maria-discuss team mailing list archive

Thread
Date

Re: logrotate

To: Daniel Black <daniel.black@xxxxxxxxxxx>
From: Sergei Golubchik <serg@xxxxxxxxxxx>
Date: Tue, 18 Apr 2017 01:32:30 +0200
Cc: maria-discuss@xxxxxxxxxxxxxxxxxxx
In-reply-to: <ac8c6a39-4bff-cf84-d58e-24ade43c6a41@au1.ibm.com>
User-agent: Mutt/1.5.24 (2015-08-30)

Hi, Daniel!

On Apr 18, Daniel Black wrote:
> > 1. What user logrotate is normally run as?
> root

So, unix_socket plugin is an option.

In fact, as I realize now (all to late), it's always an option, even if
logrotate would be using a special "logrotate" user, we could've still
created "logrotate" user in MariaDB and grant it RELOAD privilege.

But "root" makes it easier, of course.

>  > 2. Does logrotate really need to connect to mysqld do issue "FLUSH"?
> >    Why not send SIGHUP instead? This needs no user and no password.
> 
> I hadn't considered that:
> 
> https://github.com/MariaDB/server/blob/10.1/sql/mysqld.cc#L3440..L3466
> 
> Looks a little too invasive hitting binary logs, relay logs, host,
> grant, threads.

Yes, but once a week?
I'm not a DBA, I don't know if that's acceptable.

> However another signal like USR1 could be used for a more minimal log
> rotate. Acceptable?

I wanted to reuse existing server functionality, to avoid coding
something new in the server for the sake of logrotate.

But if SIGHUP is too heavy, than yes, USR1 could be an option.

Regards,
Sergei
Chief Architect MariaDB
and security@xxxxxxxxxxx

References

logrotate
From: Daniel Black, 2017-04-10
Re: logrotate
From: Sergei Golubchik, 2017-04-17
Re: logrotate
From: Daniel Black, 2017-04-17