MySQL on Ubuntu fails to start. The following error messages are shown in the output of the journalctl -xe
command:
AVC apparmor=”DENIED” operation=”open” profile=”/usr/sbin/mysqld” name=”/proc/666999/status” pid=666999 comm=”mysqld” requested_mask=”r” denied_mask=”r” fsuid=124 ouid=124
AVC apparmor=”DENIED” operation=”open” profile=”/usr/sbin/mysqld” name=”/sys/devices/system/node/” pid=666999 comm=”mysqld” requested_mask=”r” denied_mask=”r” fsuid=124 ouid=0
audit: type=1400 audit(): apparmor=”DENIED” operation=”open” profile=”/usr/sbin/mysqld” name=”/proc/666999/status” pid=666999 comm=”mysqld” requested_mask=”r” denied_mask=”r” fsuid=124 ouid=124
audit: type=1400 audit(): apparmor=”DENIED” operation=”open” profile=”/usr/sbin/mysqld” name=”/sys/devices/system/node/” pid=666999 comm=”mysqld” requested_mask=”r” denied_mask=”r” fsuid=124 ouid=0
Cause
AppArmor is not properly configured.
Resolution
Add permissions for the objects reported in the lines that start with ‘name=
‘ in the output to the file /etc/apparmor.d/usr.sbin.mysqld
.
In this example, it is required to add r
permissions to /proc/*/status
and /sys/devices/system/node/
. The paths may be different depending on the error messages.
- Connect the server via SSH.
- Open the file
/etc/apparmor.d/usr.sbin.mysqld
in a text editor (for example, vi editor) and add the lines below at the end of the/usr/sbin/mysqld
section at the end of the file
/usr/sbin/mysqld {
…
/proc/*/status r,
/sys/devices/system/node/ r,
/sys/devices/system/node/node*/meminfo r,
/sys/devices/system/node/*/* r,
/sys/devices/system/node/* r,
…
} - Reload AppArmor configuration for MySQL service:# apparmor_parser -r /etc/apparmor.d/usr.sbin.mysqld
- Start MySQL server:# service mysql start
Or, Just in case if the steps above does not work, you can try the following steps:
Open File: /etc/apparmor.d/local/usr.sbin.mysqld
Add these lines:
/data/ r,
/data/** rwk,
systemctl restart apparmor
Hope this helps.