Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1694679

Summary: SELinux blocks working in /tmp directory for wsrep_recover_position function
Product: Red Hat Software Collections Reporter: Michal Schorm <mschorm>
Component: mariadbAssignee: Michal Schorm <mschorm>
Status: CLOSED CURRENTRELEASE QA Contact: qe-baseos-daemons
Severity: unspecified Docs Contact:
Priority: high    
Version: rh-mariadb102CC: akhaitov, databases-maint, mmuzila, tborcin
Target Milestone: alpha   
Target Release: 3.3   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1701252 (view as bug list) Environment:
Last Closed: 2019-05-22 08:50:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1701252    

Comment 2 Michal Schorm 2019-04-02 15:19:38 UTC 
The issue emerged by following fix in 10.2.10:
https://jira.mariadb.org/browse/MDEV-13950
Comment 3 Michal Schorm 2019-04-03 00:10:03 UTC 
The behaviour is correct and expected.
We need to fix the script that want to do stuff in /tmp, instead of the SELinux rules.

We already fixed this in RHSCL MariaDB 10.1 collection, so this is a regression.

The issue is reproducible only on RHEL6, since we don't execuse mysqld_safe with systemd service, as we do it in sysVinit.
No later software collections are hit, since MariaDB 10.3 collection isn't shipped on RHEL6.

---

For more info look at the fix in 10.1 collection:
https://src.osci.redhat.com/rpms/mariadb/c/421e3cccd6b93d31edc187fb80008cdcd3bd973f?branch=rhscl-3.3-rh-mariadb101-rhel-6

---

Upstream changed location of the temporary file in the wsrep_recover_position function, which causes issues on RHEL-6, because mysqld_safe is not expected to play with files in /tmp, and SELinux started to complain.

Changing the location of the temporary files to the datadir means practically reverting part of the upstream commit
https://github.com/MariaDB/server/commit/bb7a70c9551c1756b1d1736ca4f6a0a965795873

Upstream issue: https://jira.mariadb.org/browse/MDEV-10767
Comment 4 Michal Schorm 2019-04-08 12:22:39 UTC 
QA note:
  Can be tested by service starting on RHEL 6.
Comment 5 Honza Horak 2019-04-18 13:39:50 UTC 
Providing blocker+ to be able to push to rhscl-3.3 branch