-5.5.52-1.el7.x86_64 : The shared libraries required for MariaDB/MySQL clients
Repo : #base
Matched from:
Filename : /usr/lib/mysql/libmysqlclient.so.18.0.0
On the fresh install I have installed these mariadb packages.
yum list mariadb*
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.its.sfu.ca
* extras: centos.bhs.mirrors.ovh.net
* updates: mirror.its.sfu.ca
Installed Packages
mariadb.x86_64 1:5.5.52-1.el7 #base
mariadb-bench.x86_64 1:5.5.52-1.el7 #base
mariadb-devel.x86_64 1:5.5.52-1.el7 #base
mariadb-embedded.x86_64 1:5.5.52-1.el7 #base
mariadb-embedded-devel.x86_64 1:5.5.52-1.el7 #base
mariadb-libs.x86_64 1:5.5.52-1.el7 #base
mariadb-server.x86_64 1:5.5.52-1.el7 #base
mariadb-test.x86_64 1:5.5.52-1.el7 #base
Available Packages
Please help me figure out how to install Bind with DLZ support on CentOS 7!
Add 'LDFLAGS="-I/usr/include/mysql -L/usr/lib64/mysql"'
on to the ./configure command
like so
./configure --prefix=/usr --sysconfdir=/etc/bind --localstatedir=/var --mandir=/usr/share/man --infodir=/usr/share/info --enable-threads --enable-largefile --with-libtool --enable-shared --enable-static --with-openssl=/usr --with-gssapi=/usr --with-gnu-ld --with-dlz-postgres=no --with-dlz-mysql=yes --with-dlz-bdb=no --with-dlz-filesystem=yes --with-dlz-stub=yes --enable-ipv6 LDFLAGS="-I/usr/include/mysql -L/usr/lib64/mysql"
I'm using virsh attatch-disk to add a new device to a running guest under KVM:
# virsh attatch-disk <running-guest-id> --source c.raw --target vdb
the output is:
error: Failed to attach disk
error: Failed to open file 'c.raw': No such file or directory
But the new disk file is under the pwd:
ls -l
total 26653060
-rw-r--r--. 1 root root 8312913920 Jan 10 10:25 c.q
-rw-r--r--. 1 root root 53687091200 Jan 5 16:50 c.raw
-rw-r--r--. 1 root root 10759023104 Jan 6 02:14 c.VHD
why virsh open failed? I browsed libvirtd.log:
2017-01-14 15:22:00.954+0000: 2204: error : virStorageFileGetMetadataRecurse:952 : Failed to open file 'c.raw': No such file or directory
2017-01-14 15:22:08.310+0000: 2209: info : remoteDispatchAuthList:2432 : Bypass polkit auth for privileged client pid:1921,uid:0
What the log mean?
virsh --version
0.10.2
qemu-x86_64 -version
qemu-x86_64 version 2.4.1, Copyright (c) 2003-2008 Fabrice Bellard
I got the answer, you must use c.raw's Abs path, relative path are not handled by virsh.