diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
commit | 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 (patch) | |
tree | 7681bbd4e8b05407772df40a4bf04cbbc8afc3fa /dev-db/mysql-init-scripts/files/mysqld_at-v2.service | |
parent | 30a9caf154332f12ca60756e1b75d2f0e3e1822d (diff) |
gentoo resync : 14.07.2018
Diffstat (limited to 'dev-db/mysql-init-scripts/files/mysqld_at-v2.service')
-rw-r--r-- | dev-db/mysql-init-scripts/files/mysqld_at-v2.service | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/dev-db/mysql-init-scripts/files/mysqld_at-v2.service b/dev-db/mysql-init-scripts/files/mysqld_at-v2.service new file mode 100644 index 000000000000..26964ea8a768 --- /dev/null +++ b/dev-db/mysql-init-scripts/files/mysqld_at-v2.service @@ -0,0 +1,45 @@ +[Unit] +Description=MySQL database server +ConditionPathExists=/etc/mysql/my%I.cnf +After=network.target + +[Service] +Type=simple +User=mysql +Group=mysql + +# Note: we set --basedir to prevent probes that might trigger SELinux alarms, +# https://bugzilla.redhat.com/show_bug.cgi?id=547485 +ExecStart=/usr/sbin/mysqld --defaults-file=/etc/mysql/my%I.cnf --basedir=/usr +ExecStartPost=/usr/libexec/mysqld-wait-ready $MAINPID + +# Give a reasonable amount of time for the server to start up/shut down +TimeoutSec=300 + +# Restart crashed server only, on-failure would also restart, for example, when +# my.cnf contains unknown option +Restart=on-abort +RestartSec=5s + +# Place temp files in a secure directory, not /tmp +PrivateTmp=true + +# To allow memlock to be used as non-root user if set in configuration +CapabilityBoundingSet=CAP_IPC_LOCK + +# Prevent writes to /usr, /boot, and /etc +ProtectSystem=full + +# Currently has issues with SELinux https://jira.mariadb.org/browse/MDEV-10404 +# This is safe to uncomment when not using SELinux +#NoNewPrivileges=true + +PrivateDevices=true + +# Prevent accessing /home, /root and /run/user +ProtectHome=true + +UMask=007 + +[Install] +WantedBy=multi-user.target |