Tag: mysql apparmor

  • MySQL not starting on Ubuntu 18.04

    MySQL not starting on Ubuntu 18.04

    MySQL did not start on Ubuntu 18.04 server. This is fresh server, i removed all MySQL packages, removed configuration files.

    apt remove --purge mysql-client-5.7 mysql-client-core-5.7 mysql-common mysql-server-5.7 mysql-server-core-5.7

    Reinstalled MySQL.

    apt install mysql-server-5.7

    Still MySQL fail to start with some error related to 

    2018-10-29T21:07:49.311174Z 0 [ERROR] Could not open file '/var/log/mysql/error.log' for error logging: Permission denied

    Full error here

    https://gist.github.com/serverok/f82d8c891a58db3351c331005498f435

    Initially i was thinking the problem is with Ubuntu 18.04 mysql package. So i set up another fresh Ubuntu 18.04 server, installed MySQL 5.7 and it worked prefectly fine.

    Now i checked the permission for the folders. For this i enabled shell access for MySQL user.

    chsh --shell /bin/bash mysql

    Now i change to this user with command

    su - mysql

    I chaged to /var/log/mysql folder, it worked fine, i can write to the file /var/log/mysql/error.log. Tested with

    echo "hello" >> /var/log/mysql/error.log
tail /var/log/mysql/error.log

    It is not a permission problem. I checked the /var/log foler, found this is not an actual folder, a symlink to another folder.

    This is caused by AppArmor. I disabled AppArmour with

    systemctl stop apparmor

    Start MySQL with

    systemctl start mysql

    I get some error related to data directory, i checked folder /var/lib/mysql and found it was empty. I created MySQL data folder with command

    mysqld --initialize --explicit_defaults_for_timestamp

    On restarting MySQL again, MySQL worked fine. But i can’t login as user root. When you initialize MySQL data folder, MYSQL generate and store temporary password in /var/log/mysql/error.log, to find the password, i run

    grep -i "pass" /var/log/mysql/error.log

    You need to change this temporary password as it is set as expired by default. This can be done with command

    mysql_secure_installation

    Set a new secure password when it ask.

    Fixing AppArmor

    We need to tell AppArmour to allow MySQL to use /mnt/log/mysql folder for logging. To do this, edit file.

    vi /etc/apparmor.d/local/usr.sbin.mysqld

    Added following to it.

      /mnt/log/mysql/** rw,

    Now restart AppArmor.

    systemctl restart apparmor

    Now MySQL will work properly.