I am working with a client that is using managed hosting on dedicated servers. This has presented new challenges in obtaining the right permissions to undertake MySQL tasks but not have either ‘root’ or ‘mysql’ access and not have to involve a third party everytime.
Adding the following to the /etc/sudoers file enabled the ability to restart MySQL.
User_Alias DBA = rbradfor, user2, etc Host_Alias DB_SERVERS = server1.example.com, server2.example.com, etc Cmnd_Alias MYSQL = /etc/init.d/mysqld, /usr/sbin/tcpdump DBA DB_SERVERS = MYSQL
As you can see I also got tcpdump, which I find valuable to monitor via mk-query-digest .
Next, permissions for log files.