[debian-mysql] Bug#1022994: mariadb-server: Initial DB creation fails with libpam-tmpdir installed

[Sunil Mohan Adapa]

Package: mariadb-server
Version: 1:10.6.10-1
Severity: important
Tags: upstream

Dear Maintainer,

This bug has been reported upstream but may need a workaround in Debian.

https://jira.mariadb.org/browse/MDEV-29910

Description
-----------

On Debian GNU/Linux, when the package libpam-tmpdir is installed,
mysql_install_db script fails during post install setup. As a result, mariadb
daemon fails to start. The following error message is shown:

rm -rf /var/lib/mysql ; mysql_install_db --rpm --cross-bootstrap --user=mysql
--disable-log-bin --skip-test-db

2022-10-28 19:33:00 0 [ERROR] mariadbd: Can't create/write to file
'/tmp/user/0/ib2C7oNS' (Errcode: 13 "Permission denied")
2022-10-28 19:33:00 0 [ERROR] InnoDB: Unable to create temporary file; errno:
13
2022-10-28 19:33:00 0 [ERROR] mariadbd: Can't create/write to file
'/tmp/user/0/ibykVtxz' (Errcode: 13 "Permission denied")
2022-10-28 19:33:00 0 [ERROR] InnoDB: Unable to create temporary file; errno:
13
2022-10-28 19:33:00 0 [ERROR] InnoDB: Database creation was aborted with error
Generic error. You may need to delete the ibdata1 file before trying to start
up again.
2022-10-28 19:33:00 0 [ERROR] Plugin 'InnoDB' init function returned error.
2022-10-28 19:33:00 0 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE
failed.
2022-10-28 19:33:00 0 [ERROR] Unknown/unsupported storage engine: InnoDB
2022-10-28 19:33:00 0 [ERROR] Aborting

Installation of system tables failed!  Examine the logs in

/var/lib/mysql for more information.

Environment
-----------

On FreedomBox (a pure blend of Debian), several applications that depend on
mariadb fail to install when running on Debian testing/unstable. This is due to
mariadb not running soon after installation. FreedomBox installs that package
libpam-tmpdir by default. If this package is removed, mariadb server is running
successfully after install.

This bug was reproduced on Debian unstable (as of 2022-10-28) with
mariadb-server package version 1:10.6.10-1+b1.

Workarounds
-----------

1. If libpam-tmpdir package is removed, the installation and daemon start
   succeed.

2. When the environment variable TMPDIR is set to empty value, the
   mysql_install_db command succeeds. Example:

   rm -rf /var/lib/mysql ; TMPDIR= mysql_install_db --rpm --cross-bootstrap
   --user=mysql --disable-log-bin --skip-test-db

3. When mysql_install_db is not run are root, the problem is not observed.
   Example:

   rm -rf /var/lib/mysql ; mkdir /var/lib/mysql; chown mysql:mysql
   /var/lib/mysql/ ; sudo -u mysql mysql_install_db --rpm --cross-bootstrap
   --user=mysql --disable-log-bin --skip-test-db

Regression
----------

This error does not occur on Debian stable (bullseye) where mariadb package
version is 1:10.5.15-0+deb11u1. Hence this is a regression since that version.

Analysis
--------

According to pam-tmpdir: "Many programs use $TMPDIR for storing temporary
files.
Not all of them are good at securing the permissions of those files.
libpam-tmpdir sets $TMPDIR and $TMP for PAM sessions and sets the permissions
quite tight. This helps system security by having an extra layer of security,
making such symlink attacks and other /tmp based attacks harder or impossible".

Errors like the one being reported are typically seen when directories/files
are
created by root user in the $TMPDIR and later a non-root user tries to access
those files without any further permission changes. libpam-tmpdir tries to
ensure that temporary files created by one user are not accidentally accessible
to unauthorized users.

During 10.6.x release cycle a change was introduced that makes this mistake. It
creates files as 'root' and then tries to access them as 'mysql' user. The
problem can be fixed by:

1. Copying the files temporarily created by 'root' user to a location
accessible
   to the 'mysql' user and then setting proper ownership, or by

2. Creating all the temporary files with 'mysql' user to start with.