This file is indexed.

postinst is in mysql-server-5.7 5.7.21-1ubuntu1.

This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
#!/bin/bash

set -e

. /usr/share/debconf/confmodule

if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi
${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*" 1>&2 }
 
export PATH=$PATH:/sbin:/usr/sbin:/bin:/usr/bin

# This command can be used as pipe to syslog. With "-s" it also logs to stderr.
ERR_LOGGER="logger -p daemon.err -t mysqld_safe -i"

# Start the server with networking disabled and socket in a temporary location
# Usage: start_server <datadir> <tmpdir> <skip_grant>
# Params:
# datadir - Location of database files
# tmpdir - Used to store temporary pid and socket files
# skip_grant - If set, the server will be started with --skip-grant-tables
start_server() {
  local datadir=$1
  local tmpdir=$2
  local skip_grant=$3
  # If a database is already running, mysqld will keep trying to lock the files for ~100 seconds before failing.
  # If the ibdata1 file is locked we fail immediately
  if fuser "$datadir/ibdata1"; then
    echo "ERROR: Database files are locked. Daemon already running?" >&2
    return 1
  fi
  # The --daemonize flag makes the process fork, with the original exiting once the database is ready for use
  if [ ! -z "$skip_grant" ]; then
    mysqld --user=mysql --daemonize --socket="$tmpdir/mysqld.sock" --pid-file="$tmpdir/mysqld.pid" --skip-networking --skip-grant-tables
  else
    mysqld --user=mysql --daemonize --socket="$tmpdir/mysqld.sock" --pid-file="$tmpdir/mysqld.pid" --skip-networking
  fi
}

# Shut down the server by sending a kill signal to the process
# Usage: stop_server <tmpdir>
# Params:
# tmpdir - Location of temporary pid-file
stop_server(){
  local tmpdir=$1
  # Send kill signal
  server_pid=$(cat "$tmpdir/mysqld.pid")
  kill "$server_pid"

  for i in $(seq 1 60); do
    sleep 0.1 # A full second is too long, but we need to give the server _some_ time.
    if ! $(ps $server_pid >/dev/null 2>&1); then
      return 0
    fi
    sleep 1
  done
  # The server hasn't shut down in a timely manner
  echo "Error: Unable to shut down server with process id $server_pid" >&2
  return 1
}

# Runs an arbitrary init sql file supplied in $1. Does not require login access
run_init_sql() {
  tmpdir=`mktemp -d`
  chown mysql:mysql "$tmpdir"
  mysqld --user=mysql --init-file="$1" --socket="$tmpdir/mysqld.sock" --pid-file="$tmpdir/mysqld.pid" > /dev/null 2>&1
  result=$?
  rm -rf "$tmpdir"
  return $result
}

# To avoid having hardcoded paths in the script, we do a search on the path, as suggested at:
# https://www.debian.org/doc/manuals/developers-reference/ch06.en.html#bpp-debian-maint-scripts
pathfind() {
  OLDIFS="$IFS"
  IFS=:
  for p in $PATH; do
    if [ -x "$p/$*" ]; then
      IFS="$OLDIFS"
      return 0
    fi
  done
  IFS="$OLDIFS"
  return 1
}

invoke() {
  if pathfind invoke-rc.d; then
    invoke-rc.d mysql $1
  else
    /etc/init.d/mysql $1
  fi
}

# Check if server is able to start. If it fails we abort early and refer
# the user to a wiki page with solutions for common configuration problems.
test_mysqld_startup() {
  # mysqld --verbose --help will output a full listing of settings and plugins.
  # To do so it needs to initialize the database, so it can be used as a test
  # for whether or not the server can start. We redirect stdout to /dev/null so
  # only the error messages are left.
  result=0
  output=$(mysqld --verbose --help --innodb-read-only 2>&1 > /dev/null) || result=$?
  if [ ! "$result" = "0" ]; then
    echo "ERROR: Unable to start MySQL server:" >&2
    echo "$output" >&2
    echo "Please take a look at https://wiki.debian.org/Teams/MySQL/FAQ for tips on fixing common upgrade issues." >&2
    echo "Once the problem is resolved, run apt-get --fix-broken install to retry." >&2
  fi
  return $result
}

# Default config in 5.5 and older 5.6 installations contains two deprecated
# options that were removed in 5.7. They were renamed, so we can fix this
# automatically. We create a backup of the old file
fix_old_config_options() {
  [ -f /etc/mysql/my.cnf.migrated ] || return 0
  sed -e 's/[[:space:]]*key_buffer[[:space:]]*=/# Obsolete key_buffer option renamed to key_buffer_size by maintainer script\nkey_buffer_size\t\t=/' \
      -e 's/[[:space:]]*myisam-recover[[:space:]]*=/# Obsolete myisam-recover option renamed to myisam_recover_options by maintainer script\nmyisam_recover_options\t=/' /etc/mysql/my.cnf.migrated --in-place=.bak
  # If nothing was changed, remove the new file
  if cmp -s /etc/mysql/my.cnf.migrated /etc/mysql/my.cnf.migrated.bak; then
    mv /etc/mysql/my.cnf.migrated.bak /etc/mysql/my.cnf.migrated
  fi
}

# Check if there is passwordless root login
# Usage: test_mysql_access <tmpdir>
# Params:
# tmpdir - Location of mysqld.sock file
test_mysql_access() {
  local tmpdir=$1
  mysql --no-defaults -u root --socket="$tmpdir/mysqld.sock" </dev/null >/dev/null 2>&1
}

this_version=5.7

# This is necessary because mysql_install_db removes the pid file in /var/run
# and because changed configuration options should take effect immediately.
# In case the server wasn't running at all it should be ok if the stop
# script fails. I can't tell at this point because of the cleaned /var/run.
set +e; invoke stop; set -e
    
case "$1" in
  configure)
    # INSERT ANY VERSIONED UPGRADE PATH HANDLING HERE AND NO LATER

    # Versioned upgrade path handling must be done before freeze mode detection;
    # otherwise the following freeze mode handling may cause upgrade path
    # handling to be skipped over multiple version upgrades, meaning that the
    # upgrade path handling never runs on some systems where freeze mode
    # remains active for a long period.

    if [ -e /etc/mysql/FROZEN -o -h /etc/mysql/FROZEN ]; then
      db_input critical mysql-server-$this_version/installation_freeze_mode_active || true
      db_go
      db_stop
      echo "Packaging maintenance of MySQL will stop and the daemon disabled to prevent damage to your system." 1>&2
      echo "For help, see /etc/mysql/FROZEN" 1>&2
      exit 0
    fi

    mysql_datadir=/usr/share/mysql
    mysql_statedir=/var/lib/mysql
    mysql_rundir=/var/run/mysqld
    mysql_logdir=/var/log/mysql
    mysql_cfgdir=/etc/mysql
    mysql_upgradedir=/var/lib/mysql-upgrade
    mysql_filesdir=/var/lib/mysql-files
    mysql_keyringdir=/var/lib/mysql-keyring

    # mysqld gets called during postinst configure, so any
    # updates to the AppArmor profile must be loaded first (before the
    # dh_apparmor snippet added by debhelper does it properly at the end of
    # this script). Otherwise, mysqld cannot for example load
    # /etc/mysql/mysqld.conf.d/ on upgrade from 5.5 to 5.6, which was added in
    # 5.6 packaging but not present in the AppArmor profile shipped with 5.5
    # packaging.
    #
    # This a workaround. Status is tracked at https://launchpad.net/bugs/1435368
    if aa-status --enabled 2>/dev/null; then
      # It is common for this to fail because
      # /etc/apparmor.d/local/usr.sbin.mysqld doesn't exist (eg. on first
      # install). But if this happens, then the workaround is not required,
      # so it doesn't matter. If instead it causes a security issue, then
      # that doesn't really matter here as dh_apparmor should handle that
      # correctly later on.
      apparmor_parser -r -T -W /etc/apparmor.d/usr.sbin.mysqld 2>/dev/null || true
    fi

    # New packaging paradigm for my.cnf as of Dec-2014 for sharing mysql
    # variants in Ubuntu.
    /usr/share/mysql-common/configure-symlinks install mysql "$mysql_cfgdir/mysql.cnf"

    # Ensure the existence and right permissions for the database and
    # log files.
    for d in $mysql_statedir $mysql_filesdir $mysql_keyringdir $mysql_logdir
    do
      if [ ! -d "$d" -a ! -L "$d" ]; then mkdir "$d"; fi
      chown -R mysql:mysql $d
      chmod 0700 $d
    done

    # When creating an ext3 jounal on an already mounted filesystem like e.g.
    # /var/lib/mysql, you get a .journal file that is not modifyable by chown.
    # The mysql_datadir must not be writable by the mysql user under any
    # circumstances as it contains scripts that are executed by root.
    set +e
    chown -R 0:0 $mysql_datadir
    touch $mysql_logdir/error.log
    chown -R mysql:adm $mysql_logdir
    chmod 0750 $mysql_logdir
    chmod 0640 $mysql_logdir/error.log
    set -e

    # This is important to avoid dataloss when there is a removed
    # mysql-server version from Woody lying around which used the same
    # data directory and then somewhen gets purged by the admin.
    db_set mysql-server/postrm_remove_database false || true

    # Fix old options that were deprecated in 5.5 and removed in 5.7
    if dpkg --compare-versions "$2" le "5.7.13-0ubuntu3~"; then
      echo "Renaming removed key_buffer and myisam-recover options (if present)"
      fix_old_config_options
    fi

    # Sanity check to make sure the server can start
    test_mysqld_startup

    ## On every reconfiguration the maintenance user is recreated.
    #
    # - It is easier to regenerate the password every time but as people
    #   use fancy rsync scripts and file alteration monitors, the existing
    #   password is used and existing files not touched.
    # - The echo is just for readability. ash's buildin has no "-e" so use /bin/echo.

    # recreate the credentials file if not present or without mysql_upgrade stanza
    dc=$mysql_cfgdir/debian.cnf; 
    if [ -e "$dc" -a -n "`fgrep mysql_upgrade $dc 2>/dev/null`" ]; then
      pass="`sed -n 's/^[     ]*password *= *// p' $dc | head -n 1`"
      # Basedir is deprecated. Remove the option if it's in an existing debian.cnf
      sed -i '/basedir/d' "$dc"
    else
      pass=`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)'`;
      if [ ! -d "$mysql_cfgdir" ]; then install -o 0 -g 0 -m 0755 -d $mysql_cfgdir; fi
      umask 066
      cat /dev/null > $dc
      umask 022
      echo "# Automatically generated for Debian scripts. DO NOT TOUCH!" >>$dc
      echo "[client]"                                                    >>$dc
      echo "host     = localhost"                                        >>$dc
      echo "user     = debian-sys-maint"                                 >>$dc
      echo "password = $pass"                                            >>$dc
      echo "socket   = $mysql_rundir/mysqld.sock"                        >>$dc
      echo "[mysql_upgrade]"                                             >>$dc
      echo "host     = localhost"                                        >>$dc
      echo "user     = debian-sys-maint"                                 >>$dc
      echo "password = $pass"                                            >>$dc
      echo "socket   = $mysql_rundir/mysqld.sock"                        >>$dc
    fi
    # If this dir chmod go+w then the admin did it. But this file should not.
    chown 0:0 $dc
    chmod 0600 $dc

    # Initiate database. Output is not allowed by debconf :-(
    # If database doesn't exist we create it.
    if [ ! "$(ls -A "${mysql_statedir}")" ] && [ -d "${mysql_filesdir}" ]; then
      existingdatabase=0
      initfile=`mktemp --tmpdir=/var/lib/mysql-files/`
      touch "$initfile"
      chmod 600 "$initfile"
      chown mysql:mysql "$initfile"
      echo "USE mysql; " >> "$initfile"
      db_get mysql-server/root_password && rootpw="$RET"
      if [ ! -z "$rootpw" ]; then
        rootpw=$(printf %q "${rootpw}")
        echo "ALTER USER 'root'@'localhost' IDENTIFIED BY '$rootpw';" >> "$initfile"
      fi
      echo "CREATE USER IF NOT EXISTS 'debian-sys-maint'@'localhost' IDENTIFIED BY '$pass';" >> "$initfile"
      echo "GRANT ALL ON *.* TO 'debian-sys-maint'@'localhost' WITH GRANT OPTION;" >> "$initfile"
      echo "SHUTDOWN;" >> "$initfile"
      # mysqld returns an error instead of a warning if CREATE USER IF NOT
      # EXISTS fails, so ignore errors as a workaround. See:
      # http://bugs.mysql.com/bug.php?id=80636
      mysqld --initialize-insecure --user=mysql --init-file="$initfile"> /dev/null 2>&1 || true
      rm "$initfile"
    else
      existingdatabase=1
    fi

    # To avoid downgrades. This has to happen after the database is created, or --initialize will fail
    touch $mysql_statedir/debian-5.7.flag

  ;;

  abort-upgrade|abort-remove|abort-configure)
  ;;

  *)
    echo "postinst called with unknown argument '$1'" 1>&2
    exit 1
  ;;
esac


if [ "$1" = "configure" ]; then
  # We want to run mysql_upgrade to cover users upgrading. Since
  # mysql_upgrade is a client and we don't know the root credentials,
  # we run the server in skip_grant mode to allow it access.
  if [ $existingdatabase = 1 ]; then
    # Generate a tmpdir to store socket and pid files
    tmpdir=$(mktemp -d)
    chown mysql:mysql "$tmpdir"
    mysql_statedir=/var/lib/mysql
    result=0
    start_server "$mysql_statedir" "$tmpdir" "skip_grant" || result=$?
    # If the server fails to start, then skip the various client operations
    if [ $result -ne 0 ]; then
      echo "Warning: Unable to start the server. Please restart MySQL and run mysql_upgrade to ensure the database is ready for use." >&2
    else
      # mysql_upgrade returns exit status 2 if the database is already upgraded
      # (LP: #1566406) so ignore its exit status if it is 2.
      result=0
      mysql_upgrade --no-defaults --socket="$tmpdir/mysqld.sock" || result=$?
      if [ $result -ne 0 -a $result -ne 2 ]; then
        echo "mysql_upgrade failed with exit status $result" >&2
        stop_server "$tmpdir"
        rm -rf "$tmpdir"
        exit 1
      fi
      # Stop the server
      stop_server "$tmpdir"
    fi
    rm -rf "$tmpdir"
  fi
  # Here we check to see if we can connect as root without a password
  # this should catch upgrades from previous versions where the root
  # password wasn't set.  If the connection succeeds we install the
  # auth_socket plugin and enable it for the root user to improve
  # security.
  tmpdir=$(mktemp -d)
  chown mysql:mysql "$tmpdir"
  mysql_statedir=/var/lib/mysql
  result=0
  start_server "$mysql_statedir" "$tmpdir" || result=$?
  if [ $result -ne 0 ]; then
    echo "Warning: Unable to start the server." >&2
  elif test_mysql_access "$tmpdir"; then
    db_get mysql-server/root_password && rootpw="$RET"
    if [ ! -z "$rootpw" ]; then
      stop_server "$tmpdir"
      rootpw=$(printf %q "${rootpw}")
      initfile=`mktemp --tmpdir=/var/lib/mysql-files/`
      chown mysql:mysql "$initfile"
      echo "ALTER USER 'root'@'localhost' IDENTIFIED WITH 'mysql_native_password' BY '$rootpw';" >> "$initfile"
      echo "SHUTDOWN;"                                                                           >> "$initfile"
      run_init_sql "$initfile"
      rm "$initfile"
    else
      # Try to install auth_socket plugin. This throws an error if the plugin is
      # already installed, which would end execution of the init sql to stop if
      # --init-file was used. Bug: http://bugs.mysql.com/bug.php?id=80642
      pluginfile=`mktemp --tmpdir=/var/lib/mysql-files/`
      echo "INSTALL PLUGIN auth_socket SONAME 'auth_socket.so';" >> "$pluginfile"
      mysql --no-defaults --socket="$tmpdir/mysqld.sock" -uroot < "$pluginfile" > /dev/null 2>&1 || true
      rm "$pluginfile"
      stop_server "$tmpdir"
      initfile=`mktemp --tmpdir=/var/lib/mysql-files/`
      chown mysql:mysql "$initfile"
      # If there is no root password set we enable the auth_socket plugin for the root user
      echo "USE mysql;"                                                                   >> "$initfile"
      echo "ALTER USER 'root'@'localhost' IDENTIFIED WITH 'auth_socket';"                 >> "$initfile"
      echo "SHUTDOWN;"                                                                    >> "$initfile"
      # The INSTALL PLUGIN line will throw an error if the plugin is already installed
      run_init_sql "$initfile"
      rm "$initfile"
    fi
  else
    stop_server "$tmpdir"
  fi
  rm -rf "$tmpdir"
fi

# forget we ever saw the password.  don't use reset to keep the seen status
db_set mysql-server/root_password ""
db_set mysql-server/root_password_again ""
db_stop # in case invoke failes

# Automatically added by dh_apparmor/UNDECLARED
aa_is_enabled() {
   if command aa-enabled >/dev/null 2>&1; then
      # apparmor >= 2.10.95-2
      aa-enabled --quiet 2>/dev/null
   else
      # apparmor << 2.10.95-2
      # (This should be removed once Debian Stretch and Ubuntu 18.04 are out.)
      rc=0
      aa-status --enabled 2>/dev/null || rc=$?
      [ "$rc" = 0 ] || [ "$rc" = 2 ]
   fi
}

if [ "$1" = "configure" ]; then
    APP_PROFILE="/etc/apparmor.d/usr.sbin.mysqld"
    if [ -f "$APP_PROFILE" ]; then
        # Add the local/ include
        LOCAL_APP_PROFILE="/etc/apparmor.d/local/usr.sbin.mysqld"

        test -e "$LOCAL_APP_PROFILE" || {
            tmp=`mktemp`
        cat <<EOM > "$tmp"
# Site-specific additions and overrides for usr.sbin.mysqld.
# For more details, please see /etc/apparmor.d/local/README.
EOM
            mkdir `dirname "$LOCAL_APP_PROFILE"` 2>/dev/null || true
            mv -f "$tmp" "$LOCAL_APP_PROFILE"
            chmod 644 "$LOCAL_APP_PROFILE"
        }

        # Reload the profile, including any abstraction updates
        if aa_is_enabled; then
            apparmor_parser -r -T -W "$APP_PROFILE" || true
        fi
    fi
fi
# End automatically added section
# Automatically added by dh_systemd_enable/11.1.4ubuntu1
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
	# This will only remove masks created by d-s-h on package removal.
	deb-systemd-helper unmask 'mysql.service' >/dev/null || true

	# was-enabled defaults to true, so new installations run enable.
	if deb-systemd-helper --quiet was-enabled 'mysql.service'; then
		# Enables the unit on first installation, creates new
		# symlinks on upgrades if the unit file has changed.
		deb-systemd-helper enable 'mysql.service' >/dev/null || true
	else
		# Update the statefile to add new symlinks (if any), which need to be
		# cleaned up on purge. Also remove old symlinks.
		deb-systemd-helper update-state 'mysql.service' >/dev/null || true
	fi
fi
# End automatically added section
# Automatically added by dh_installinit/11.1.4ubuntu1
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
	if [ -x "/etc/init.d/mysql" ]; then
		update-rc.d mysql defaults 19 21 >/dev/null
		invoke-rc.d mysql start || exit 1
	fi
fi
# End automatically added section


exit 0