Bug #67089 Mysql error log group owned by root.
Submitted: 4 Oct 2012 18:50 Modified: 19 Nov 2014 7:48
Reporter: Rolf Martin-Hoster Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: Logging Severity:S4 (Feature request)
Version:5.1.54, 5.6.21 OS:Any
Assigned to: CPU Architecture:Any

[4 Oct 2012 18:50] Rolf Martin-Hoster
Description:
Mysql error log is group owned by root which makes it impossible to audit by another user in the mysql group.

How to repeat:
rm error log.
start mysql
error log is group owned by root

Suggested fix:
rm error log.
start mysql
error log is group owned by mysq;
[17 Nov 2014 7:35] MySQL Verification Team
I think it's current implementation of mysqld_safe.sh.
mysqld_safe.sh run by root, and change owner with these code, but don't change ower.

386 USER_OPTION=""
387 if test -w / -o "$USER" = "root"
388 then
389   if test "$user" != "root" -o $SET_USER = 1
390   then
391     USER_OPTION="--user=$user"
392   fi
393   # Change the err log to the right user, if it is in use
394   if [ $want_syslog -eq 0 ]; then
395     touch "$err_log"
396     chown $user "$err_log"
397   fi
398   if test -n "$open_files"
399   then
400     ulimit -n $open_files
401   fi
402 fi

So it made error log like this.

-rw-r----- 1 mysql root 2015 11月 17 16:29 meiji.err

If you mv(or rm) error.log, and do 'flush logs', it become right user/ower like this.

-rw-rw---- 1 mysql mysql 7472 11月 17 16:29 meiji.err

[Workaround]

(1) Locate mysql:mysql MySQL Error log before mysqld_safe start
(2) Modify mysqld_safe to add chgrp, or creating file with runuser -l $user
(3) Activate mysqld without mysqld_safe.
[18 Nov 2014 9:20] MySQL Verification Team
Choose one of (1),(2),(3) and do it. Don't use all method in number order.
[19 Nov 2014 7:48] MySQL Verification Team
Thank you Rolf for the report and Meiji-san for the explanation.
Confirmed this behavior with latest rpm build of 5.6.21

Thanks,
Umesh
[19 Nov 2014 7:50] MySQL Verification Team
// 5.6.21

[root@cluster-repo ~]# rpm -qa|grep mysql
mysql-utilities-commercial-1.5.2-1.el6.noarch
mysql-community-server-5.6.21-2.el6.x86_64
mysql-connector-python-commercial-2.0.2-1.el6.noarch
mysql-community-libs-5.6.21-2.el6.x86_64
mysql-community-libs-compat-5.6.21-2.el6.x86_64
mysql-community-embedded-5.6.21-2.el6.x86_64
mysql-community-client-5.6.21-2.el6.x86_64
mysql-community-devel-5.6.21-2.el6.x86_64
php-mysql-5.3.3-40.el6_6.x86_64
mysql-community-common-5.6.21-2.el6.x86_64
mysql-utilities-commercial-extra-1.5.2-1.el6.noarch
mysql-utilities-extra-1.5.0-1.el6.noarch

[root@cluster-repo ~]# /etc/init.d/mysqld restart
Stopping mysqld:                                           [  OK  ]
touch: cannot touch `/var/lib/mysql/mysqld.log': No such file or directory
chown: cannot access `/var/lib/mysql/mysqld.log': No such file or directory
chmod: cannot access `/var/lib/mysql/mysqld.log': No such file or directory
Initializing MySQL database:  2014-11-21 14:46:29 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2014-11-21 14:46:29 9589 [Note] InnoDB: Using atomics to ref count buffer pool pages
..
2014-11-21 14:46:32 9589 [Note] InnoDB: Shutdown completed; log sequence number 1625977

2014-11-21 14:46:32 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
..
2014-11-21 14:46:33 9612 [Note] InnoDB: Starting shutdown...
2014-11-21 14:46:34 9612 [Note] InnoDB: Shutdown completed; log sequence number 1625987

..
[  OK  ]
Starting mysqld:                                           [  OK  ]
[root@cluster-repo ~]# ls -l /var/lib/mysql/
total 110612
-rw-rw---- 1 mysql mysql       56 Nov 21 14:46 auto.cnf
-rw-rw---- 1 mysql mysql 12582912 Nov 21 14:46 ibdata1
-rw-rw---- 1 mysql mysql 50331648 Nov 21 14:46 ib_logfile0
-rw-rw---- 1 mysql mysql 50331648 Nov 21 14:46 ib_logfile1
drwx------ 2 mysql mysql     4096 Nov 21 14:46 mysql
-rw-r----- 1 mysql root      2021 Nov 21 14:46 mysqld.log <---------------------------- -rw-r----- 1 mysql root
-rw-rw---- 1 mysql mysql        5 Nov 21 14:46 mysqld.pid
srwxrwxrwx 1 mysql mysql        0 Nov 21 14:46 mysql.sock
drwx------ 2 mysql mysql     4096 Nov 21 14:46 performance_schema

[root@cluster-repo ~]# mysql -u root -p -S /var/lib/mysql/mysql.sock
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.6.21 MySQL Community Server (GPL)

Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

[(none)]> show variables like 'log_error';
+---------------+---------------------------+
| Variable_name | Value                     |
+---------------+---------------------------+
| log_error     | /var/lib/mysql/mysqld.log |
+---------------+---------------------------+
1 row in set (0.01 sec)

[(none)]> \! ls -l /var/lib/mysql/mysqld.log
-rw-r----- 1 mysql root 2021 Nov 21 14:46 /var/lib/mysql/mysqld.log  <---------------------------- -rw-r----- 1 mysql root
[(none)]>
[(none)]> \! rm -rf /var/lib/mysql/mysqld.log
[(none)]>
[(none)]> \! ls -l /var/lib/mysql/mysqld.log
ls: cannot access /var/lib/mysql/mysqld.log: No such file or directory
[(none)]>
[(none)]> flush logs;
Query OK, 0 rows affected (0.00 sec)

[(none)]> \! ls -l /var/lib/mysql/mysqld.log
-rw-rw---- 1 mysql mysql 0 Nov 21 14:49 /var/lib/mysql/mysqld.log <---------- -rw-rw---- 1 mysql mysql 
[(none)]>
[(none)]>