Bug 1015783

Summary: mysql plug-in is vulnerable to configurations that place large logs under /var/log/mysql
Product: Red Hat Enterprise Linux 6 Reporter: Bryn M. Reeves <bmr>
Component: sosAssignee: Bryn M. Reeves <bmr>
Status: CLOSED ERRATA QA Contact: David Kutálek <dkutalek>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.4CC: agk, bmr, dmaley, gavin, jbrassow, sos-team
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: sos-2.2-57.el6 Doc Type: Bug Fix
Doc Text:
No documentation needed.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-14 07:22:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Bryn M. Reeves 2013-10-05 11:27:06 UTC 
Description of problem:
MySQL users may configure the database to place unexpected logs under /var/log/mysql. For e.g.:

  slow_query_log = 1
  slow_query_log_file = /var/log/mysql/stupidly/large.log
  long_query_time = 1

For some database configurations these logs can run into several GiB:

$ ll -h var/log/mysql/stupidly/large.log 
-rw-r--r--. 1 breeves breeves 1.4G Oct  4 15:31 var/log/mysql/stupidly/large.log

Version-Release number of selected component (if applicable):
sos-*

How reproducible:
100%

Steps to Reproduce:
1. Install MySQL
2. Create a large file under /var/log/mysql 
3. Run sosreport

Actual results:
Tarball contains large files from /var/log/mysql

Expected results:
Tarball contains only reasonable logs from /var/log/mysql


Additional info:
Probably best to fix this by collecting only the daemon log file and making all other collection optional.
Comment 2 Bryn M. Reeves 2014-06-23 11:02:01 UTC 
commit 0542338c6d2942971edd4f70699972d162b7e794
Author: Bryn M. Reeves <bmr>
Date:   Mon Jun 23 13:31:59 2014 +0100

    [mysql] limit log collection and add support for MariaDB
    
    Add support for the MariaDB fork of MySQL.
    
    Since a MySQL or MariaDB instance may have very large log files under
    /var/log/{mysql,mariadb}. For now restrict log collection to the main
    demon log.
    
    Signed-off-by: Bryn M. Reeves <bmr>

commit 6a13d85a88905415a317cb59142930e68c5b0e3f
Author: Bryn M. Reeves <bmr>
Date:   Mon Jun 23 12:40:12 2014 +0100

    [mysql] clean up plugin variable use and package lists
    
    Signed-off-by: Bryn M. Reeves <bmr>
Comment 5 errata-xmlrpc 2014-10-14 07:22:27 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1528.html