What is debian-sys-maint used for?
One major thing it is used for is telling the server to roll the logs. It needs at least the reload and shutdown privilege.
See the file /etc/logrotate.d/mysql-server
It is used by the /etc/init.d/mysql
script to get the status of the server. It is used to gracefully shutdown/reload the server.
Here is the quote from the README.Debian
* MYSQL WON'T START OR STOP?:
=============================
You may never ever delete the special mysql user "debian-sys-maint". This user
together with the credentials in /etc/mysql/debian.cnf are used by the init
scripts to stop the server as they would require knowledge of the mysql root
users password else.
What is the easiest way to restore it after I've lost it?
The best plan is to simply not lose it. If you really lose the password, reset it, using another account. If you have lost all admin privileges on the mysql server follow the guides to reset the root password, then repair the debian-sys-maint
.
You could use a command like this to build a SQL file that you can use later to recreate the account.
mysqldump --complete-insert --extended-insert=0 -u root -p mysql | grep 'debian-sys-maint' > debian_user.sql
Is the password in
/etc/mysql/debian.cnf already hashed
The password is not hashed/encrypted when installed, but new versions of mysql now have a way to encrypt the credentials (see: https://serverfault.com/a/750363).
Best Answer
The question is, what will be the cost to your company of the mysql server fails in some obscure way. Will you be able to afford some down-time to restore a copy of your database if it was corrupt for some reason?
If you are running a shopping site, and if the mysql server goes down, the outage will cost you in lost sales. If those lost sales are more then the cost of the enterprise license then not buying the license would be a bad decision.
If this is for a site small blog or something and mysql goes down, you may just annoy a few of your visitors.
You need to decide what your level of risk is, and if you need to pay for professional support to help you minimize that risk.
Keep in mind that when/if you have a critical failure you probably can find someone who will help you, it will just cost you more then if you had gotten a support contract ahead of time.
You may want to at least make sure you a phone number written down of someone you can call in a emergency. There are probably mysql experts that you can hire in a pinch.