UDF结果错误 [英] UDF result error

问题描述

我尝试安装"mysqludf_sys". 但是我得到了这个错误:

I try to install "mysqludf_sys". But i got this error:

ERROR 1126 (HY000) at line 29: Can't open shared library 'lib_mysqludf_sys.so' (errno: 0 /usr/lib/mysql/plugin/lib_mysqludf_sys.so: cannot open shared object file: No such file or directory)
ERROR: unable to install the UDF

因此，我尝试通过以下Makefile修正来解决该问题:

So, i tried to solve it with the following mofification in Makefile:

LIBDIR=/usr/lib to LIBDIR=/usr/lib/mysql/plugin

还要确保gcc具有-fPIC选项，即:

Also make sure that gcc has the -fPIC option ie:

gcc -fPIC -Wall -I/usr/include/mysql -I. -shared lib_mysqludf_sys.c -o $(LIBDIR)/lib_mysqludf_sys.so

但是当我测试sys_eval时，我得到了:

But when i test sys_eval, i get:

mysql> SELECT sys_eval('id');
+----------------+
| sys_eval('id') |
+----------------+
|                |
+----------------+
1 row in set (0.02 sec)

我应该得到:

mysql> SELECT sys_eval('id');
+-------------------------------------------------+
| sys_eval('id')                                  |
+-------------------------------------------------+
| uid=105(mysql) gid=108(mysql) groups=108(mysql) |
+-------------------------------------------------+
1 row in set (0.01 sec)

我也测试了"sys_exec"来创建文件，但没有结果

I have tested "sys_exec" also to create a file, but no result

那么，我应该怎么做才能正确运行这些功能? 问候

So, what should i do to run correctly these functions ? Regards

推荐答案

感谢罗兰.

所以，我的问题的答案是"AppArmor".

So, the answer for my question is "AppArmor".

来自维基百科:

AppArmor允许系统管理员为每个程序关联一个安全配置文件，该文件限制了该程序的功能.它通过提供强制访问控制(MAC)来补充传统的Unix自主访问控制(DAC)模型.

AppArmor allows the system administrator to associate with each program a security profile which restricts the capabilities of that program. It supplements the traditional Unix discretionary access control (DAC) model by providing mandatory access control (MAC).

自从Ubuntu Hardy开始，MySQL 5.0服务器软件包还包含一个AppArmor配置文件(/etc/apparmor.d/usr.sbin.mysqld)，该文件限制了MySQL服务器的功能，例如调用UDF执行命令.

Since Ubuntu Hardy the MySQL 5.0 server package contains also an AppArmor profile file (/etc/apparmor.d/usr.sbin.mysqld) which limits MySQL server functionalities, like calling an UDF to execute commands.

因此，要让MySQL运行Linux命令，我应该在AppArmor中更改MySql的安全级别.

So, to let MySQL run Linux commands, i should change the security level for MySql inside AppArmor.

[root@xxx ~]# aa-complain /usr/sbin/mysqld 

要查看AppArmor的状态:

To have a look at AppArmor's status:

 [root@xxx ~]# aa-status 

有了这个配置，我可以执行sys_eval和sys_exec.但这仍然仅限于mysql目录.因此，我无法从任何目录创建文件或运行脚本.

With this coonfiguration, i can excute sys_eval and sys_exec. But that still limited to mysql directory. So i can not create file or run a script from any directory.

因此，解决方案是为Apparmor添加权限以使mysql访问新数据目录.

So the solution is to add permissions to apparmor for mysql to access the new data directories.

sudo vi /etc/apparmor.d/usr.sbin.mysqld

添加:

/newdir/ r,
/newdir/** rwk,

重新启动服务器:

sudo /etc/init.d/apparmor restart
sudo /etc/init.d/mysql restart

如果仍然不起作用，请检查nix权限，以确保mysql递归地为新目录的所有者和组.

If that still does not work, check the nix permissions to be sure mysql is owner and group for the new directory recursively.

chown -R mysql:mysql "new datadir path"

我希望能对某人有所帮助.

I hope that's help someone.

遵守

这篇关于UDF结果错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！