Logrotate Error on Ubuntu

For a few weeks now, I've been seeing this error in my logs every night:

/etc/cron.daily/logrotate:
error: error running shared postrotate script for /var/log/mysql.log /var/log/mysql/mysql.log /var/log/mysql/mysql-slow.log
run-parts: /etc/cron.daily/logrotate exited with return code 1

What's happening is that after all the mysql backing up and everything is done, ubuntu is trying to use the debian-sys-maint user to flush the logs, this is actually called in /etc/logrotate.d/mysql-server. On my system, we seem to have lost this mysql user.

The solution is to look for the password used in the /etc/mysql/debian.cnf file, mine looks like this:

# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host     = localhost
user     = debian-sys-maint
password = xxxxxxxxxxxxxxxx
socket   = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
user     = debian-sys-maint
password = xxxxxxxxxxxxxxxx
socket   = /var/run/mysqld/mysqld.sock
basedir  = /usr

Using the password, and some inspiration from this post on the Ubuntu Forums I recreated the user with the necessary permissions and password with:

GRANT RELOAD, SHUTDOWN, PROCESS, SHOW DATABASES, SUPER, LOCK TABLES ON *.* TO 'debian-sys-maint'@'localhost' IDENTIFIED BY PASSWORD 'xxxxxxxxxxxxxxxx'

This did the trick, as the nightly errors have now disappeared from my script. Hope this helps someone in a similar situation - if you can expand these notes then please add a comment and I will update this as needed - thanks :)

26 thoughts on “Logrotate Error on Ubuntu

  1. I did not immediately see that the "PASSWORD" in the mysql query was the one found on the /etc/mysql/debian.cnf file.
    Thanks a lot for this trick! It also works fine for me (Debian 2.4.26 with mysql server version: 5.0.32-Debian_7etch5-log)!

  2. This issue seems to happen when you move a DB from one machine to another as I did. The procedure you describe above should be put into MySQL documentation. You should put in a bug report to the MySQL people as their documentation needs to updated. And yes the PASSWORD parameter needs to be removed or the password will not get encrypted.

    • Carl, I also moved a DB from one machine to another and had this problem. Thanks for calling it out.
      LomaJane, thanks for the info.

      • Thanks for the helpful posts!
        I also ran into this after moving a database from an older Debian server to a newer Ubuntu one. Since I moved *all* databases, including users, this set the password for debian-sys-maint to the one randomly generated on the old system. I fixed this by copying /etc/mysql/debian.cnf from the old system to the new system, so the passwords once again match.

  3. In case it does not work, try:

    update user set password=PASSWORD("xxxxxxxxxxxxxxx") where User='debian-sys-maint';

    In my cases the passwords were hashed.

  4. Awesome, thanks for that. This error has been bugging me for a few weeks now. I finally got around to searching for it and bingo, problem solved. In my case the user's password had changed, so I changed it back, and bob's yer uncle.
    UPDATE user SET Password = PASSWORD('passwordFromFile') WHERE User = 'debian-sys-maint' && Host = 'localhost';

  5. Because of the MySQL passwords in my Ubuntu box (12.04 LTS) were hashed, I have to remove the PASSWORD keyword on the SQL statement like the following to make it work:

    GRANT RELOAD, SHUTDOWN, PROCESS, SHOW DATABASES, SUPER, LOCK TABLES ON *.* TO 'debian-sys-maint'@'localhost' IDENTIFIED BY 'xxxxxxxxxxxx';

    Thanks!

  6. Thanks, this fixed the problem for me. I found that you can also test if the maintenance user has its permissions set correctly with the following so you don't have to wait for cron to run it to see if the problem's fixed.
    mysqladmin --defaults-file=/etc/mysql/debian.cnf ping

  7. an all in one bash one liner would be:

    [code]
    echo "GRANT RELOAD, SHUTDOWN, PROCESS, SHOW DATABASES, SUPER, LOCK TABLES ON *.* TO 'debian-sys-maint'@'localhost' IDENTIFIED BY '$(grep -m 1 password /etc/mysql/debian.cnf | cut -d" " -f3)'; flush privileges;" | mysql -u root
    [/code]

Leave a Reply

Please use [code] and [/code] around any source code you wish to share.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>