Description:
The default error log location in the Mac OS X 10.4 installer (and likely all others) does not allow the log to be viewed in Console.app, the central log-viewing and monitoring console for Mac OS X. It is instead placed in the data directory, accessible only to mysql, which prevents Console.app or any other OS X program from reading the log directly without elevated privileges.
Putting the log in a location that can be read by Console.app makes centralized log management easier by users without requiring them to escalate their privileges.
How to repeat:
N/A
Suggested fix:
The best fix for this would be to specify a particular log directory - perhaps /usr/local/mysql/logs/ - and create a symlink to that inside /Library/Logs/ - this could also be a good default place for the general query log as well (though not for binary logs or replication logs). Alternately, the default log location could be set outright to /Library/Logs/MySQL/ (which would have to be created).
If one of these options is considered, then the directory (preferably /Library/Logs/MySQL/ ) could be chown mysql:admin and chmod 750, and the logs themselves could be 640. This would prevent access by anyone who was not designated a system administrator in the Accounts preference pane, leaving the logs as secure as ever they were before.
This would generally ease administration, as well as ease troubleshooting of problems by technical support ('Open Console.app in /Applications/Utilities, choose 'Show Log List' from the View menu', and so on).
Description: The default error log location in the Mac OS X 10.4 installer (and likely all others) does not allow the log to be viewed in Console.app, the central log-viewing and monitoring console for Mac OS X. It is instead placed in the data directory, accessible only to mysql, which prevents Console.app or any other OS X program from reading the log directly without elevated privileges. Putting the log in a location that can be read by Console.app makes centralized log management easier by users without requiring them to escalate their privileges. How to repeat: N/A Suggested fix: The best fix for this would be to specify a particular log directory - perhaps /usr/local/mysql/logs/ - and create a symlink to that inside /Library/Logs/ - this could also be a good default place for the general query log as well (though not for binary logs or replication logs). Alternately, the default log location could be set outright to /Library/Logs/MySQL/ (which would have to be created). If one of these options is considered, then the directory (preferably /Library/Logs/MySQL/ ) could be chown mysql:admin and chmod 750, and the logs themselves could be 640. This would prevent access by anyone who was not designated a system administrator in the Accounts preference pane, leaving the logs as secure as ever they were before. This would generally ease administration, as well as ease troubleshooting of problems by technical support ('Open Console.app in /Applications/Utilities, choose 'Show Log List' from the View menu', and so on).