MySQL: Ownership of mysql directory changes to 'mysql' from 'service_account' on linux server reboot

Question

I'm using MySQL distribution 10.2.39-MariaDB, for Linux (x86_64). It runs fine when we initially start it up and manually configure it to correct ownership and startup. But whenever we reboot the Linux server, the ownership of '/var/lib/mysql' changes from 'service_account' to 'mysql', as shown below:

Before reboot of Linux Server

drwxr-xr-x. service_account service-account_grp 4096 Mar 18 14:00 mysql

to

After reboot of Linux Server

drwxr-xr-x. mysql mysql 4096 Mar 18 14:00 mysql

It changes ownership itself and I don't happen to find the root cause for it. I've been facing this issue and I'm not able to find a solution to it.

Any input is appreciated.

Thanks in advance,

Sid

Answer 1

I'm writing this answer because I think we both have misunderstood the User Account Management mechanisms of mariadb. I have also encountered the same problem as you, so I'm writing this answer for myself somewhat. You can follow this answer or danblack's, whichever you actually need. As danblack said, it may not be a good idea to change "mysql" to your service_account.

Initialize mariadb database directory with 'mysql' user account :

$ sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
...
Two all-privilege accounts were created.
One is root@localhost, it has no password, but you need to
be system 'root' user to connect. Use, for example, sudo mysql
The second is mysql@localhost, it has no password either, but
you need to be the system 'mysql' user to connect.
After connecting you can set the password, if you would need to be
able to connect as any of these users with a password and without sudo
...

As you can see, two mariadb all-privilege accounts, root@localhost and mysql@localhost, were created. And you must be operating system root and mysql user to use these two mariadb accounts, respectively.

After then, enable and start mariadb server :

$ sudo systemctl enable --now mariadb.service

You may want to use mysql_secure_installation command to improve the initial security.

Then use mariadb root@localhost account with system root account to connect to sever, and create new mariadb account that has root-like privileges with whatever name you want:

$ sudo mysql -u root -p  # first input your passwd to use 'sudo', then [ENTER] for empty mariadb root account passwd
[sudo] password for your_service_account:
Enter password:
...
MariaDB [(none)]> CREATE USER 'whatever_name_you_want'@'localhost' IDENTIFIED BY 'somepasswd';
Query OK, 0 rows affected (0.004 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* to 'whatever_name_you_want'@'localhost';
Query OK, 0 rows affected (0.004 sec)

MariaDB [(none)]> quit
Bye

Use new unprivileged whatever_name_you_want@localhost account to connect to server and create a new database :

$ mysql -u whatever_name_you_want -p
Enter password:
...
MariaDB [(none)]> CREATE DATABASE IF NOT EXISTS mydb;
Query OK, 1 row affected (0.001 sec)

MariaDB [(none)]> quit
Bye

And if you set password for root@localhost account, you can even use this account without sudo :

$ sudo mysql -u root -p
[sudo] password for your_service_account:
Enter password:
...
MariaDB [(none)]> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('somepasswd');
Query OK, 0 rows affected (0.041 sec)

MariaDB [(none)]> quit
Bye
$ mysql -u root -p
Enter password:
...
MariaDB [(none)]> quit
Bye