1

I moved the data directory for MySQL to an ecryptfs encrypted folder. When I run service mysqld start as root, the service will not start.

[Warning] Can't create test file /mysql/ip-172-31-29-184.lower-test
^G/usr/sbin/mysqld: Can't change dir to '/mysql/' (Errcode: 13 - Permission denied)

When it used to start before my encrypting the folder

ls -lZ /mysql outputs
drwx------. mysql mysql unconfined_u:object_r:mysqld_db_t:s0 mysql

now

ls -lZ /mysql outputs
drwx------. mysql mysql system_u:object_r:ecryptfs_t:s0 mysql

I think the issue is with how I mounted the encrypted directory.
mount -t ecryptfs /mysql /mysql

mount outputs 

/mysql on /mysql type ecryptfs
 (rw,ecryptfs_sig=6860c372da7bc418,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs)

I am running Red Hat Enterprise Linux Server release 6.6 (Santiago), MySQL 5.6.22

Any advice is appreciated. Thank you for your help in advance.

asked Dec 23, 2014 at 7:15
3
  • does it work well without encryption?.. i think you may need to change ownership recursively using chown -R mysql:mysql for whole directories and then can try. Commented Dec 23, 2014 at 8:48
  • Thank you for your comment. Yes, it works if I don't use encryption. The folder and sub directories are all owned by mysql. Commented Dec 23, 2014 at 18:17
  • Looks like you have bad selinux labels on the folder. Before encryption I see mysqld_db_t and after encryption this is gone. Instead of it ecryptfs_t is present. Try turning selinux off or better - set it temporarily into permissive mode with setenforce 0. If mysql starts, check selinux logs what it is complainging about. Commented Aug 23, 2015 at 17:49

1 Answer 1

1

Make sure the MySQL server owner is MySQL:MySQL using chown -R mysql:mysql /mysql and the permission level is 755 for everything except my.cnf 644. chmod 644 my.cnf then execute the following commands after changing the information inside my.cnf to the correct one.

cd /mysql/bin
./mysqld --defaults-file=/mysql/my.cnf --user=mysql &

Edit to answer the comment below To shutdown MySQL safely without killing the SID (or PID) you can use one of the following commands:

/usr/local/mysql/bin/mysqladmin -u root -p shutdown

or

sudo mysqld stop

note: in-case you can more than SID running you need to specify the port for it.

answered Dec 23, 2014 at 13:54
6
  • Hi Ahmad, Thank you for your suggestion. I changed the permission for /mysql to 755. The owner and group are mysql:mysql There is no bin folder in /mysql. /mysql is my data directory is and I modified /etc/my.cfn (datadir=/mysql) to point to that. I tried starting the service after the permission change but I am still getting the same error. Here is a listing of what is in /mysql folder. -rwxr-xr-x. 1 mysql mysql 56 Dec 23 00:00 auto.cnf drwxr-xr-x. 2 mysql mysql 4096 Dec 23 00:00 mysql drwxr-xr-x. 2 mysql mysql 4096 Dec 23 00:00 performance_schema Thank you again. Commented Dec 23, 2014 at 18:18
  • did you installed MySQL via yum or apt-get command? or extract the compressed file? Commented Dec 24, 2014 at 10:43
  • Hi Ahmad, Thank you! I installed via yum and I found the mysqld file to start it. This worked - ./mysqld --defaults-file=/etc/my.cnf --user=mysql & Commented Dec 27, 2014 at 3:40
  • Hi Ahmad, how do I safely shutdown this instance of mysql short of using killing the pid? Is there anyway I can start mysql for the encrypted folders using the service mysqld commands? Thank you. Commented Dec 27, 2014 at 4:20
  • 1
    Hi Grace, please refer to my edit in the answer section above Commented Dec 29, 2014 at 12:17

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.