MySQL Server 5.7 won't start and error log isn't being populated

Question

I recently installed MySQL Server 5.7 on Ubuntu 14.04 (through ansible using this role to be specific). It started up fine when first installed, but when I try to restart it, it just hangs forever:

sudo service mysql restart
 * Stopping MySQL Community Server 5.7.13
 * MySQL Community Server 5.7.13 is already stopped
 * Re-starting MySQL Community Server 5.7.13
.................................................................................................................................................................................... 
 * MySQL Community Server 5.7.13 did not start. Please check logs for more details.

To make matters worse, no error logs seem to get populated anywhere (I've checked /var/log/mysql/ and /var/log/mysql.err).

Running in verbose mode (sudo /usr/sbin/mysqld --user=mysql --verbose) also gives me nothing.

Where can I look to diagnose this?

Answer 1

I had this exact problem as well, I hope my solution fixes your issues.

When I installed MySQL 5.7 manually it ran correctly, but with the Ansible role it would not start. The mysql log files were of no help. Checking /var/log/syslog however I found many messages from AppArmor:

Aug 10 18:50:05 vagrant-ubuntu-trusty-64 kernel: [ 4446.790627] type=1400 audit(1470855005.470:40): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld" name="/var/log/mysql.err" pid=13991 comm="mysqld" requested_mask="c" denied_mask="c" fsuid=109 ouid=109

AppArmor was denying access to the /var/log/mysql.err file because its policy for mysqld does not allow files to be written to /var/log/, just /var/log/mysql/. The AppArmor policy for mysql is at /etc/apparmor.d/usr.sbin.mysqld. The section of the policy that deals with log file access shows:

# Allow log file access
  /var/log/mysql/ r,
  /var/log/mysql/** rw,

This basically says that AppArmor expects log files to be written to /var/log/mysql with no provisions for /var/log. Since it sees mysql trying to write outside the directories inside the policy it shuts you down. There are several solutions to this, including adding a new policy to let mysql write files to /var/log, but I found it easiest to update the Ansible variables dealing with log files.

In the default variables for the geerlingguy.mysql role two log file pointers are set:

mysql_slow_query_log_file: /var/log/mysql-slow.log
mysql_log_error: /var/log/mysql.err

I override these defaults and move them to /var/log/mysql instead:

mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log
mysql_log_error: /var/log/mysql/mysql.err

Now AppArmor is happy, and mysql starts and runs just fine. The rest of my playbook completes normally.

For more information on AppArmor and MySQL, this page provides a discussion and alternate solutions: https://blogs.oracle.com/jsmyth/entry/apparmor_and_mysql