** Also affects: mysql-8.0 (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: mysql-8.4 (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: mysql-8.0 (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: mysql-8.4 (Ubuntu Jammy)
Importance: Undecided
Status: New
** Changed in: mysql-8.0 (Ubuntu Focal)
Status: New => In Progress
** Changed in: mysql-8.0 (Ubuntu Focal)
Assignee: (unassigned) => Lena Voytek (lvoytek)
** Changed in: mysql-8.0 (Ubuntu Jammy)
Status: New => In Progress
** Changed in: mysql-8.0 (Ubuntu Jammy)
Assignee: (unassigned) => Lena Voytek (lvoytek)
** Description changed:
[Impact]
MySQL's logrotate script fails due to permissions in folders where log
files are stored.
The fix for this should be backported to stable releases to allow log
rotation to complete normally as expected.
The bug is fixed by providing a su directive to the logrotate config to
run the script assuming the mysql user and adm group.
[Test Plan]
Prior to the fix, running
logrotate --force /etc/logrotate.d/mysql-server
will fail with the output
error: skipping "/var/log/mysql.log" because parent directory has
insecure permissions (It's world writable or writable by group which is
not "root") Set "su" directive in config file to tell logrotate which
user/group should be used for rotation.
After the fix, the rotation should succeed
[Where problems could occur]
Since logs have failed to rotate in noble and later, unexpected problems
could occur from the log rotation process.
[Other Info]
-
+
This issue was fixed in questing in 8.4.5-0ubuntu2.
- Jammy and earlier releases are not affected due to the logrotate
- permission requirements being updated later on.
-
The fix will be for the mysql-8.4 package in questing and plucky, and
- mysql-8.0 in noble and oracular.
+ mysql-8.0 in oracular and earlier.
[Original Description]
The existing logrotate rules file:
/etc/logrotate.d/mysql-server:
# - I put everything in one block and added sharedscripts, so that mysql gets
# flush-logs'd only once.
# Else the binary logs would automatically increase by n times every day.
# - The error log is obsolete, messages go to syslog now.
/var/log/mysql.log /var/log/mysql/*log {
- daily
- rotate 7
- missingok
- create 640 mysql adm
- compress
- sharedscripts
- postrotate
- test -x /usr/bin/mysqladmin || exit 0
- # If this fails, check debian.conf!
- MYADMIN="/usr/bin/mysqladmin
--defaults-file=/etc/mysql/debian.cnf"
- if [ -z "`$MYADMIN ping 2>/dev/null`" ]; then
- # Really no mysqld or rather a missing debian-sys-maint
user?
- # If this occurs and is not a error please report a bug.
- #if ps cax | grep -q mysqld; then
- if killall -q -s0 -umysql mysqld; then
- exit 1
- fi
- else
- $MYADMIN flush-logs
- fi
- endscript
+ daily
+ rotate 7
+ missingok
+ create 640 mysql adm
+ compress
+ sharedscripts
+ postrotate
+ test -x /usr/bin/mysqladmin || exit 0
+ # If this fails, check debian.conf!
+ MYADMIN="/usr/bin/mysqladmin
--defaults-file=/etc/mysql/debian.cnf"
+ if [ -z "`$MYADMIN ping 2>/dev/null`" ]; then
+ # Really no mysqld or rather a missing debian-sys-maint
user?
+ # If this occurs and is not a error please report a bug.
+ #if ps cax | grep -q mysqld; then
+ if killall -q -s0 -umysql mysqld; then
+ exit 1
+ fi
+ else
+ $MYADMIN flush-logs
+ fi
+ endscript
}
Causes logrotate to emit errors:
error: skipping "/var/log/mysql.log" because parent directory has insecure
permissions (It's world writable or writable by group which is not "root") Set
"su" directive in config file to tell logrotate which user/group should be used
for rotation.
However, we could update it with:
- su mysql adm
+ su mysql adm
first, which tells logrotate to rotate those files as the same use it is
asking it to create the files as.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2112151
Title:
logrotate rules incomplete for mysql
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-8.0/+bug/2112151/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
