maria-discuss team mailing list archive

[Reindl Harald <h.reindl@xxxxxxxxxxxxx>]

Am 17.04.2017 um 21:59 schrieb Sergei Golubchik:
> Hi, Daniel!
>
> On Apr 10, Daniel Black wrote:
> > Quick proof of concept logrotate that hasn't really been changed in a while.
> >
> > The aim is to get this closer to a state for distro maintainers to use
> > directly.
> >
> > By using a dedicated SQL user this shouldn't conflict with an existing
> > user root user (which users always use despite the ability create other
> > users with SUPER privs). As users will occasional change the password on
> > the root without taking into account that logrotate typically uses the
> > same user. Relying on users to update /root/.my.cnf is unreliable.
> > Giving selinux permissions to allow logrotate read files under /root is
> > also a little excessive.
> >
> > Using a dedicated mysqladmin.logrotate this won't conflict with existing
> > mysqladmin group.
>
> 1. What user logrotate is normally run as?

on typical machines as root

> 2. Does logrotate really need to connect to mysqld do issue "FLUSH"?
> Why not send SIGHUP instead? This needs no user and no password

that's what typical logrotate snippets do when supported by the daemon

[root@srv-rhsoft:/etc/logrotate.d]$ cat preload
/var/log/preload.log {
    missingok
    notifempty
    size=64k
    compress
    postrotate
        /bin/kill -HUP `/sbin/pidof preload 2>/dev/null` 2> /dev/null 
|| true
    endscript
}