Introduction
ALWAYS start SQL Server engine on Linux with the account mssql.
mssql@vps$ sudo systemctl start|stop mssql-serverNEVER RUN directly the binary sqlservr as root, for example :
root@vps$ /opt/mssql/bin/sqlsrvrIndeed, the engine can not then restart normally with the user mssql.
mssql@vps$ sudo systemctl start mssql-server● mssql-server.service - Microsoft SQL Server Database Engine Loaded: loaded (/lib/systemd/system/mssql-server.service; disabled; vendor preset: enabled) Active: failed (Result: exit-code) since Fri 2019-05-31 18:57:06 CEST; 4min 7s ago Docs: https://docs.microsoft.com/en-us/sql/linux Process: 15259 ExecStart=/opt/mssql/bin/sqlservr (code=exited, status=1/FAILURE)
Diagnosing and troubleshooting the issue
SQL Server creates hidden binary system files (*.hiv) in the directory /var/opt/mssql/.system/system. Their usage is not documented.
mssql@vps$ ls -lrt /var/opt/mssql/.system/system-rw-r----- 1 mssql mssql 8192 May 31 18:44 licensing.hiv -rw-rw---- 1 mssql mssql 49152 May 31 15:40 security.hiv -rw-rw---- 1 mssql mssql 16384 May 31 15:40 lsa.hiv
When running inadvertently SQL Server as root, permissions are modified for these files :
mssql@vps$ ls -lrt /var/opt/mssql/.system/system-rw-r----- 1 mssql mssql 8192 Jun 6 18:44 licensing.hiv -rw-r----- 1 root root 49152 Jun 18 18:59 security.hiv -rw-r----- 1 root root 16384 Jun 18 18:59 lsa.hiv
That’s why, at the next startup, SQL Server engine does not start, the user mssql is not allowed to read/write these *.hiv files.
The information is available in the crash dump files generated :
Reason: 0x00000007
Status: 0xc0000218
Message: Cannot open or read the persistent registry: \SystemRoot\security.hiv.
By default crash dump files are located in the directory /var/opt/mssql/log/, otherwise in the directory specified with
the directive defaultdumpdir in the configuration file /var/opt/mssql/mssql.conf.
mssql@vps$ /opt/mssql/bin/mssql-conf get filelocation defaultdumpdirdefaultdumpdir : /opt/mssql/dba/srvmssql/crashdump
So, as root, reset the owner for these files to mssql :
root@vps$ cd /var/opt/mssql/.system/system
root@vps$ chown mssql:mssql security.hiv
root@vps$ chown mssql:mssql lsa.hivUnfortunately, the service mssql-server still does not start. Same issue than the one with the *.hiv files,
ensure that the owner of the SQL Server and SQL Server agent log files is not root (default directory /var/opt/mssql/log) :
-rw-r----- 1 root root 14357 May 31 19:50 errorlog
-rw-r----- 1 root root 6694 May 31 19:50 sqlagent.logWhen attempting to recycle error log files, the error "Access is denied" is encountered by the engine and the engine shutdowns. To check that’s the case, as mssql :
mssql@vps$ /opt/mssql/bin/sqlservr2019-05-31 21:04:22.58 Server Error: 17058, Severity: 16, State: 1. 2019-05-31 21:04:22.58 Server initerrlog: Could not open error log file '/opt/mssql/dba/srvmssql/log/errorlog'. Operating system error = 5(Access is denied.). 2019-05-31 21:04:22.88 Server Error: 17058, Severity: 16, State: 1. 2019-05-31 21:04:22.88 Server initerrlog: Could not open error log file '/opt/mssql/dba/srvmssql/log/errorlog'. Operating system error = 5(Access is denied.).
As root, modify the owner of the impacted error log files to mssql :
root@vps$ chown mssql:mssql errorlog
root@vps$ chown mssql:mssql sqlagent.logNow the service mssql-server starts successfully :
mssql@vps$ sudo systemctl start mssql-server mssql@vps$ systemctl status mssql-server● mssql-server.service - Microsoft SQL Server Database Engine Loaded: loaded (/lib/systemd/system/mssql-server.service; disabled; vendor preset: enabled) Active: active (running) since Fri 2019-05-31 22:33:28 CEST; 1min 31s ago
Conclusion
Is there any need of a conclusion ? Obvious conclusion : use root connections only when necessary and close these connections
as soon as they are not needed anymore.