MySQL 4.0.23a on 5-STABLE has a startup glitch

Fred Condo fcondo at quinn.com
Fri Jan 21 16:56:13 PST 2005 

On Jan 21, 2005, at 2:43 PM, Michael Collette wrote:

> On 5-STABLE I am unable to get mysql-server-4.0.23a to start with the
> rcng script.  Upon launching the script it dumps me to a prompt owned
> by the mysql user.  I have run into one other user on the mailing
> lists with the same exact problem.
>
> Details:
> In /etc/rc.conf the following is set:
> mysql_enable="YES"
>
> I am able to start up mysqld_safe manually.
>
> I am also able to use the old rc script to get a proper startup for
> MySQL.  Only the rcng script fails in this manner.
>
> This leads me to a couple of concerns beyond just getting MySQL to
> run, as I've just switched on over to the old rc script.
>
> Is everyone having this problem with the rcng script or is it just a 
> few of us?
> How is the mysql user able to drop to a command prompt at all?  Are
> there some security issues here?
> Should the port be modified back to the old rc script until this
> problem is corrected?

I'm seeing identical behavior under FreeBSD 4.10-p5 with MySQL 4.1.9. I 
finally traced the execution of the startup script by invoking it as:

sh -x /usr/local/etc/rc.d/mysql-server.sh start

The resulting output showed this detail:

+ su -m mysql -c sh -c "/usr/local/bin/mysqld_safe --user=mysql 
--datadir=/var/db/mysql --pid-file=/var/db/mysql/OBFUSCATED.pid > 
/dev/null &"
bash: no job control in this shell

(I'll make the entire trace available on request.)

Googling for "bash: no job control in this shell" comes up with a lot 
of discussions about buffer overrun exploits. That plus the fact that I 
did not expect bash to be involved in running the startup script has me 
concerned that the machine has been compromised.

I built a fresh 4.10-p5 box and installed MySQL 4.1.9. That box does 
not exhibit the misbehavior.

The misbehaving machine has been running MySQL 3.x and started life on 
FreeBSD 4.8 or possibly earlier. Has anyone got thoughts about where 
else to look for relevant differences between a fresh installation and 
an upgraded installation? I'll be glad to respond to specific queries 
about configurations.

More information about the freebsd-ports mailing list