From 5951f4a174de39f1cb0c15d46e3b683499d489bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Otto=20Kek=C3=A4l=C3=A4inen?= <otto@kekalainen.net>
Date: Tue, 21 Apr 2020 21:14:54 +0300
Subject: [PATCH] MDEV-22159: Don't redirect as root to a tmp file not owned by
 root

Also add a check for tmp file being empty and bail out with a clear
error message in such a case, as mysqld_safe prevents normal stderr
from being displayed anywhere and would fail silently on this.
---
 scripts/mysqld_safe.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/scripts/mysqld_safe.sh b/scripts/mysqld_safe.sh
index ef72737766d..3dda22507af 100644
--- a/scripts/mysqld_safe.sh
+++ b/scripts/mysqld_safe.sh
@@ -235,7 +235,9 @@ wsrep_recover_position() {
   fi
 
   if [ -f $wr_logfile ]; then
-    [ "$euid" = "0" ] && chown $user $wr_logfile
+    # NOTE! Do not change ownership of the temporary file, as on newer kernel
+    # versions fs.protected_regular is set to '2' and redirecting output with >
+    # as root to a file not owned by root will fail with "Permission denied"
     chmod 600 $wr_logfile
   else
     log_error "WSREP: mktemp failed"
@@ -250,6 +252,11 @@ wsrep_recover_position() {
 
   eval "$mysqld_cmd --wsrep_recover $wr_options 2> $wr_logfile"
 
+  if [ ! -s "$wr_logfile" ]; then
+    log_error "Log file $wr_logfile was empty, cannot proceed. Is system running fs.protected_regular?"
+    exit 1
+  fi
+
   local rp="$(grep 'WSREP: Recovered position:' $wr_logfile)"
   if [ -z "$rp" ]; then
     local skipped="$(grep WSREP $wr_logfile | grep 'skipping position recovery')"