Am 17.04.2017 um 21:59 schrieb Sergei Golubchik:
Hi, Daniel!
On Apr 10, Daniel Black wrote:
Quick proof of concept logrotate that hasn't really been changed in a while.
The aim is to get this closer to a state for distro maintainers to use directly.
By using a dedicated SQL user this shouldn't conflict with an existing user root user (which users always use despite the ability create other users with SUPER privs). As users will occasional change the password on the root without taking into account that logrotate typically uses the same user. Relying on users to update /root/.my.cnf is unreliable. Giving selinux permissions to allow logrotate read files under /root is also a little excessive.
Using a dedicated mysqladmin.logrotate this won't conflict with existing mysqladmin group.
1. What user logrotate is normally run as?
on typical machines as root
2. Does logrotate really need to connect to mysqld do issue "FLUSH"? Why not send SIGHUP instead? This needs no user and no password
that's what typical logrotate snippets do when supported by the daemon [root@srv-rhsoft:/etc/logrotate.d]$ cat preload /var/log/preload.log { missingok notifempty size=64k compress postrotate /bin/kill -HUP `/sbin/pidof preload 2>/dev/null` 2> /dev/null || true endscript }