Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Not a Bug
-
Affects Version/s: 10.0.18
-
Fix Version/s: N/A
-
Component/s: Plugin - Audit
-
Labels:None
-
Environment:CentOS Linux release 7.0.1406
Description
Unable to set the server_audit_file_path to any directory outside the data dir. As per the variable status we are able to set the path to a different location, outside the data dir. But the logs are not physically created. Following are the details.
#chown -R mysql.mysql /media
MariaDB [(none)]> SET GLOBAL server_audit_logging=OFF;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> SET GLOBAL server_audit_file_path="/media/backups/audit/server_audit.log";
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> SET GLOBAL server_audit_logging=ON;
Query OK, 0 rows affected, 2 warnings (0.00 sec)
MariaDB [(none)]> SHOW GLOBAL VARIABLES LIKE 'server_audit_file_path%';
+------------------------+---------------------------------------+
| Variable_name | Value |
+------------------------+---------------------------------------+
| server_audit_file_path | /media/backups/audit/server_audit.log |
+------------------------+---------------------------------------+
1 row in set (0.00 sec)
MariaDB [(none)]> set global server_audit_file_rotate_now=ON;
Query OK, 0 rows affected (0.00 sec)
# ll /media/backups/audit/ total 0
Gliffy Diagrams
Attachments
Activity
- All
- Comments
- Work Log
- History
- Activity
- Transitions
Please note that when you ran
you got 2 warnings. They are about not being able to create the file.
If you search for SELinux complaints, you'll find that it blocked the writing.
To make sure it's indeed so, you can set it temporarily to Permissive mode and make sure the log gets created.
It's not the best permanent solution though.
Here you can find some advice on how to deal with it:
https://mariadb.com/kb/en/mariadb/what-to-do-if-mariadb-doesnt-start/#selinux
If you still believe that MariaDB is doing something wrong in regard to SELinux policies, please let us know.