summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBrian Evans <grknight@gentoo.org>2016-09-12 10:22:25 -0400
committerBrian Evans <grknight@gentoo.org>2016-09-12 10:37:25 -0400
commit5e67d8c604f6e080816f0e532be8fef5f666e29d (patch)
tree9e5fa1d01c849bd429bfaaf9bbd9aa9a630d9547 /dev-db/mysql-init-scripts
parentapp-admin/puppet-agent: cleanup (diff)
downloadgentoo-5e67d8c604f6e080816f0e532be8fef5f666e29d.tar.gz
gentoo-5e67d8c604f6e080816f0e532be8fef5f666e29d.tar.bz2
gentoo-5e67d8c604f6e080816f0e532be8fef5f666e29d.zip
dev-db/mysql-init-scripts: Comment out a systemd option NoNewPrivileges=true
Upstream bug https://jira.mariadb.org/browse/MDEV-10404 mentions that SELinux currently does not handle this change properly. Comment it out for now with a note No revbump for this file as most users are unaffected Package-Manager: portage-2.3.0
Diffstat (limited to 'dev-db/mysql-init-scripts')
-rw-r--r--dev-db/mysql-init-scripts/files/mysqld-v2.service4
-rw-r--r--dev-db/mysql-init-scripts/files/mysqld_at-v2.service4
2 files changed, 6 insertions, 2 deletions
diff --git a/dev-db/mysql-init-scripts/files/mysqld-v2.service b/dev-db/mysql-init-scripts/files/mysqld-v2.service
index 056b4137dab..641abf73309 100644
--- a/dev-db/mysql-init-scripts/files/mysqld-v2.service
+++ b/dev-db/mysql-init-scripts/files/mysqld-v2.service
@@ -32,7 +32,9 @@ CapabilityBoundingSet=CAP_IPC_LOCK
# Prevent writes to /usr, /boot, and /etc
ProtectSystem=full
-NoNewPrivileges=true
+# Currently has issues with SELinux https://jira.mariadb.org/browse/MDEV-10404
+# This is safe to uncomment when not using SELinux
+#NoNewPrivileges=true
PrivateDevices=true
diff --git a/dev-db/mysql-init-scripts/files/mysqld_at-v2.service b/dev-db/mysql-init-scripts/files/mysqld_at-v2.service
index 770a2e8d4dd..26964ea8a76 100644
--- a/dev-db/mysql-init-scripts/files/mysqld_at-v2.service
+++ b/dev-db/mysql-init-scripts/files/mysqld_at-v2.service
@@ -30,7 +30,9 @@ CapabilityBoundingSet=CAP_IPC_LOCK
# Prevent writes to /usr, /boot, and /etc
ProtectSystem=full
-NoNewPrivileges=true
+# Currently has issues with SELinux https://jira.mariadb.org/browse/MDEV-10404
+# This is safe to uncomment when not using SELinux
+#NoNewPrivileges=true
PrivateDevices=true