/[cvs]/nfo/doc/computing/sysadmin/linux/howto-mysql-common-tasks.txt
ViewVC logotype

Annotation of /nfo/doc/computing/sysadmin/linux/howto-mysql-common-tasks.txt

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.2 - (hide annotations)
Sat Sep 14 16:23:13 2002 UTC (22 years, 3 months ago) by cvsjoko
Branch: MAIN
CVS Tags: HEAD
Changes since 1.1: +85 -73 lines
File MIME type: text/plain
no message

1 cvsjoko 1.2 -------------------------------------------------------------------
2     $Id: howto-mysql-common-tasks.txt,v 1.1 2002/02/14 00:21:11 cvsjoko Exp $
3    
4     $Log: howto-mysql-common-tasks.txt,v $
5     Revision 1.1 2002/02/14 00:21:11 cvsjoko
6     + new
7    
8     -------------------------------------------------------------------
9    
10    
11     =========================================================
12     establish basic safety privileges
13     =========================================================
14    
15     - we assume a running mysql-daemon,
16     else start it via "safe_mysqld" or (newer versions) with "mysqld_safe" in the mysql/bin/ - directory
17     - run mysql-client: [root@host]# mysql (you should be logged in as "root")
18     - select database: mysql> use mysql;
19    
20     - deny access for user "root" from the outer space (not localhost)
21     mysql> delete from user where user='root' and host='%';
22     mysql> flush privileges;
23     - assure everything is all right and you will be able to re-login again later ;)
24     mysql> select * from user;
25     --> there should be (as a minimum) an entry like ...
26     --- snip ---
27     | localhost | root | | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y |
28     --- snip ---
29     ... which gives access-rights for user "root" at localhost with no password
30     - test for safety
31     mysql> select * from user;
32     --> there should be no other "root"-entry in the "user"-table then the one established above
33    
34    
35     =========================================================
36     add new databases and grant access to them for new mysql-user-accounts
37     =========================================================
38    
39     - we assume a running mysql-daemon,
40     else start it via "safe_mysqld" or (newer versions) with "mysqld_safe" in the mysql/bin/ - directory
41     - run mysql-client: [root@host]# mysql (you should be logged in as "root")
42    
43     - create database
44     mysql> create database <databasename>;
45    
46     - add new user
47     mysql> use mysql;
48     mysql> insert into user (host, user, password) values ('localhost', '<username>', password('<password>'));
49    
50     - grant access for local usage (e.g. from php- or cgi-scripts)
51     mysql> use mysql;
52     mysql> insert into db values ('localhost', '<databasename>', '<username>', 'Y','Y','Y','Y','Y','Y','N','Y','Y','Y');
53    
54     - apply changes to privileges
55     mysql> flush privileges;
56    
57     - test access to new database
58     - logout from mysql in "root"-mode
59     - login to mysql-daemon as newly created user using the new database
60     mysql> mysql -u<username> -p<password> <databasename>
61     or leave "<password>" empty for supplying the password invisible ;)
62     - this should work!
63    
64     - TODO:
65     - there should be a (perl-)script (perhaps there is already one coming with mysql)
66     to pass "databasename", "username" and "password" to,
67     which should execute the tasks described above non-interactively ;)
68     - note: use regression-checks
69     - don't re-create database
70     - if user already exists, just modify password!!!
71     - don't accept empty arguments!
72     - note: integrate into the gsn-framework (on the long term)
73     - user "service" should be able to access the mysqld-daemon with root-privileges from a remote location
74     in order to be able to absolve all requests seamlessly without any user interaction
75    
76    
77     =========================================================
78     add a "root-warrior" account
79     =========================================================
80     - this user should be able to to anything from remote side
81    
82     mysql> use mysql;
83     mysql> insert into user values ('%', 'patman_warrior', password('pw'), 'Y','Y','Y','Y','Y','Y','N','N','N','N','N','N','N','Y');
84     mysql> flush privileges;
85    

MailToCvsAdmin">MailToCvsAdmin
ViewVC Help
Powered by ViewVC 1.1.26 RSS 2.0 feed