Red Hat Bugzilla – Bug 24909
mysql init scripts MUST stop using mysqladmin
Last modified: 2007-04-18 12:30:54 EDT
Both the logrotate.d/mysqld script and the new mysql-3.23.32-1.7 init
script in /etc/rc.d/init.d/mysqld attempt to use mysqladmin to flush,
shutdown and reload mysqld.
How is this expected to work, when the password for the root user is set to
a non-null password?
More over, what's the point of releasing a security update when the only
way scripts will run properly is for them to expect null passwords for the
Creating a .my.cnf in roots home directory should fix this. If there is any
other way of flushing the logs, let me know.
Works like a charm. If only MySQL documented that somewhere useful.
If only you were closer to Canada, I'd buy you a beer. :)
Not being able to change/set the (MySQL) root password without having to store
it somewhere else in plain text is not very satisfactory. It will make it even
more likely that people will run MySQL with wide open access to anyone who can
log on to the machine.
MySQL can be cleanly stopped with a kill -TERM (that's what the supplied
mysql.server.sh script does). For log file flushing, I'd suggest that you
arrange to create a new MySQL user in postinstall with a random PWD and only
RELOAD rights. (GRANT RELOAD to *.* TO sys_reload@localhost IDENTIFIED BY
"<pwd>") Then hardwire the password into the rotate script. At least then the
password, even if discovered, will only alow someone to do one of a number of
reloads. And people will be able to set a root pwd without further problems.
Take a look at 3.23.32-5 when it shows up in Rawhide, it implements some of this.