Skip to content

Commit ee2ed1a

Browse files
grooverdangrooverdan
committed
Revert "MDEV-33636: RPM caps is on mariadbd exe"
This was the orginal implementation that reverted with a bunch of commits. This reverts commit a13e521. Revert "cmake: append to the array correctly" This reverts commit 51e3f1d. Revert "build failure with cmake < 3.10" This reverts commit 49cf702. Revert "MDEV-33301 memlock with systemd still not working" This reverts commit 8a1904d.
1 parent 987a266 commit ee2ed1a

File tree

4 files changed

+1
-38
lines changed

4 files changed

+1
-38
lines changed

cmake/cpack_rpm.cmake

Lines changed: 0 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -164,7 +164,6 @@ SET(CPACK_RPM_server_USER_FILELIST
164164
"%config(noreplace) ${INSTALL_SYSCONF2DIR}/*"
165165
"%config(noreplace) ${INSTALL_SYSCONFDIR}/logrotate.d/mysql"
166166
)
167-
168167
SET(CPACK_RPM_common_USER_FILELIST ${ignored} "%config(noreplace) ${INSTALL_SYSCONFDIR}/my.cnf")
169168
SET(CPACK_RPM_shared_USER_FILELIST ${ignored} "%config(noreplace) ${INSTALL_SYSCONF2DIR}/*")
170169
SET(CPACK_RPM_client_USER_FILELIST ${ignored} "%config(noreplace) ${INSTALL_SYSCONF2DIR}/*")
@@ -180,13 +179,6 @@ MACRO(SETA var)
180179
ENDFOREACH()
181180
ENDMACRO(SETA)
182181

183-
IF (CMAKE_VERSION VERSION_GREATER 3.10.0)
184-
# cmake bug #14362
185-
SET(CPACK_RPM_server_USER_FILELIST ${CPACK_RPM_server_USER_FILELIST}
186-
"%caps(cap_ipc_lock=pe) %{_sbindir}/mariadbd"
187-
)
188-
ENDIF()
189-
190182
SETA(CPACK_RPM_client_PACKAGE_OBSOLETES
191183
"mysql-client"
192184
"MySQL-client"

debian/mariadb-server-core-10.5.postinst

Lines changed: 0 additions & 26 deletions
This file was deleted.

support-files/policy/apparmor/usr.sbin.mysqld

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,6 @@
1414

1515
capability chown,
1616
capability dac_override,
17-
capability ipc_lock,
1817
capability setgid,
1918
capability setuid,
2019
capability sys_rawio,

support-files/policy/selinux/mariadb-server.te

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ require {
2525
class lnk_file read;
2626
class process { getattr signull };
2727
class unix_stream_socket connectto;
28-
class capability { ipc_lock sys_resource sys_nice };
28+
class capability { sys_resource sys_nice };
2929
class tcp_socket { name_bind name_connect };
3030
class file { execute setattr read create getattr execute_no_trans write ioctl open append unlink };
3131
class sock_file { create unlink getattr };
@@ -87,8 +87,6 @@ allow mysqld_t bin_t:file { getattr read execute open execute_no_trans ioctl };
8787

8888
# MariaDB additions
8989
allow mysqld_t self:process setpgid;
90-
allow mysqld_t self:capability { ipc_lock };
91-
9290
# This rule allows port tcp/4444
9391
allow mysqld_t kerberos_port_t:tcp_socket { name_bind name_connect };
9492
# This rule allows port tcp/4567 (tram_port_t may not be available on

0 commit comments

Comments
 (0)