* Matthew P Zagrabelny [Sun Dec 18, 2022 at 04:11:54PM -0600]: > Package: mariadb-server > Version: 1:10.5.18-0+deb11u1 > Severity: important > > Unattended upgrade upgraded mariadb this morning and now the service does not > start: > [...]
> Dec 18 15:25:36 mariadb-test-system systemd[1]: Starting MariaDB 10.5.18 > database server... > Dec 18 15:25:37 mariadb-test-system mariadbd[604]: 2022-12-18 15:25:37 0 > [Note] /usr/sbin/mariadbd (mysqld 10.5.18-MariaDB-0+deb11u1) starting as > process 604 ... > Dec 18 15:25:38 mariadb-test-system systemd[1]: mariadb.service: Main process > exited, code=exited, status=1/FAILURE > Dec 18 15:25:38 mariadb-test-system systemd[1]: mariadb.service: Failed with > result 'exit-code'. > Dec 18 15:25:38 mariadb-test-system systemd[1]: Failed to start MariaDB > 10.5.18 database server. Same here, check whether you have any non-existent SSL keys or alike referenced in your configuration, like: | [mysqld] | [...] | ssl = false | ssl-ca = /etc/mysql/cacert.pem | ssl-cert = /etc/mysql/server-cert.pem | ssl-key = /etc/mysql/server-key.pem | [...] So while it was even set to `ssl = false` on this system, it now fails with: | 2022-12-19 10:33:24 0 [ERROR] Failed to setup SSL | 2022-12-19 10:33:24 0 [ERROR] SSL error: SSL_CTX_set_default_verify_paths failed | 2022-12-19 10:33:24 0 [ERROR] Aborting (FTR, removing the ssl-ca/ssl-cert/ssl-key settings fixed it for me, those settings came from defaults of https://github.com/puppetlabs/puppetlabs-mysql so I'm sure more folks will be affected.) This used to be a warning only until and including mariadb version 1:10.5.15-0+deb11u1: | 2022-11-22 7:42:46 0 [Warning] Failed to setup SSL | 2022-11-22 7:42:46 0 [Warning] SSL error: SSL_CTX_set_default_verify_paths failed | 2022-11-22 7:42:46 0 [Warning] SSL error: error:02001002:system library:fopen:No such file or directory | 2022-11-22 7:42:46 0 [Warning] SSL error: error:2006D080:BIO routines:BIO_new_file:no such file | 2022-11-22 7:42:46 0 [Warning] SSL error: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib Now as of mariadb 1:10.5.18-0+deb11u1 (as present in bullseye as of the latest point release) this ends up as hard failure: | 2022-12-18 6:42:14 0 [ERROR] Failed to setup SSL | 2022-12-18 6:42:14 0 [ERROR] SSL error: SSL_CTX_set_default_verify_paths failed | 2022-12-18 6:42:14 0 [ERROR] Aborting Possibly related to the OpenSSL 3.0 support introduced with 10.5.17 (see https://mariadb.com/kb/en/mariadb-10517-release-notes/), but IMO this is a regression. regards -mika-
signature.asc
Description: PGP signature
