如何解决在安卓手机上安装MySQL遇到Permission denied的问题

我试图在一个旧的安卓手机里安装使用MySQL的web server,运行在chroot环境中,底层系统运行的是Ubuntu 16.04,安装的很顺利,但在启动mysqld时,出现了错误,不能启动:

[email protected]:~# /usr/sbin/mysqld
... [Warning] Using unique option prefix key_buffer instead of key_buffer_size is deprecated and will be removed in a future release. Please use the full name instead.
... [Note] /usr/sbin/mysqld (mysqld 5.5.49-0+deb7u1) starting as process 31419 ...
... [Warning] Using unique option prefix myisam-recover instead of myisam-recover-options is deprecated and will be removed in a future release. Please use the full name instead.
... [Note] Plugin 'FEDERATED' is disabled.
... InnoDB: The InnoDB memory heap is disabled
... InnoDB: Mutexes and rw_locks use GCC atomic builtins
... InnoDB: Compressed tables use zlib 1.2.7
... InnoDB: Using Linux native AIO
... InnoDB: Initializing buffer pool, size = 128.0M
... InnoDB: Completed initialization of buffer pool
... InnoDB: highest supported file format is Barracuda.
... InnoDB: Waiting for the background threads to start
... InnoDB: 5.5.49 started; log sequence number 1598476
... [Note] Server hostname (bind-address): '127.0.0.1'; port: 3306
... [Note]   - '127.0.0.1' resolves to '127.0.0.1';
... [ERROR] Failed to create a socket for IPv4 '127.0.0.1': errno: 13.
... [ERROR] Can't create IP socket: Permission denied
... [ERROR] Aborting
...  InnoDB: Starting shutdown...
...  InnoDB: Shutdown completed; log sequence number 1598476
... [Note] /usr/sbin/mysqld: Shutdown complete

最后发现,Android使用了特制的linux内核,它启用了CONFIG_ANDROID_PARANOID_NETWORK配置,在这种情况下,只有属于几个硬编码的群组身份的系统用户才能访问网络。

groupadd -g 3001 aid_bt
groupadd -g 3002 aid_bt_net
groupadd -g 3003 aid_inet
groupadd -g 3004 aid_net_raw
groupadd -g 3005 aid_admin

只有当一个应用获取了网络访问权限后,安卓才会将这个用户(app)添加到这个组。

当一个用户被添加到这些组后,它就获取了使用socket()的权限。

usermod -a -G aid_bt,aid_bt_net,aid_inet,aid_net_raw,aid_admin someuser

然而,当一个进程用seteuid()来将root用户切换成一个无特权的用户时,并不会因为这个用户属于aid_*组而能执行访问网络权限。反而,root用户必须也要加入这些组:

usermod -a -G aid_bt,aid_bt_net,aid_inet,aid_net_raw,aid_admin root

所以,最初的没有权限的问题,我们可以通过将mysql用户添加到aid_inet 组 aid_net_raw 来解决。

[[email protected] mysqld]# usermod -a -G aid_inet,aid_net_raw mysql
[[email protected] mysqld]# su mysql
[[email protected] mysqld]$ mysqld
...  9:56:00 4144179136 [Note] mysqld (mysqld 10.1.22-MariaDB) starting as process 7246 ...
...  9:56:00 4144179136 [Note] InnoDB: Using mutexes to ref count buffer pool pages
...  9:56:00 4144179136 [Note] InnoDB: The InnoDB memory heap is disabled
...  9:56:00 4144179136 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
...  9:56:00 4144179136 [Note] InnoDB: GCC builtin __atomic_thread_fence() is used for memory barrier
...  9:56:00 4144179136 [Note] InnoDB: Compressed tables use zlib 1.2.11
...  9:56:00 4144179136 [Note] InnoDB: Using Linux native AIO
...  9:56:00 4144179136 [Note] InnoDB: Using generic crc32 instructions
...  9:56:00 4144179136 [Note] InnoDB: Initializing buffer pool, size = 128.0M
...  9:56:00 4144179136 [Note] InnoDB: Completed initialization of buffer pool
...  9:56:00 4144179136 [Note] InnoDB: Highest supported file format is Barracuda.
...  9:56:00 4144179136 [Note] InnoDB: 128 rollback segment(s) are active.
...  9:56:00 4144179136 [Note] InnoDB: Waiting for purge to start
...  9:56:00 4144179136 [Note] InnoDB:  Percona XtraDB (http://www.percona.com) 5.6.35-80.0 started; log sequence number 1616869
...  9:56:00 4144179136 [Note] Plugin 'FEEDBACK' is disabled.
...  9:56:00 3632237376 [Note] InnoDB: Dumping buffer pool(s) not yet started
...  9:56:00 4144179136 [Note] Server socket created on IP: '::'.
...  9:56:00 4144179136 [Note] mysqld: ready for connections.
Version: '10.1.22-MariaDB'  socket: '/run/mysqld/mysqld.sock'  port: 3306  MariaDB Server
阅读余下内容
 

发表评论

电子邮件地址不会被公开。 必填项已用*标注


京ICP备12002735号