我现在已经努力了 2 个晚上才能让 load_file() 工作,但结果为 NULL。我运行版本“5.6.19-0ubuntu0.14.04.1”。
例子:
mysql> show variables like '%secure%';
+------------------+-------------+
| Variable_name | Value |
+------------------+-------------+
| secure_auth | ON |
| secure_file_priv | /root/load/ |
+------------------+-------------+
mysql> show variables like 'max_allowed%';
+--------------------+----------+
| Variable_name | Value |
+--------------------+----------+
| max_allowed_packet | 16777216 |
+--------------------+----------+
mysql> desc xmlDocs;
+-------------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------------+-------------+------+-----+---------+-------+
| fileName | varchar(30) | NO | PRI | NULL | |
| server | varchar(20) | NO | | NULL | |
| doc_content | blob | NO | | NULL | |
+-------------+-------------+------+-----+---------+-------+
mysql> insert into xmlDocs values ('test','test',load_file('/root/load/test.xml'));
ERROR 1048 (23000): Column 'doc_content' cannot be null
文件权限:
drwxrwxr-x 5 mysql mysql 4096 Nov 24 08:18 .
drwx------ 6 root root 4096 Nov 24 08:33 ..
drwxr--r-- 5 root root 4096 Nov 22 16:24 EU1
drwxr--r-- 5 root root 4096 Nov 22 16:26 server
-rwxrwxrwx 1 mysql mysql 83440 Nov 24 08:18 test.xml
drwxr--r-- 5 root root 4096 Nov 22 16:24 US1
检查:
- MySql 已执行,甚至拥有该目录
- mysql ows文件
- 数据库用户 = 根
- 文件大小 < max_allowed_packets
- 设置了安全文件私有
- 我没有apparmor运行
如果不设置secure-file-priv,它可以毫不费力地读取/etc/passwd 等非重要数据:P。我也可以从“/”导入,但无处可去。设置secure-file-priv时,我只能从“/”让它工作!
相同的文件,没有安全文件私有集:
mysql> insert into xmlDocs values ('test','test',load_file("/root/load/test.xml"));
ERROR 1048 (23000): Column 'doc_content' cannot be null
mysql> insert into xmlDocs values ('test','test',load_file("/etc/test.xml"));
Query OK, 1 row affected (0.00 sec)
有任何想法吗?