encfs mysql datadir: Errcode: 13

2

I'm using encfs to encode the /var/lib/mysql data directory, but mysql returns Errcode: 13 at any attemp of create tables or databases.

To do so, I moved all files to a temporary dir, created the encfs and move the temporary contents to the new mounted fs.

Also I have some scripts that stops apache and mysql, mounts the dirs (I also encode /var/www, without any problem), and then restart them.

/var/lib/mysql and all files and subdirs are user and group mysql, with write and read permissions:

$ ls /var/lib/mysql -cal
total 28996
drwxrwxrwx  8 mysql mysql     4096 ene  9 22:20 .
drwxr-xr-x 68 root  root      4096 ene  9 19:10 ..
-rw-r--r--  1 mysql mysql        0 ene  9 21:07 debian-5.5.flag
-rw-rw----  1 mysql mysql 18874368 ene  9 21:07 ibdata1
-rw-rw----  1 mysql mysql  5242880 ene  9 22:20 ib_logfile0
-rw-rw----  1 mysql mysql  5242880 ene  9 21:07 ib_logfile1
drwx------  2 mysql mysql    16384 ene  9 21:07 mysql
-rw-rw----  1 mysql mysql        6 ene  9 21:07 mysql_upgrade_info
drwx------  2 mysql mysql     4096 ene  9 21:07 performance_schema
drwx------  2 mysql mysql     4096 ene  9 21:07 phpmyadmin
drwx------  2 mysql mysql     4096 ene  9 21:07 database1
drwx------  2 mysql mysql     4096 ene  9 21:07 database2
drwx------  2 mysql mysql     4096 ene  9 21:07 test


$ sudo ls /var/lib/mysql/phpmyadmin -cal
total 440
drwx------ 2 mysql mysql  4096 ene  9 21:07 .
drwxrwxrwx 8 mysql mysql  4096 ene  9 22:20 ..
-rw-rw---- 1 mysql mysql    65 ene  9 21:07 db.opt
-rw-rw---- 1 mysql mysql  8682 ene  9 21:07 pma_bookmark.frm
-rw-rw---- 1 mysql mysql     0 ene  9 21:07 pma_bookmark.MYD
-rw-rw---- 1 mysql mysql  1024 ene  9 21:07 pma_bookmark.MYI
-rw-rw---- 1 mysql mysql 12964 ene  9 21:07 pma_column_info.frm
-rw-rw---- 1 mysql mysql     0 ene  9 21:07 pma_column_info.MYD
-rw-rw---- 1 mysql mysql  4096 ene  9 21:07 pma_column_info.MYI
-rw-rw---- 1 mysql mysql  8704 ene  9 21:07 pma_designer_coords.frm
-rw-rw---- 1 mysql mysql     0 ene  9 21:07 pma_designer_coords.MYD
-rw-rw---- 1 mysql mysql  2048 ene  9 21:07 pma_designer_coords.MYI
-rw-rw---- 1 mysql mysql  8730 ene  9 21:07 pma_history.frm
-rw-rw---- 1 mysql mysql     0 ene  9 21:07 pma_history.MYD
-rw-rw---- 1 mysql mysql  4096 ene  9 21:07 pma_history.MYI
-rw-rw---- 1 mysql mysql  8644 ene  9 21:07 pma_pdf_pages.frm
-rw-rw---- 1 mysql mysql     0 ene  9 21:07 pma_pdf_pages.MYD
-rw-rw---- 1 mysql mysql  1024 ene  9 21:07 pma_pdf_pages.MYI
-rw-rw---- 1 mysql mysql  8800 ene  9 21:07 pma_relation.frm
-rw-rw---- 1 mysql mysql     0 ene  9 21:07 pma_relation.MYD
-rw-rw---- 1 mysql mysql  4096 ene  9 21:07 pma_relation.MYI
-rw-rw---- 1 mysql mysql  8708 ene  9 21:07 pma_table_coords.frm
-rw-rw---- 1 mysql mysql     0 ene  9 21:07 pma_table_coords.MYD
-rw-rw---- 1 mysql mysql  2048 ene  9 21:07 pma_table_coords.MYI
-rw-rw---- 1 mysql mysql  8656 ene  9 21:07 pma_table_info.frm
-rw-rw---- 1 mysql mysql     0 ene  9 21:07 pma_table_info.MYD
-rw-rw---- 1 mysql mysql  2048 ene  9 21:07 pma_table_info.MYI
-rw-rw---- 1 mysql mysql  9149 ene  9 21:07 pma_tracking.frm
-rw-rw---- 1 mysql mysql     0 ene  9 21:07 pma_tracking.MYD
-rw-rw---- 1 mysql mysql  2048 ene  9 21:07 pma_tracking.MYI
-rw-rw---- 1 mysql mysql  8652 ene  9 21:07 pma_userconfig.frm
-rw-rw---- 1 mysql mysql    28 ene  9 21:07 pma_userconfig.MYD
-rw-rw---- 1 mysql mysql  2048 ene  9 21:07 pma_userconfig.MYI

And check that the deamon runs as mysql:

user@server:~$ sudo ps -eo pid,pgrp,ppid,comm,cgroup,euser,egroup,fuser,fgroup,ruser,rgroup,suser,sgroup,label| grep mysql
 2475  2475     1 mysqld          -                           mysql    mysql    mysql    mysql    mysql    mysql    mysql    mysql    /usr/sbin/mysqld

The strange thing is that the service runs, and mysql is able to read all files (it shows previously created databases and tables without problem). But when I try to create or modificate a database or table, it returns Errcode 13, but I do can update existing tables.

Also, SELinux is disbled:

$ sudo sestatus
SELinux status:                 disabled

And mysqld is in complain mode in apparmor:

~$ sudo apparmor_status 
apparmor module is loaded.
17 profiles are loaded.
16 profiles are in enforce mode.
   /sbin/dhclient
   /usr/bin/evince
   /usr/bin/evince-previewer
   /usr/bin/evince-previewer//launchpad_integration
   /usr/bin/evince-previewer//sanitized_helper
   /usr/bin/evince-thumbnailer
   /usr/bin/evince-thumbnailer//sanitized_helper
   /usr/bin/evince//launchpad_integration
   /usr/bin/evince//sanitized_helper
   /usr/lib/NetworkManager/nm-dhcp-client.action
   /usr/lib/connman/scripts/dhclient-script
   /usr/lib/cups/backend/cups-pdf
   /usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper
   /usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper//chromium_browser
   /usr/sbin/cupsd
   /usr/sbin/tcpdump
    1 profiles are in complain mode.
   /usr/sbin/mysqld
2 processes have profiles defined.
1 processes are in enforce mode.
   /usr/sbin/cupsd (742) 
1 processes are in complain mode.
   /usr/sbin/mysqld (2475) 
0 processes are unconfined but have a profile defined.

So, I don't know where else I should search.

Eloy

Posted 2014-04-10T07:44:44.967

Reputation: 121

No answers

Asked: 2014-04-10T07:44:44.967

Viewed: 221 times

Active: 2014-04-10T07:44:44.967