#1105029 mariadb-server: mariadb.service generates warning about unset MYSQLD_OPTS and _WSREP_NEW_CLUSTER #1105029
- Package:
- mariadb-server
- Source:
- mariadb-server
- Description:
- MariaDB database server binaries
- Submitter:
- Daniel Lewart
- Date:
- 2025-11-30 08:45:02 UTC
- Severity:
- normal
- Tags:
Dear Otto, et al, After installing mariadb-server: $ journalctl -p warning -u mariadb ... mariadb.service: Referenced but unset environment variable evaluates to an empty string: MYSQLD_OPTS, _WSREP_NEW_CLUSTER Untested patch below. Thank you! Daniel Lewart Urbana, Illinois --- diff -ru a/support-files/mariadb.service.in b/support-files/mariadb.service.in --- a/support-files/mariadb.service.in 2025-04-23 18:50:43.000000000 -0500 +++ b/support-files/mariadb.service.in 2025-05-10 00:00:00.000000000 -0500 @@ -69,6 +69,7 @@ ProtectHome=true # Use an environment file to pass variable _WSREP_NEW_CLUSTER +Environment=_WSREP_NEW_CLUSTER='' EnvironmentFile=-@mysqlunixdir@/wsrep-new-cluster # Use an environment file to pass variable _WSREP_START_POSITION @@ -94,6 +95,7 @@ # Use the [Service] section and Environment="MYSQLD_OPTS=...". # This isn't a replacement for my.cnf. # _WSREP_NEW_CLUSTER is for the exclusive use of the script galera_new_cluster +Environment=MYSQLD_OPTS='' ExecStart=@sbindir@/mariadbd $MYSQLD_OPTS $_WSREP_NEW_CLUSTER $_WSREP_START_POSITION # Unset _WSREP_START_POSITION environment variable.
Hi Daniel! Thanks for reporting this. As the service file is inherited from upstream, would you like to send this patch directly upstream? See https://github.com/mariadb/server/
A more complete backport of MDEV-19210 commits would be required to have a serviceable Galera with systemd. upstream commits: * 3d2e54ff8c6070800ead60dd1616df30c5936c8b * 105473233dd49b198758432fa0da5d0811f99c08 * aeffec60f6864bae5af04dac1184f2a0f2c77f38 * 4c56c66372c3f578dc75b537a79bf922dbddcafd * 621926e90ac05c33b956cf123f08e56b654d00df * 7936254012784790b7747dc07941917af1bbb83c yes, directories should have execute permissions.
Correction; The original patch on the bug report seems quite sufficient for the branch targeted. A PR with MDEV-35904 would be much appreciated.
I just noticed upstream has a bunch of commits changing this recently: https://salsa.debian.org/mariadb-team/mariadb-server/-/commit/6c40590405da71a592a65b68e6b41b11437fb517 https://salsa.debian.org/mariadb-team/mariadb-server/-/commit/b54e4bf00b191633c74baad143c552bfb478fff3 https://salsa.debian.org/mariadb-team/mariadb-server/-/commit/48e6918c94d3a2caa99feb4b1195b9d6e2739581 https://salsa.debian.org/mariadb-team/mariadb-server/-/commit/161ce045a71e306768d4609bdc35788fa5ea2a71 https://salsa.debian.org/mariadb-team/mariadb-server/-/commit/7936254012784790b7747dc07941917af1bbb83c https://salsa.debian.org/mariadb-team/mariadb-server/-/commit/aeffec60f6864bae5af04dac1184f2a0f2c77f38 As well as discussion in https://lists.mariadb.org/hyperkitty/list/discuss@lists.mariadb.org/thread/5WDLWVUZEBPHR2Z4S7TEGALKAFJTULOB/
Hi Daniel D, Daniel B and others! Was there ever a PR on this? Did it get fixed in 11.8.3? Reference: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105029
Not that I saw. Sadly not.
Hi Daniel! You filed this https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108553 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105029, both with with detailed investigations and a patch for upstream code. Did you open PR(s) upstream, did they accept your fix? - Otto
Hi! Did you send this upstream, did you get some feedback?
Just checking how it went with these? It would be great if you could contribute this fix directly to upstream systemd files (see https://github.com/MariaDB/server/tree/main/support-files).
Seems there was more commits related to this in upstream recently: https://salsa.debian.org/mariadb-team/mariadb-server/-/commit/569039eb059c1861353251652486b5370b1a8ce2 https://salsa.debian.org/mariadb-team/mariadb-server/-/commit/649216e70d87c84b6c78e4cfb26c0afc96d5192e Specifically the upstream commit 569039eb seems to fix the warnings emitted by missing _WSREP_START_POSITION, and thus this is now fixed in MariaDB 11.8.5.
We believe that the bug you reported is fixed in the latest version of mariadb, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1105029@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Otto Kekäläinen <otto@debian.org> (supplier of updated mariadb package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) Format: 1.8 Date: Sat, 29 Nov 2025 09:48:55 -0800 Source: mariadb Architecture: source Version: 1:11.8.5-1 Distribution: unstable Urgency: medium Maintainer: Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org> Changed-By: Otto Kekäläinen <otto@debian.org> Closes: 1028272 1105029 1106944 1109394 1119866 1120669 1121027 Changes: mariadb (1:11.8.5-1) unstable; urgency=medium . [ Otto Kekäläinen ] * New upstream maintenance release 11.8.5. For details about fixes please see https://mariadb.com/docs/release-notes/community-server/11.8/11.8.5 * The version 11.8.4 was skipped in Debian (and Ubuntu) as it has a severe regression causing partial data deletion when using the DELETE statement on MyISAM or Aria tables under specific conditions (MDEV-38068) * For details about fixes in 11.8.4 please see https://mariadb.com/docs/release-notes/community-server/11.8/11.8.4 * This release does _not_ include any CVE tracked security fixes as per https://mariadb.com/docs/server/security/securing-mariadb/security * The MariaDB 11.8.4 did have a fix for mariadb-dump failing to run if a for any table with a slash in the name. This has no actual exploit and requires the attacker to already have access to the database so they can create tables with arbitrary names. Trend Micro did however publish: - CVE-2025-13699 * Update server trace to include new parameters and values * Already existing plugins marked ready for general availability by upstream in this release: uuid_v4, uuid_v7 and inet4 * Add Lintian override for false error in test plugin * Patch new upstream test main.alter_merge to allow 'from Debian' * Add libcrypt-dev to Build-Depends (Closes: #1106944) * Extend unstable tests to skip for sparc64 and x32 * Remove Rules-Requires-Root * Update patch Forwarded fields to reflect latest status * Salsa CI: Disable running `gbp setup-gitattributes` * Salsa CI: Fix typos introduced in 855bc4f6 * Salsa CI: Disable the new 'debrebuild' job for MariaDB due to timeouts . [ Daniel Black ] * MDEV-37411: Re-enable AIO in Debian * MDEV-15502: use tmpfiles with systemd (Closes: #1028272) * MDEV-37776: shlibs:Depends shouldn't be explicit . [ Jean Weisbuch ] * MDEV-37852: Fix mytop connection to localhost (Closes: #1109394) . [ Christian Hesse ] * MDEV-35904/MDEV-19210: use environment file in systemd units for _WSREP_START_POSITION (Closes: #1105029) . [ Aquila Macedo ] * Add patch for new PCRE2 version 10.47 offset change (Closes: #1119866) * Salsa CI: install build-essential for Python-MySQLdb job (Closes: #1121027) * Salsa CI: keep provider plugins in sync in bookworm -> sid upgrade job . [ Sergei Golubchik ] * MDEV-37600: Implement caching_sha2_password plugin for MySQL compatibility . [ Helge Kreutzmann ] * Update German translation of debconf messages (Closes: #1120669) Checksums-Sha1: daad9c48db07acadabab8c65b7a32d3c9b1f2040 5659 mariadb_11.8.5-1.dsc a39f90bb51735ec562bbac9927ddcce10aed2aaf 119948843 mariadb_11.8.5.orig.tar.gz 632cddfb8ee6037ee761de1f17661d70566bdadc 833 mariadb_11.8.5.orig.tar.gz.asc fb8a8e8dc546b22f9ec8169c066db930a2ff0de9 291336 mariadb_11.8.5-1.debian.tar.xz 36426b9ba86eb9b88beb6fff547b65372f64563a 13601 mariadb_11.8.5-1_source.buildinfo Checksums-Sha256: 5bba63a47d137853bbc77df23345aecdfe1a8db7c2f6f3b57f643150737e14fc 5659 mariadb_11.8.5-1.dsc bcb7394569c08877c283e1649869504531bee8caafa30288f078e30d99fcb9f6 119948843 mariadb_11.8.5.orig.tar.gz 2e7d4c763e0b5580f6788d57005aaeb3d0742ab6d7e4b89fbc0c9f5d3ea96f21 833 mariadb_11.8.5.orig.tar.gz.asc 69b5c328c88fbd9eac76a40afd58470ce22c18c2fc39dc0e4ffc12262ac1914d 291336 mariadb_11.8.5-1.debian.tar.xz b2ee2f65c7c462600402317951948110f0d656c9e95ea35ce627272d55ab2e6f 13601 mariadb_11.8.5-1_source.buildinfo Files: d58b64786aff7d95d307b2646bf3c0f0 5659 database optional mariadb_11.8.5-1.dsc b288cc592235177a46d3b0eac8722339 119948843 database optional mariadb_11.8.5.orig.tar.gz 1829ae0c7729063f194962635229b35d 833 database optional mariadb_11.8.5.orig.tar.gz.asc 69f368db49f8b68432c91df209a059e1 291336 database optional mariadb_11.8.5-1.debian.tar.xz a2620e255dc9ca2bf19642b3444a3a82 13601 database optional mariadb_11.8.5-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEmbRSsR88dMO0U+RvvthEn87o2ogFAmkrNIsACgkQvthEn87o 2ogExw//VGzgMsB+YUkVY9qGCx60/YVKqHhOkJTz1STYYo5NUpsOgQkbMoT62NK9 LhZvd6Xt45IuMYR7mL60VXwiJY5kew63gNablvmqXnRThLSligFe0XrEytr1NSvp JlycV6mEd1jkvolPPjaWrXgCJqIchVJDwE+8tdQVFzzftELhUwZ0EZ/QQzGir0Ho sjsAzZOyy98ClI3o9jIPOTh5RX2T6NDvOjFTn7xmVcUP+piNpXv8lLEOs8HcycYU jQOg2AKM3yF+T+b0l809pgOSlXUM6YHY74x1FkI8BQYnum36TRqmMHo/88VuCGoH 3NGGmdLfRI7ZLm9Q9CUbjYGFdX7PPhHljIOerzDOn24LACw0mVgFZUwas0RFR/aq gR1EgpqH4Bby5lj5Fe0meQHH4IBOekXUYW7a0THIqFgENpBA2de+U0pD0ki/xfFR 5N4aoGUFHLcznLZky2sQEZLS9aq/6i4dqw5gPeXRSUkiYdZLwH5Y3woeP6DsSD3v uCwqBhKSR0uZXmjvvYj+jjzWsZakjYQU7YxLGpDwx3F1HBoSLI7rELDv/KikiqQ6 6Lv108sBd/y81svLe0aGHcwiBold+UbbvR7ljJNbajccYJsYz3sPfUkGwnJ/cVn1 hoc6m6RCe/5JtVyH+J4zRSQFjz/8yFSQyykvkLWJPAMxxBdRNSA= =ChK3 -----END PGP SIGNATURE-----
Otto, et al, MYSQLD_OPTS and _WSREP_NEW_CLUSTER. On a testing -> unstable system: $ sudo apt install mariadb-server=1:11.8.5-1 ... $ journalctl -u mariadb -p 4 --no-pager Nov 30 01:29:00 debian (mariadbd)[3411]: mariadb.service: Referenced but unset environment variable evaluates to an empty string: MYSQLD_OPTS, _WSREP_NEW_CLUSTER I'll try to submit a PR upstream. Thank you! Daniel Lewart Urbana, Illinois