supported or not for this change to mysql
Posted: Wed Oct 22, 2025 10:06 am
Hi,
My security team want to do those 3 points here for mysql. If we do that, does it will cause problem with Nagios XI? I would like your advice for each point please
1. Logging – log_bin
For that point, this is what the security asked by modifying /etc/my.cnf.d/mysql-server.cnf that way:
REMOVE:
disable_log_bin
ADD:
log-bin=/var/lib/mysql/logs/binlog
binlog-format=ROW
binlog_expire_logs_seconds=604800
max_binlog_size=64M
2. Protecting Resources – Binary logs enabled as per point 1
chown mysql:mysql /var/lib/mysql/*.log
chown -R mysql:mysql /var/lib/mysql/logs/
chmod 660 /var/lib/mysql/*.log
chmod -R 660 /var/lib/mysql/logs/
3. Protecting Resources – MySQL configuration files
For that point, this is what the security asked for:
chown mysql:mysql /etc/my.cnf
chown mysql:mysql /etc/my.cnf.d/*.cnf
chmod 660 /etc/my.cnf
chmod 660 /etc/my.cnf.d/*.cnf
My security team want to do those 3 points here for mysql. If we do that, does it will cause problem with Nagios XI? I would like your advice for each point please
1. Logging – log_bin
For that point, this is what the security asked by modifying /etc/my.cnf.d/mysql-server.cnf that way:
REMOVE:
disable_log_bin
ADD:
log-bin=/var/lib/mysql/logs/binlog
binlog-format=ROW
binlog_expire_logs_seconds=604800
max_binlog_size=64M
2. Protecting Resources – Binary logs enabled as per point 1
chown mysql:mysql /var/lib/mysql/*.log
chown -R mysql:mysql /var/lib/mysql/logs/
chmod 660 /var/lib/mysql/*.log
chmod -R 660 /var/lib/mysql/logs/
3. Protecting Resources – MySQL configuration files
For that point, this is what the security asked for:
chown mysql:mysql /etc/my.cnf
chown mysql:mysql /etc/my.cnf.d/*.cnf
chmod 660 /etc/my.cnf
chmod 660 /etc/my.cnf.d/*.cnf