Posted on 1 Comment

mysql_install_db, mysqld –bootstrap, binary log, cPanel

Warning… what follows is a murky mess.
It’s filed as MySQL bug#43398 (verified!) but it’s triggered by cPanel doing evil.

Scenario….

Start a mysql server, as normal
Then run mysql_install_db (as root, like you would when you first install MySQL)
See a new binlog file get created, with ownership/group root!

Of course you generally wouldn’t run mysql_install_db while a server is running, but there’s nothing to prevent you (or something else) from doing so!
–bootstrap just shouldn’t initialise binlog, then there wouldn’t be a issue.

cPanel runs mysql_install_db in its automatic upgrade scripts (dangerous already, automatically upgrading MySQL Server on a system!), it’s run every night on cPanel systems even if no upgrade is done, and it behaves exactly as described above. It then chowns the binlog files to mysql:mysql which is of course a hack and not a fix, also there’s still a brief moment where the new logfile has the wrong permissions, and mysqld may still encounter various race conditions by the mysql –bootstrap just adding a binlog file independently (as described in the bug report).

Then some people filed a bug with cPanel about binlog files ending up as root when datadir is changed from the default, so cPanel added this:

# temporary fix for non-standard mysql directory.

echo " "
echo -n "POSTUPCP: running temporary MySQL permissions fix: "
for dir in data import tmp logs ; do

if [ -d "/home/mysql/${dir}" ]; then
  chown -R mysql.mysql "/home/mysql/${dir}" &>/dev/null
fi
done

echo "OK"
echo " "
# end temp fix

That’s right, it’s an additional hack to set the permissions right, but meanwhile the server is still running and doing its thing. The potential for race conditions is just ridiculous.

Key take-away from this story… look, I’m not opposed to workarounds, but it’s very important to understand what cause a particular symptom has. Then, a workaround may be “ok” within a specific context. But if the root cause is not understood (or not found at all) then applying workarounds like this is beyond dangerous.
In this case it’s in a commercial product that’s deployed in thousands of managed server deployments. That’s just freaky.

Posted on 1 Comment

1 thought on “mysql_install_db, mysqld –bootstrap, binary log, cPanel

  1. What I don’t understand is why cPannel just doesn’t use mysql_install_db –user=mysql to avoid the root:root ownership problem in the first place, instead of adding the reset permissions hack.

    Matt M.

Comments are closed.