The preinst script in the Debian/Ubuntu packages for MySQL sets the default home directory for the MySQL server to /nonexistent, presumably as a security measure - the MySQL server has its own datadir path that it uses like a home dir.
However, a side effect of this is that when MySQL starts, it generates this message:
No directory, logging in with HOME=/
What concerns me here is that this does not look good from a security standpoint. It suggests that it would push MySQL to attempt to create files in /; obviously it should fail to do that because of permissions, but it would be better for it not to even try. I've seen answers that 'solve' this by creating the home dir, but that seems nonsensical as the whole point of doing it is that it does not, though it may be 'safe' because MySQL is also set to use /bin/false as its shell.
Would it be safer to set it to something that does exist and that MySQL has ownership of, such as /var/lib/mysql?
Or create the folder, but don't allow MySQL to write to it?
Is there a cleaner solution?
To get rid of this message you could just assign a home directory to the mysql user:
and the message should be gone. This works for me, but I have not checked if this has any other implications, e.g. regarding security.