Mark Atwood (fallenpegasus) wrote,
Mark Atwood
fallenpegasus

tmpdir in MySQL

Years and years ago, there was a moderately serious bug in MySQL 4.0 and 4.1 where the TMPDIR environment variable would sometimes override the tmpdir setting in the my.cnf file.

It was worked out that some calls to a create_tmp_file() function were not being passed the config setting, so it would fall back to the environment variable. Oopps, but fixed.

But was it really?


It turns out that there is still an issue that looks the same. It has the same symptom: change the tmpdir, but MySQL tries to use the default system tmpdir anyway.

But now the cause is different.

Many modern enterprise Linux distros ship with SELinux turned on. And SELinux specially handles and tracks tmpfiles and tmpdirs, because otherwise they are excellent targets for attacks and for leaking secure information.

The vast majority of MySQL users never bother setting tmpdir, and/or they turn off SELinux. And even if they don't, the don't notice the problem, so it's only intermittently reported, and when it is, it's mistaken for this old closed bug.

If you are using SELinux, and if you change the tmpdir in the my.cnf file, you also have to tell SELinux to give that directory the proper security context for a temporary directory. Otherwise when MySQL tries to create a tmpfile there, it will fail, then fall back to the default system tmpdir.

This should probably be added to the MySQL documentation, and a warning logged when it happens. But until it is, that's the problem.
Tags: mysql
Subscribe
  • Post a new comment

    Error

    Comments allowed for friends only

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments