问题
I have an issue trying to use SELECT INTO OUTFILE and using a directory other than /tmp.
My Linux user is named datam, my MySQL user is lea, and MySQL runs as mysql.
When datam runs mysql -u lea database and tries to do a SELECT INTO OUTFILE with a path of /home/datam/xfers/online/file.csv, I get an error code 13, permission denied. Using /tmp/file.csv works, so I'm fairly confident it is not an issue with permissions within MySQL.
I've added mysql to the datam group and have verified this with:
~$ sudo id mysql
uid=106(mysql) gid=114(mysql) groups=114(mysql),1001(datam)
I have /home/datam/ set as 775 recursively.
If I do sudo -u mysql /bin/bash and go to /home/datam/xfers/online/ and do touch file it writes a file.
What do I need to do to allow mysql to write a file from SELECT INTO OUTFILE?
I believe this is not a duplicate of other questions surrounding this subject, because I've looked at them and followed all of their instructions (setting execute on all directories leading up to the one I want, setting GRANT FILE ON, etc).
MySQL user lea grants:
+-----------------------------------------------------------------------------------------------------------+
| Grants for lea@localhost |
+-----------------------------------------------------------------------------------------------------------+
| GRANT FILE ON *.* TO 'lea'@'localhost' IDENTIFIED BY PASSWORD '*9BB439A3A652A9DAD3718215F77A7AA06108A267' |
| GRANT ALL PRIVILEGES ON `database`.* TO 'lea'@'localhost' |
+-----------------------------------------------------------------------------------------------------------+
回答1:
This may be caused by mysql user permissions.
As stated here https://dba.stackexchange.com/questions/17029/cannot-output-mysql-data-to-file
To give yourself FILE privilege, do the following:
service mysql restart --skip-networking --skip-grant-tablesmysql <hit enter>UPDATE mysql.user SET File_priv = 'Y' WHERE user='lea' AND host='localhost';exitservice mysql restart
The linux user can write a file. But the mysql service may be blocked by apparmor.
Check this file: /etc/apparmor.d/usr.sbin.mysqld.
Add your project folder there:
/usr/sbin/mysqld {
[...]
/home/datam/xfers/online/ r,
/home/datam/xfers/online/* rw
[...]
}
Finally, do a
sudo /etc/init.d/apparmor reload
回答2:
On modern systems mariaDB & mysql gets installed with systemd support. Among other things, it has this setting in /etc/systemd/system/mysql.service:
Prevent accessing /home, /root and /run/user
ProtectHome=true
That's what stops it from writing in /home.
回答3:
I found that changing the owner of the directory to the same user as the mysql daemon worked for me.
来源:https://stackoverflow.com/questions/30359005/select-into-outfile-permission-denied-but-the-user-can-write-to-the-directory