MySQL Secure Deployment Guide  /  Installation Directory and File Permissions

Appendix B Installation Directory and File Permissions

The following table shows directory and file permissions for the generic binary distribution installation of MySQL Enterprise Edition for Linux x86-64 on Oracle Linux 7 that is described in this guide.

As a general rule, distributed files and resources should follow the principal of least privilege, which requires that users, processes, programs, and other system components only have access to information and resources that are required for their legitimate purpose.

As indicated previously, most of the MySQL installation can be owned by root. The exceptions are the data directory, the error log file, the mysql-files directory, the pid file, and the socket file, to which the mysql user must have write access. Files and resources that the mysql user requires read access to include configuration files (/etc/my.cnf) and the MySQL binaries (/usr/local/mysql/bin).

Table B.1 MySQL Linux Generic Binary Installation Directory and File Permissions

File or ResourceLocationOwnerDirectory PermissionsFile Permissions
Client and utility programs directory/usr/local/mysql/binrootdrwxr-xr-x 
mysqld server/usr/local/mysql/binrootdrwxr-xr-x-rwxr-xr-x
MySQL configuration file/etc/my.cnfrootdrwxr-xr-x-rw-r--r--
Data directory/usr/local/mysql/datamysqldrwxr-x--- 
Error log file/usr/local/mysql/data/host_name.errmysqldrwxr-x----rw-------
secure_file_priv directory/usr/local/mysql/mysql-filesmysqldrwxr-x--- 
mysqld systemd service file/usr/lib/systemd/system/mysqld.servicerootdrwxr-xr-x-rw-r--r--
systemd tmpfiles configuration file/usr/lib/tmpfiles.d/mysql.confrootdrwxr-xr-x-rw-r--r--
pid file/usr/local/mysql/data/mysqld.pidmysqldrwxr-x----rw-r-----
socket file/tmp/mysql.sockmysqldrwxrwxrwtsrwxrwxrwx
Unix manual pages directory/usr/local/mysql/manrootdrwxr-xr-x 
Include Header files directory/usr/local/mysql/includerootdrwxr-xr-x 
Libraries directory/usr/local/mysql/librootdrwxr-xr-x 
Miscellaneous support files directory/usr/local/mysql/support-filesrootdrwxr-xr-x 
Miscellaneous files directory/usr/local/mysql/sharerootdrwxr-xr-x 


User Comments
User comments in this section are, as the name implies, provided by MySQL users. The MySQL documentation team is not responsible for, nor do they endorse, any of the information provided here.
Sign Up Login You must be logged in to post a comment.