mirror of
https://github.com/gentoo-mirror/gentoo.git
synced 2025-12-22 21:37:35 -08:00
44 lines
1.0 KiB
Desktop File
44 lines
1.0 KiB
Desktop File
[Unit]
|
|
Description=MySQL database server
|
|
ConditionPathExists=/etc/mysql/my%I.cnf
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=mysql
|
|
Group=mysql
|
|
|
|
# Note: we set --basedir to prevent probes that might trigger SELinux alarms,
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=547485
|
|
ExecStart=/usr/sbin/mysqld --defaults-file=/etc/mysql/my%I.cnf --basedir=/usr
|
|
ExecStartPost=/usr/libexec/mysqld-wait-ready $MAINPID
|
|
|
|
# Give a reasonable amount of time for the server to start up/shut down
|
|
TimeoutSec=300
|
|
|
|
# Restart crashed server only, on-failure would also restart, for example, when
|
|
# my.cnf contains unknown option
|
|
Restart=on-abort
|
|
RestartSec=5s
|
|
|
|
# Place temp files in a secure directory, not /tmp
|
|
PrivateTmp=true
|
|
|
|
# To allow memlock to be used as non-root user if set in configuration
|
|
CapabilityBoundingSet=CAP_IPC_LOCK
|
|
|
|
# Prevent writes to /usr, /boot, and /etc
|
|
ProtectSystem=full
|
|
|
|
NoNewPrivileges=true
|
|
|
|
PrivateDevices=true
|
|
|
|
# Prevent accessing /home, /root and /run/user
|
|
ProtectHome=true
|
|
|
|
UMask=007
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|