filesystem permissions

I have a couple questions regarding filesystem permissions for the user running innobackupex/xtrabackup. I see the manual states:

“Once connected to the server, in order to perform a backup you will need READ, WRITE and EXECUTE permissions at a filesystem level in the server’s datadir.”

  1. What is the recommended user to run innobackupex/xtrabackup via a cronjob? Is it recommended to run it under root or under a non-privileged user that has read-only access to the datadir? I prefer to run backup jobs under a non-root account if possible, but wanted to make sure it won’t cause any issues. The files in my datadir are owned by mysql:mysql and are chmod 600 or 660, so I would have to alter that to allow a non-root user to access them. Just curious how others set this up.

  2. Does the user need write and execute privileges to the datadir or can it be read-only? In other words, does a backup write anything to the datadir?

Thanks for your help.

Ryan

It used to be (although I’m not sure that it still is this way) that even though xtrabackup only reads from the files, it opens them in read-write mode because that’s done via InnoDB, which as a database naturally needs to write the files.

If that is the case, you could consider running the tool as the mysql user.