Set strict permission on mariadb data dir

For security reasons, strict access permission is given to
the mariadb data directory /var/lib/mysql

Change-Id: I9e55a7e564d66874a35a54a72817fa1237a162e9
This commit is contained in:
Huang, Sophie (sh879n) 2021-03-24 18:02:02 +00:00
parent b3888df131
commit 6eec615b39
3 changed files with 7 additions and 6 deletions

View File

@ -15,7 +15,7 @@ apiVersion: v1
appVersion: v10.2.31
description: OpenStack-Helm MariaDB
name: mariadb
version: 0.1.11
version: 0.1.12
home: https://mariadb.com/kb/en/
icon: http://badges.mariadb.org/mariadb-badge-180x60.png
sources:

View File

@ -115,11 +115,11 @@ spec:
{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ dict "envAll" $envAll "application" "server" "container" "perms" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- chown
- -R
- "mysql:mysql"
- /var/lib/mysql
command: ["/bin/sh", "-c"]
args:
- set -xe;
/bin/chown -R "mysql:mysql" /var/lib/mysql;
/bin/chmod 700 /var/lib/mysql;
volumeMounts:
- name: pod-tmp
mountPath: /tmp

View File

@ -12,4 +12,5 @@ mariadb:
- 0.1.9 Uplift Mariadb-ingress to 0.42.0
- 0.1.10 Rename mariadb backup identities
- 0.1.11 Disable mariadb mysql history client logging
- 0.1.12 Set strict permission on mariadb data dir
...