[MDEV-16621] Fix logrotate script Created: 2018-06-29  Updated: 2021-12-11  Resolved: 2021-11-30

Status: Closed
Project: MariaDB Server
Component/s: Scripts & Clients
Affects Version/s: 10.3
Fix Version/s: N/A

Type: Bug Priority: Major
Reporter: Sergey Vojtovich Assignee: Otto Kekäläinen
Resolution: Duplicate Votes: 1
Labels: contribution, foundation

Issue Links:
PartOf
is part of MDEV-22659 Create one single unified and optimal... Closed
Relates
relates to MDEV-12484 Enable unix socket authentication by ... Closed
relates to MDEV-16772 mysql-server logrotate script does no... Closed
relates to MDEV-4968 Old advices in mysql-log-rotate script Closed

 Description   

Send SIGHUP, so root credentials are no longer needed to be set in a config file
Update comments about configuration
Enable creation of the log; when disabled, logrotate would fail (file not found) when ran twice on stopped daemon.

 Comments   
Comment by Michal Schorm [ 2019-03-20 ]

Also, consider using of "delaycompress" option.

Without it, the user may encounter an error if the DB still use the file handle to write to the log.

/etc/cron.daily/logrotate:

error: Compressing program wrote following message to stderr when compressing log /var/log/mariadb/mariadb.log-20190228:
 
gzip: stdin: file size changed while zipping

Comment by Geoff Montee (Inactive) [ 2019-03-28 ]

Also, consider using of "delaycompress" option.

Without it, the user may encounter an error if the DB still use the file handle to write to the log.

Thanks. I used the "delaycompress" tip for this KB article:

https://mariadb.com/kb/en/library/rotating-logs-on-unix-and-linux/

Send SIGHUP, so root credentials are no longer needed to be set in a config file

Is it still desirable to use SIGHUP to flush the logs, now that root@localhost will use unix_socket authentication by default in 10.4? i.e. see MDEV-12484.

It's pretty easy to enable unix_socket authentication for root@localhost in earlier versions too.

danblack mentioned that SIGHUP will have the side effect of also flushing the binlogs, which can have a performance penalty. Should we make SIGHUP ignore exclude flushing the binlogs?

Comment by Daniel Black [ 2019-04-02 ]

With the multiple authentication mechanisms of MDEV-11340 and the default root unix socket auth in MDEV-12484, and in 65ffea3924f8d90bce5ae5188d5b44feaaaf6c7f, mysql@localhost unix socket is a default user on install. If adding/extending the auth was done in packaging scripts, maybe 'sudo -u mysql /usr/bin/mysqladmin --user mysql ....`. I discovered 'su mysql mysql' in logrotate doesn't impact scripts.

> Should we make SIGHUP ignore exclude flushing the binlogs?

There are more impacts than binlogs (https://github.com/MariaDB/server/blob/10.4/sql/mysqld.cc#L3289-L3293) that could be reduced. Not sure if anything expects this behaviour. Maybe a different signal (USR1?) if the authentication mechanisms aren't sufficient.

Very nice work GeoffMontee on the kb document. Note selinux bits of logrotate from https://mariadb.com/kb/en/library/what-to-do-if-mariadb-doesnt-start/#selinux-and-mariadb-path-changes and/or extend support-files/policy/selinux/mariadb-server.fc

Comment by Geoff Montee (Inactive) [ 2019-04-02 ]

Thanks, danblack. I added a note about SELinux to the logrotate KB page.

Comment by Otto Kekäläinen [ 2021-04-04 ]

Superseded by https://github.com/MariaDB/server/pull/1556 and MDEV-22659.

Comment by Robert Bindar [ 2021-11-30 ]

Closing this dangling one, work on logrotate is being followed in MDEV-22659

Generated at Thu Feb 08 08:30:17 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.