Red Hat Bugzilla – Bug 24909
mysql init scripts MUST stop using mysqladmin
Last modified: 2007-04-18 12:30:54 EDT
Both the logrotate.d/mysqld script and the new mysql-3.23.32-1.7 init script in /etc/rc.d/init.d/mysqld attempt to use mysqladmin to flush, shutdown and reload mysqld. How is this expected to work, when the password for the root user is set to a non-null password? More over, what's the point of releasing a security update when the only way scripts will run properly is for them to expect null passwords for the root user?
Creating a .my.cnf in roots home directory should fix this. If there is any other way of flushing the logs, let me know.
Works like a charm. If only MySQL documented that somewhere useful. If only you were closer to Canada, I'd buy you a beer. :)
Not being able to change/set the (MySQL) root password without having to store it somewhere else in plain text is not very satisfactory. It will make it even more likely that people will run MySQL with wide open access to anyone who can log on to the machine. MySQL can be cleanly stopped with a kill -TERM (that's what the supplied mysql.server.sh script does). For log file flushing, I'd suggest that you arrange to create a new MySQL user in postinstall with a random PWD and only RELOAD rights. (GRANT RELOAD to *.* TO sys_reload@localhost IDENTIFIED BY "<pwd>") Then hardwire the password into the rotate script. At least then the password, even if discovered, will only alow someone to do one of a number of reloads. And people will be able to set a root pwd without further problems.
Take a look at 3.23.32-5 when it shows up in Rawhide, it implements some of this.