Open william0106 opened 2 years ago
spihiker
commented
2 years ago Me too.But my mysql version is 8.0.30.
//offsets for: /opt/mysql/bin/mysqld (8.0.30) {"8.0.30","6ef7c54f69b7aba1549c7b5cc7cafefe"offsets.gdb:7: Error in sourced command file: No symbol "size_t" in current context.,
DaniellaTopanov
commented
2 years ago I have the same issue. //offsets for: /usr/sbin/mysqld (8.0.30) {"8.0.30","6b964a2026b0508f5e33537dfab3b64a"offsets.gdb:7: Error in sourced command file: No symbol table is loaded. Use the "file" command.,
You need to disable the SElinux, after that make sure that the audit file has the execute permission. Than upload the audit.
If you see an error like 'Client does not support authentication protocol' run the next query in MySQL server: ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password'; (the user that you've created for alternative connection) then
flush privileges;
then the monitoring will start.
WalterZhangYTTXG
commented
1 year ago I have the same error in //offsets for: /usr/sbin/mysqld (8.0.26). So, I installed the debug symbols packages (# dpkg -i mysql-community-server-core-dbgsym_8.0.26-1debian10_amd64.deb). You should use the same version as the mysql version. You can find out all of the packages for the debian in https://repo.mysql.com/apt/debian/pool/mysql-8.0/m/mysql-community/
However, still have some errors.
[Warning] [MY-000080] [Server] option 'audit-json-file-bufsize': signed value 0 adjusted to 1.
[Warning] [MY-000080] [Server] option 'plugin-audit-json-file-bufsize': signed value 0 adjusted to 1.
[ERROR] [MY-000000] [Server] Trellix Audit Plugin: unable to init compatibility layer. Aborting.
[ERROR] [MY-010202] [Server] Plugin 'AUDIT' init function returned error.
[ERROR] [MY-010734] [Server] Plugin 'AUDIT' registration as a AUDIT failed.
……
[ERROR] [MY-000067] [Server] unknown variable 'audit_offsets=8504,……
hongdongjian
commented
1 year ago mysql error log : 2022-09-10T11:47:39.403582+08:00 7 [Note] [MY-000000] [Server] Trellix Audit Plugin: Failed to compute offsets connect_attrs. pfs [0x7f902bdbb500], connect_attrs [0x7f90200688c0], connect_attrs_length [0], con nect_attrs_cs [(nil)]
so I compute offsets , but : ./offset-extract.sh /usr/local/mysql/bin/mysqld //offsets for: /usr/local/mysql/bin/mysqld (8.0.28) {"8.0.28","d22ccc1a402f228aa3f2701a70a84d1e"offsets.gdb:7: Error in sourced command file: No symbol table is loaded. Use the "file" command.,
How to solve ?
Have you solved it?
hongdongjian
commented
1 year ago Me too.But my mysql version is 8.0.30.
//offsets for: /opt/mysql/bin/mysqld (8.0.30) {"8.0.30","6ef7c54f69b7aba1549c7b5cc7cafefe"offsets.gdb:7: Error in sourced command file: No symbol "size_t" in current context.,
Have you solved it?
WalterZhangYTTXG
commented
1 year ago Me too.But my mysql version is 8.0.30. //offsets for: /opt/mysql/bin/mysqld (8.0.30) {"8.0.30","6ef7c54f69b7aba1549c7b5cc7cafefe"offsets.gdb:7: Error in sourced command file: No symbol "size_t" in current context.,
Have you solved it?
What Linux distribution do you use? It looks like you were installed with compile? I only solved the offsets error by install mysql-community-server-core-dbgsym package. And plugin still can't work.
mysql error log : 2022-09-10T11:47:39.403582+08:00 7 [Note] [MY-000000] [Server] Trellix Audit Plugin: Failed to compute offsets connect_attrs. pfs [0x7f902bdbb500], connect_attrs [0x7f90200688c0], connect_attrs_length [0], con nect_attrs_cs [(nil)]
so I compute offsets , but : ./offset-extract.sh /usr/local/mysql/bin/mysqld
//offsets for: /usr/local/mysql/bin/mysqld (8.0.28) {"8.0.28","d22ccc1a402f228aa3f2701a70a84d1e"offsets.gdb:7: Error in sourced command file: No symbol table is loaded. Use the "file" command.,
How to solve ?