ExampleConfig logo

/etc/apparmor.d/usr.sbin.mysqld - Ubuntu 16.04 LTS (Xenial Xerus)

This is the default example configuration of usr.sbin.mysqld provided by MySQL. This config file was generated by MySQL running on Ubuntu 16.04.

It is located under: /etc/apparmor.d/usr.sbin.mysqld

    # vim:syntax=apparmor
# Last Modified: Tue Feb 09 15:28:30 2016
#include <tunables/global>

/usr/sbin/mysqld {
  #include <abstractions/base>
  #include <abstractions/nameservice>
  #include <abstractions/user-tmp>
  #include <abstractions/mysql>
  #include <abstractions/winbind>

# Allow system resource access
  /proc/*/status r,
  /sys/devices/system/cpu/ r,
  /sys/devices/system/node/ r,
  /sys/devices/system/node/** r,
  capability sys_resource,
  capability dac_override,
  capability dac_read_search,
  capability setuid,
  capability setgid,

# Allow network access
  network tcp,

  /etc/hosts.allow r,
  /etc/hosts.deny r,

# Allow config access
  /etc/mysql/** r,

# Allow pid, socket, socket lock file access
  /var/run/mysqld/mysqld.pid rw,
  /var/run/mysqld/mysqld.sock rw,
  /var/run/mysqld/mysqld.sock.lock rw,
  /run/mysqld/mysqld.pid rw,
  /run/mysqld/mysqld.sock rw,
  /run/mysqld/mysqld.sock.lock rw,

# Allow systemd notify messages
  /{,var/}run/systemd/notify w,

# Allow execution of server binary
  /usr/sbin/mysqld mr,
  /usr/sbin/mysqld-debug mr,

# Allow plugin access
  /usr/lib/mysql/plugin/ r,
  /usr/lib/mysql/plugin/*.so* mr,

# Allow error msg and charset access
  /usr/share/mysql/ r,
  /usr/share/mysql/** r,

# Allow data dir access
  /var/lib/mysql/ r,
  /var/lib/mysql/** rwk,

# Allow data files dir access
  /var/lib/mysql-files/ r,
  /var/lib/mysql-files/** rwk,

# Allow keyring dir access
  /var/lib/mysql-keyring/ r,
  /var/lib/mysql-keyring/** rwk,

# Allow log file access
  /var/log/mysql.err rw,
  /var/log/mysql.log rw,
  /var/log/mysql/ r,
  /var/log/mysql/** rw,

# Allow read access to OpenSSL config
  /etc/ssl/openssl.cnf r,
  # Site-specific additions and overrides. See local/README for details.
  #include <local/usr.sbin.mysqld>
}

Config Details

Location
/etc/apparmor.d/usr.sbin.mysqld
Operating system
Ubuntu 16.04 LTS (Xenial Xerus)
Length
77 lines
MD5 checksum
7faefe6d3d191f1e9ec1094ac8e0b159
Tags
MySQL Ubuntu 16.04

Usage

Download the raw file with wget or curl

Wget

wget -O usr.sbin.mysqld.example http://exampleconfig.com/static/raw/mysql/ubuntu16.04/etc/apparmor.d/usr.sbin.mysqld

cURL

curl http://exampleconfig.com/static/raw/mysql/ubuntu16.04/etc/apparmor.d/usr.sbin.mysqld > usr.sbin.mysqld.example

Related Configs

Other config files you might find useful