select FQQ,FScoreCount from Tbl_User into outfile "/tmp/terminatedtest.txt" fields terminated by ",";
select * from test into outfile '/home/user/test.txt'
在linux(centos)下 ,啟動(dòng)了mysql 并給用戶(hù)文件讀寫(xiě)的權(quán)利
grant file on *.* to root@localhost;
在linux系統(tǒng)上,目錄的權(quán)限全部是 rwxrwxrwx
chmod 777 ...
/home/user/test
drwxrwxrwx 4 root root 4096 Sep 3 18:42 home
drwxrwxrwx 10 mapuser mapuser 4096 Sep 4 03:41 user
drwxrwxrwx 5 mapuser mapuser 4096 Sep 3 17:57 test
在mysql下輸入
select * from test into outfile '/home/user/test.txt'
出現(xiàn)錯(cuò)誤信息:
ERROR 1 (HY000): Can't create/write to file '/home/user/test.txt' (Errcode: 13)
當(dāng)時(shí)如果是tmp目錄的話(huà)就不會(huì)有這個(gè)錯(cuò)誤
select * from test into outfile '/tmp/test.txt'
Query OK, 0 rows test(0.00 sec)
難道只能是tmp目錄嗎?
有什么地方可以修改的嗎?
后來(lái)吧home的所有者改成了mysql
drwxrwxrwx 5 mysql mysql 4096 Sep 4 10:08 home
select * from test into outfile '/home/test.txt'
ERROR 1 (HY000): Can't create/write to file '/home/test.txt' (Errcode: 13)
也是同樣出錯(cuò)。
這個(gè)有什么辦法可以寫(xiě)入home目錄下面嗎?或者其他什么目錄,只要不是tmp目錄,有人說(shuō)先寫(xiě)入tmp目錄,再cp到想要的
目錄,這樣做是可以,不過(guò)比較麻煩,文件比較大,2-3G呢,
修改mysql的配置能實(shí)現(xiàn)嗎?還是修改文件的權(quán)限,這個(gè)是什么問(wèn)題呢?
select * from test into outfile '/tmp/test.txt'
Query OK, 0 rows test(0.00 sec)
看一下產(chǎn)生的這個(gè)文件的owner 是誰(shuí)。
[root@localhost /]# ls -l
drwxrwxrwx 4 root root 4096 9月 4 21:03 home
drwxrwxrwt 10 root root 4096 9月 4 21:03 tmp
[root@localhost /]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 27
Server version: 5.1.14-beta MySQL Community Server (GPL)
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> select user from user;
+--------+
| user |
+--------+
| system |
| root |
+--------+
2 rows in set (0.03 sec)
mysql> select user from user into outfile '/home/test.txt';
Query OK, 2 rows affected (0.02 sec)
[root@localhost home]# ls -l
-rw-rw-rw- 1 mysql mysql 12 9月 4 21:12 test.txt
[root@localhost home]# cat /home/test.txt
system
root
select * from test into outfile '/home/test.txt'
ERROR 1 (HY000): Can't create/write to file '/home/test.txt' (Errcode: 13)
------------------------
從Errcode: 13來(lái)看是沒(méi)權(quán)限
你執(zhí)行上面語(yǔ)句時(shí),是用什么用戶(hù)執(zhí)行的呢?檢查下這個(gè)用戶(hù)是否有權(quán)限吧
估計(jì)和權(quán)限沒(méi)關(guān)系,因?yàn)橐呀?jīng)是777了。
看看是不是selinux打開(kāi)了,如果沒(méi)什么特別需要的話(huà),關(guān)了為好。
非root用戶(hù),在mysql下執(zhí)行的select * from test into outfile '/home/user/test.txt'
select * from test into outfile '/home/user/test.txt'該語(yǔ)句產(chǎn)生的文件是
-rw-rw-rw- 1 mysql mysql 12 9月 4 21:12 test.txt
mysql組的mysql用戶(hù)的。
貌似和權(quán)限沒(méi)什么關(guān)系,我用root用戶(hù)登陸系統(tǒng),執(zhí)行mysql的語(yǔ)句,其結(jié)果還是一樣,寫(xiě)入/home目錄時(shí)
select * from test into outfile '/home/test.txt'
ERROR 1 (HY000): Can't create/write to file '/home/test.txt' (Errcode: 13)
還是有這個(gè)問(wèn)題。
selinux會(huì)阻止其他程序?qū)懭氩僮鳎浚?br />具體怎么改變一下selinx的配置呢
我理清是什么問(wèn)題了。
在red hat系列的linux中selinux對(duì)哪些daemon可以進(jìn)行怎么樣的操作是有限制的,mysql的select into outfile的命令是mysql的daemon來(lái)負(fù)責(zé)寫(xiě)文件操作的。寫(xiě)文件之前當(dāng)然要具有寫(xiě)文件的權(quán)限。而selinux對(duì)這個(gè)權(quán)限做了限制。如果 selinux是關(guān)閉的吧,這個(gè)命令執(zhí)行是沒(méi)有問(wèn)題的
mysql> select user from user into outfile '/home/test.txt';
Query OK, 2 rows affected (0.02 sec)
當(dāng)時(shí)selinux開(kāi)啟時(shí)
selinux對(duì)mysql的守護(hù)進(jìn)程mysqld進(jìn)行了限制。
mysql> select user from user into outfile '/home/test.txt';
ERROR 1 (HY000): Can't create/write to file '/home/test.txt' (Errcode: 13)
出現(xiàn)了沒(méi)有權(quán)限寫(xiě)的error。
解決方法,可以關(guān)閉selinux。
可以在/etc/selinux中找到config
root用戶(hù),
shell>vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=enforcing
修改SELINUX=disabled關(guān)閉selinux就可以了,這個(gè)問(wèn)題就可以解決了。
不過(guò)全部關(guān)閉SELINUX有帶來(lái)一些安全問(wèn)題。
當(dāng)然也可以,單獨(dú)給mysql的守護(hù)進(jìn)程權(quán)限,
shell>getsebool -a可以查看當(dāng)前的對(duì)系統(tǒng)一系列守護(hù)進(jìn)程的權(quán)限情況。
lpd_disable_trans --> off
mail_read_content --> off
mailman_mail_disable_trans --> off
mdadm_disable_trans --> off
mozilla_read_content --> off
mysqld_disable_trans --> off
nagios_disable_trans --> off
named_disable_trans --> off
named_write_master_zones --> off
nfs_export_all_ro --> on
nfs_export_all_rw --> on
nfsd_disable_trans --> off
nmbd_disable_trans --> off
nrpe_disable_trans --> off
shell>setsebool -P mysqld_disable_trans=1
開(kāi)啟對(duì)mysql守護(hù)進(jìn)程的權(quán)限,這樣
mysql> select user from user into outfile '/home/test.txt';
寫(xiě)入到自定義的目錄就沒(méi)有問(wèn)題了。
-P表示 是永久性設(shè)置,否則重啟之后又恢復(fù)預(yù)設(shè)值。
getsebool setsebool命令在root用戶(hù)下有權(quán)限。
除了對(duì)selinux的權(quán)限,當(dāng)然首先要保證該目錄擁有讀寫(xiě)權(quán)限。
在ubuntu下 ,可以對(duì)AppArmor(/etc/apparmor.d/usr.sbin.mysqld) 修改,類(lèi)似selinux。
添加/etc/squid/lists/eighties.txt w,類(lèi)似。