Solution apparmor=”DENIED” operation=”open” profile=”/usr/sbin/mysqld”

Once optimizing one of the servers, I executed the command:

dmesg

And I saw the following messages:

audit: type=1400 audit(1542000766.356:9): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/10730/status" pid=10730 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=109 ouid=109
audit: type=1400 audit(1542000766.356:10): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/sys/devices/system/node/" pid=10730 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=109 ouid=0
audit: type=1400 audit(1542000766.356:11): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/proc/10730/status" pid=10730 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=109 ouid=109

Judging by the reports, apparmor blocked access to the MySQL server process to some necessary objects, but at the same time MySQL server started and worked successfully.

To solve the problem, the configuration file in a text editor:

nano /etc/apparmor.d/usr.sbin.mysqld

And immediately after:

/usr/sbin/mysqld {

Add (at the beginning of each line two spaces):

  /proc/*/status r,
  /sys/devices/system/node/ r,
  /sys/devices/system/node/node*/meminfo r,

After that, restart apparmor:

service apparmor reload

After that, these messages in dmesg are no longer seen.

Did my article help you? How about buying me a cup of coffee as an encouragement? Buy me a coffe.

Leave a comment

Leave a Reply