mysql8 offset

[william0106]

mysql error log : 2022-09-10T11:47:39.403582+08:00 7 [Note] [MY-000000] [Server] Trellix Audit Plugin: Failed to compute offsets connect_attrs. pfs [0x7f902bdbb500], connect_attrs [0x7f90200688c0], connect_attrs_length [0], con nect_attrs_cs [(nil)]

so I compute offsets , but : ./offset-extract.sh /usr/local/mysql/bin/mysqld
//offsets for: /usr/local/mysql/bin/mysqld (8.0.28) {"8.0.28","d22ccc1a402f228aa3f2701a70a84d1e"offsets.gdb:7: Error in sourced command file: No symbol table is loaded. Use the "file" command.,

How to solve ?

[spihiker]

Me too.But my mysql version is 8.0.30.

//offsets for: /opt/mysql/bin/mysqld (8.0.30) {"8.0.30","6ef7c54f69b7aba1549c7b5cc7cafefe"offsets.gdb:7: Error in sourced command file: No symbol "size_t" in current context.,

[DaniellaTopanov]

I have the same issue. //offsets for: /usr/sbin/mysqld (8.0.30) {"8.0.30","6b964a2026b0508f5e33537dfab3b64a"offsets.gdb:7: Error in sourced command file: No symbol table is loaded. Use the "file" command.,

Has anyone been able to install the audit?

You need to disable the SElinux, after that make sure that the audit file has the execute permission. Than upload the audit.

If you see an error like 'Client does not support authentication protocol' run the next query in MySQL server: ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password'; (the user that you've created for alternative connection) then

flush privileges;

then the monitoring will start.

[WalterZhangYTTXG]

I have the same error in //offsets for: /usr/sbin/mysqld (8.0.26). So, I installed the debug symbols packages (# dpkg -i mysql-community-server-core-dbgsym_8.0.26-1debian10_amd64.deb). You should use the same version as the mysql version. You can find out all of the packages for the debian in https://repo.mysql.com/apt/debian/pool/mysql-8.0/m/mysql-community/

However, still have some errors. [Warning] [MY-000080] [Server] option 'audit-json-file-bufsize': signed value 0 adjusted to 1. [Warning] [MY-000080] [Server] option 'plugin-audit-json-file-bufsize': signed value 0 adjusted to 1. [ERROR] [MY-000000] [Server] Trellix Audit Plugin: unable to init compatibility layer. Aborting. [ERROR] [MY-010202] [Server] Plugin 'AUDIT' init function returned error. [ERROR] [MY-010734] [Server] Plugin 'AUDIT' registration as a AUDIT failed. …… [ERROR] [MY-000067] [Server] unknown variable 'audit_offsets=8504,……

[hongdongjian]

mysql error log : 2022-09-10T11:47:39.403582+08:00 7 [Note] [MY-000000] [Server] Trellix Audit Plugin: Failed to compute offsets connect_attrs. pfs [0x7f902bdbb500], connect_attrs [0x7f90200688c0], connect_attrs_length [0], con nect_attrs_cs [(nil)]

so I compute offsets , but : ./offset-extract.sh /usr/local/mysql/bin/mysqld //offsets for: /usr/local/mysql/bin/mysqld (8.0.28) {"8.0.28","d22ccc1a402f228aa3f2701a70a84d1e"offsets.gdb:7: Error in sourced command file: No symbol table is loaded. Use the "file" command.,

How to solve ?

Have you solved it?

[hongdongjian]

Me too.But my mysql version is 8.0.30.

//offsets for: /opt/mysql/bin/mysqld (8.0.30) {"8.0.30","6ef7c54f69b7aba1549c7b5cc7cafefe"offsets.gdb:7: Error in sourced command file: No symbol "size_t" in current context.,

Have you solved it?

[WalterZhangYTTXG]

Me too.But my mysql version is 8.0.30. //offsets for: /opt/mysql/bin/mysqld (8.0.30) {"8.0.30","6ef7c54f69b7aba1549c7b5cc7cafefe"offsets.gdb:7: Error in sourced command file: No symbol "size_t" in current context.,

Have you solved it?

What Linux distribution do you use? It looks like you were installed with compile? I only solved the offsets error by install mysql-community-server-core-dbgsym package. And plugin still can't work.

[sipudi]

5.15.0-126-generic https://github.com/trellix-enterprise/mysql-audit/issues/136~20.04.1-Ubuntu SMP Thu Nov 14 16:38:05 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
mysql Ver 8.0.21 for Linux on x86_64 (MySQL Community Server - GPL)
audit-plugin-mysql-8.0-1.1.7-913

nhga@virtual-machine:/audit-plugin-mysql-8.0-1.1.7-913/utils$ ls gdb.txt offset-extract.sh offsets.gdb nhga@virtual-machine:/audit-plugin-mysql-8.0-1.1.7-913/utils$ cat gdb.txt {"8.0.21","2175a50638e1d8b15504935d3be3eb8f"offsets.gdb:7: Error in sourced command file: No symbol table is loaded. Use the "file" command.