Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-4453

puppetlabs-mysql: SLES: Permission problem with the default value of log_error

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Normal
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: mysql
    • Environment:
      • SLES 11 SP3 LTSS
      • puppetlabs-mysql 3.10.0
    • Template:
      MODULES Bug Template
    • Epic Link:
    • Team:
      Modules
    • QA Risk Assessment:
      Needs Assessment

      Description

      Under SLES the default value for log_error is set to /var/log/mysqld.log by params.pp:

      /(SLES|SLED)/ => '/var/log/mysqld.log',
      

      With this log_error and the latest MySQL version 5.5.54-0.35.1 from SLES 11 SP3 LTSS everything under /var/log gets assigned to the MySQL user:

      $ ls -la /var/log
      total 51408
      drwxrwx--- 17 mysql mysql   16384 Feb 16 11:45 .
      drwxr-xr-x 16 root  root     4096 Nov 22 11:45 ..
      ...
      drwxr-x---  2 mysql mysql    4096 Jan 15 11:45 redis
      ...
      drwxrwx---  2 mysql mysql   12288 Jan 15 11:45 tomcat6
      ...
      -rw-rw-r--  1 mysql mysql   30720 Feb 17 17:35 wtmp
      ...
      drwxr-xr-x  2 mysql mysql    4096 Nov 10 12:40 zypp
      ...
      

      Setting log_error to /var/log/mysql/mysqld.log prevents this problem.

      The init script /etc/init.d/mysql contains the following part:

      ...
      # Creating parent directories for logs
      for i in "$log_upgrade" "$log_query" "$log_error"; do
      	if [ "${i:0:1}" == "/" ]; then
      		log_dir="`dirname "$i"`"
      		if [ \! -d "$log_dir" ]; then
      			mkdir -p "$log_dir"
      		fi
      		chmod 770 "$log_dir"
      		chown -R --no-dereference "$mysql_daemon_user:$mysql_daemon_group" "$log_dir"
      	else
      		...
      	fi
      done
      ...
      

      I don't know in which version this was added to the MySQL package of SLES.

      Maybe it has something to do with the Security Notes of MySQL 5.5.54.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            c Clemens Fuchslocher
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:

                Zendesk Support