2

Where is the best place to store the mysql root password? I had been putting it only in the root user's /root/.my.cnf file, which works fine for doing normal updates, backups, etc.

However, the (debian)/ubuntu logrotate script (for instance) doesn't look at that file.

I've currently worked around this by adding:

!include /root/.my.cnf

to the /etc/mysql/debian.cnf file, but this seems kind of ... wrong. For a start, there's big 

# Automatically generated for Debian Scripts. DO NOT TOUCH

at the top of the file.

There is no debian-sys-maint user in /etc/passwd, which I thought had something to do with it - but is that historical now?

Any current best practices/documentation I'm missing?

Daniel
  • 180

1 Answers1

1

The Debian package creates a MySQL user debian-sys-maint@localhost separate from the MySQL root@localhost user, and uses that user and password (stored in /etc/mysql/debian.cnf) in the scripts for log rotation, database upgrades, startup and shutdown scripts and so on.

Community
  • 1
DerfK
  • 19,658
  • 2
  • 40
  • 55
  • There is no debian-sys-maint user on my system. Also, if the /etc/mysql/debian.cnf file is where the username/password should be put (which seems reasonable), when why the big warning at the top saying not to edit it? – Daniel Mar 29 '17 at 10:38
  • 1
    I've edited the question to reflect that these are MySQL users not Linux users. You can see the MySQL users with SELECT user,host FROM mysql.user; – DerfK Mar 29 '17 at 16:00
  • 1
    As for why the warning, it's because the script that creates the special maintenance user also creates that configuration file for the Debian tools to use. If you've uninstalled (but not purged) the Debian/Ubuntu package and then installed MySQL from source or some other package, then the old configuration file would remain but would not be used by the non-Debian/Ubuntu installation – DerfK Mar 29 '17 at 16:06