Bug #17962 instance manager can modify options only if started by root
Submitted: 6 Mar 2006 13:05 Modified: 4 Apr 2006 14:05
Reporter: Giuseppe Maxia Email Updates:
Status: Not a Bug Impact on me:
None 
Category:MySQL Server Severity:S3 (Non-critical)
Version:5.0.18, 5.1.7 OS:Linux (Linux)
Assigned to: CPU Architecture:Any

[6 Mar 2006 13:05] Giuseppe Maxia 
Description:
As explained in the docs (http://dev.mysql.com/doc/refman/5.0/en/instance-manager-configuration-files.html), the instance manager checks only one file, i.e. /etc/my.cnf. 
This means that the SET and UNSET commands will fail if the instance manager was started by any user other than root.

How to repeat:
create a /etc/my.cnf with some instances, as described in the above mentioned page.
Then from within the manager client, try
UNSET mysqld2.nonguarded;
You will get an error
ERROR 3008 (HY000): Cannot open the option file to edit. Check permissions

Suggested fix:
Having the /etc/my.cnf file as the default file means that, to get the same flexibility offered by mysqld_safe, we should either edit the mysql.server startup script or start mysqlmanager as root, which is not a recommended security practice.
Thus, the best fix should be to remove this limitation.
[6 Mar 2006 13:21] Hartmut Holzgraefe 
Check the permissions of your my.cnf file, it needs to be writeable by the user the instance manager runs as. So either change the owner of the file to this user or change the file permissions so that the user has write access to it. Running as root obviously solves the permission problems, too, but is not recommended. And threre is nothing we can do about it, permissions are managed by the operating system, not the application.
[6 Mar 2006 13:44] Giuseppe Maxia 
I know that changing the permissions will avoid the problem.
The whole point of my report is that the instance manager does not have the same flexibility that is offered by mysqld_safe, meaning that it needs a root intervention to be used  (editing /etc/init.d/mysql or changing permissions to /etc/my.cnf) while mysqld_safe can be used easily without root privileges.
To be honest, by editing the startup script you can overcome the problem, but it is a task for experts only, not something I can recommend a junior administrator to do.
The instance manager needs some more attention become really useful. 
I shouldn't have to give up some existing features to get the new ones. At least, the instance manager should do the same as mysqld_safe. In this specific case, allowing the instance manager to use a configuration file in the basedir would be a welcome addition.
[4 Apr 2006 10:42] Petr Chardin 
Guseppe, current installation routines do touch /etc/my.cnf.
That's why one has to chmod the file manually (usually,
giving +rw access to the "mysql" user on the file).
Do you think that altering RPM install routines, so that
they check that the file exists and belongs to
"mysql" user will help?
[4 Apr 2006 14:05] Giuseppe Maxia 
The problem is not in the RPM behavior.
Actually, since I install in several Linux flavors, I almost never bother with RPMs, and I go straight to the binary package. 
Since I need often to install a server without having root privileges (due to my customers policies), I need to be able to set up the server independently from whichever setup lays in /etc/my.cnf.
For mysqld_safe, there is no problem, because settings can be overriden by using a configuration file in the data directory (or, for 5.x, in the base directory). 
I believe that the instance manager should offer the same flexibility, which would also solve the problem of options modification.

Giuseppe