I’m migrating my CentOS 6.4 Desktop to Ubuntu 14.04 LTS on this week as I found that CentOS 7 was not much Great that I expected. It does not support aged hardwares.
While I’m changing MySQL data directory to a different location and initializing the server. I got a strange error like this “InnoDB: The error means mysqld does not have the access rights to”. I tried all my ways to fix such kinds of permission errors assuming that it can be fixed it easily. But gradually I did recognize that it is something NOT with Permission issue with MySQL even though I have granted full permission to MySQL user to new data directory.
See the error I got.
/usr/sbin/mysqld: Table 'mysql.plugin' doesn't exist
140905 17:54:19 [ERROR] Can't open the mysql.plugin table. Please run mysql_upgrade to create it.
140905 17:54:19 InnoDB: The InnoDB memory heap is disabled
140905 17:54:19 InnoDB: Mutexes and rw_locks use GCC atomic builtins
140905 17:54:19 InnoDB: Compressed tables use zlib 1.2.8
140905 17:54:19 InnoDB: Using Linux native AIO
140905 17:54:19 InnoDB: Initializing buffer pool, size = 100.0M
140905 17:54:19 InnoDB: Completed initialization of buffer pool
140905 17:54:19 InnoDB: Operating system error number 13 in a file operation.
InnoDB: The error means mysqld does not have the access rights to
InnoDB: the directory.
InnoDB: File name ./ibdata1
InnoDB: File operation call: 'create'.
InnoDB: Cannot continue operation.
After googling, I found that there are many people having the same issue which is due to “apparmor” MySQL profile security issue. That forum gives me new information about Ubuntu system security like SE-Linux does.
Following are the information Which I got,
There is now an apparmor profile enabled by default for mysql that will prevent mysql to access non standard area of the file system. Putting the mysql profile in complain mode using “sudo aa-complain” as described in the server guide should show you this in the logs. To fix this, you will need to add /mnt/fastdata/var/lib/mysql (or whatever non standard path you are using) to the list of authorized paths in the apparmor mysql profile you will find in /etc/apparmor.d/.
in this scenario I uses “/home/mysqldata” location as MySQL data directory.
Solution
You may need add the following lines in /etc/apparmor.d/usr.sbin.mysqld inside the curly brace declared for apparmor syntax and then restart the apparmor daemon to take effect.
/home/mysqldata/ r,
/home/mysqldata/** rwk,
/home/mysqldata/mysql/plugin r,
/home/mysqldata/mysql/plugin/*.so* mr
/home/mysqldata/ r,
/home/mysqldata/** rwk,
/home/mysqldata/mysql/plugin r,
/home/mysqldata/mysql/plugin/*.so* mr
root@-desktop:~#
Then restart the apparmor service.
* Reloading AppArmor profiles
Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox
Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd [ OK ]
root@-desktop:~#
After that I can initiate new mysql repository by executing the command “mysql_install_db”
Installing MySQL system tables... OK
Filling help tables... OK
To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system
Then start the MySQL service
mysql start/running, process 4493
root@-desktop:~#
Pretty easy and simple !! 🙂
Leave a Reply