← Back to team overview

maria-discuss team mailing list archive

Re: logrotate


Hi, Daniel!

On Apr 18, Daniel Black wrote:
> > 1. What user logrotate is normally run as?
> root

So, unix_socket plugin is an option.

In fact, as I realize now (all to late), it's always an option, even if
logrotate would be using a special "logrotate" user, we could've still
created "logrotate" user in MariaDB and grant it RELOAD privilege.

But "root" makes it easier, of course.

>  > 2. Does logrotate really need to connect to mysqld do issue "FLUSH"?
> >    Why not send SIGHUP instead? This needs no user and no password.
> I hadn't considered that:
> https://github.com/MariaDB/server/blob/10.1/sql/mysqld.cc#L3440..L3466
> Looks a little too invasive hitting binary logs, relay logs, host,
> grant, threads.

Yes, but once a week?
I'm not a DBA, I don't know if that's acceptable.

> However another signal like USR1 could be used for a more minimal log
> rotate. Acceptable?

I wanted to reuse existing server functionality, to avoid coding
something new in the server for the sake of logrotate.

But if SIGHUP is too heavy, than yes, USR1 could be an option.

Chief Architect MariaDB
and security@xxxxxxxxxxx