MySQL: Difference between revisions

Latest revision as of 06:49, 21 August 2017

References

Install & Secure

After install, run mysql_secure_installation to tighten the installation:

/usr/bin/mysql_secure_installation

Passwords

Use option file for password

Instead of giving password on the command-line with option -p PWD, a safer method is to use a password file:

Create a file ~/.my.cnf:

[mysl]
user=root
password="PASSWORD"

This file must contain an entry for all tools used. For instance:

[client]
user=root
password="PASSWORD"

[mysql]
user=root
password="PASSWORD"

[mysqldump]
user=root
password="PASSWORD"

[mysqldiff]
user=root
password="PASSWORD"

Change file permission:

 chmod 600 ~/.my.cnf

Now we can connect without exposing the password:

 mysql -u root

Change

Using mysqladmin:

unset HISTFILE                                       # <-- DO NOT FORGET IT, OR PWD WILL APPEAR IN ~/.bash_history
mysqladmin -u USERNAME password NEWPWD               # Assumes no password set - use user=root for admin pwd
mysqladmin -u USERNAME -p'OLDPWD' password NEWPWD

If you forget to unset HISTFILE, delete your history file immediately:

rm ~/.bash_history

Using MySQL commands. First we connect to MySQL server and select table mysql (don't forget to DISABLE HISTORY FILE !!!):

MYSQL_HISTFILE=/dev/null mysql -u root -p mysql

Here the script:

update user set password=PASSWORD("NEWPWD") where User='USERNAME';
flush privileges;
quit

Recover root password

If the MySQL root password is lost, the same script can be used to define a new password, but it requires to restart the MySQL server with option --skip-grant-tables:

sudo service mysql stop                       # Stop MySQL server
sudo mysqld_safe --skip-grant-tables &        # Restart it with option not to ask for passwords
sudo su
MYSQL_HISTFILE=/dev/null mysql -u root mysql  # Connect to MySQL, table mysql

Apply the MySQL script above:

update user set password=PASSWORD("NEWPWD") where User='root';
flush privileges;
quit

Then restart the server:

sudo /etc/init.d/mysql stop
sudo service mysql start

Backup / Restore

To backup / restore all mysql database over the network [1]:

unset HISTFILE                         # Or use option file to avoid exposing the password
mysqldump -u root -pPASSWORD --all-databases | ssh USER@NEW.HOST.COM 'cat - | mysql -u root -pPASSWORD'

@@ Line 2: / Line 2: @@
 * http://www.cyberciti.biz/faq/mysql-change-root-password/
 * http://www.cyberciti.biz/tips/recover-mysql-root-password.html
+== Install & Secure ==
+After install, run <code>mysql_secure_installation</code> to tighten the installation:
+<source lang="bash">
+/usr/bin/mysql_secure_installation
+</source>
 == Passwords ==
+=== Use option file for password ===
+Instead of giving password on the command-line with option <code>-p PWD</code>, a safer method is to use a password file:
+* Create a file {{file|~/.my.cnf}}:
+ [mysl]
+ user=root
+ password="PASSWORD"
+:This file must contain an entry for all tools used. For instance:
+ [client]
+ user=root
+ password="PASSWORD"
+ [mysql]
+ user=root
+ password="PASSWORD"
+ [mysqldump]
+ user=root
+ password="PASSWORD"
+ [mysqldiff]
+ user=root
+ password="PASSWORD"
+* Change file permission:
+<source lang=bash>
+ chmod 600 ~/.my.cnf
+</source>
+* Now we can connect without exposing the password:
+<source lang=bash>
+ mysql -u root
+</source>
 === Change ===
@@ Line 9: / Line 46: @@
 Using '''mysqladmin''':
 <source lang="bash">
+unset HISTFILE                                       # <-- DO NOT FORGET IT, OR PWD WILL APPEAR IN ~/.bash_history
 mysqladmin -u USERNAME password NEWPWD               # Assumes no password set - use user=root for admin pwd
 mysqladmin -u USERNAME -p'OLDPWD' password NEWPWD
 </source>
+If you forget to unset <tt>HISTFILE</tt>, {{red|'''delete your history file immediately'''}}:
-{{red|!!! SECURITY HOLE !!!}} &mdash; don't forget to '''DELETE YOUR BASH HISTORY FILE''' !!!
 <source lang="bash">
 rm ~/.bash_history
@@ Line 20: / Line 58: @@
 Using '''MySQL commands'''. First we connect to MySQL server and select table <tt>mysql</tt> (don't forget to '''DISABLE HISTORY FILE''' !!!):
 <source lang="bash">
-% MYSQL_HISTFILE=/dev/null mysql -u root -p mysql
+MYSQL_HISTFILE=/dev/null mysql -u root -p mysql
 </source>
 Here the script:
@@ Line 33: / Line 71: @@
 <source lang="bash">
-sudo /etc/init.d/mysql stop                   # Stop MySQL server
+sudo service mysql stop                       # Stop MySQL server
 sudo mysqld_safe --skip-grant-tables &        # Restart it with option not to ask for passwords
+sudo su
-sudo mysql -u root mysql                      # Connect to MySQL, table mysql
+MYSQL_HISTFILE=/dev/null mysql -u root mysql  # Connect to MySQL, table mysql
 </source>
-Apply the MySQL script above, and restart the server:
+Apply the MySQL script above:
+<source lang="mysql">
+update user set password=PASSWORD("NEWPWD") where User='root';
+flush privileges;
+quit
+</source>
+Then restart the server:
 <source lang="bash">
-sudo /etc/init.d/mysql restart
+sudo /etc/init.d/mysql stop
+sudo service mysql start
+</source>
+== Backup / Restore ==
+To backup / restore all mysql database over the network [https://www.marcus-povey.co.uk/2013/03/25/moving-a-mysql-database-between-servers-using-a-single-ssh-command/]:
+<source lang=bash>
+unset HISTFILE                         # Or use option file to avoid exposing the password
+mysqldump -u root -pPASSWORD --all-databases | ssh USER@NEW.HOST.COM 'cat - | mysql -u root -pPASSWORD'
 </source>

MySQL: Difference between revisions

Latest revision as of 06:49, 21 August 2017

Contents

References

Install & Secure

Passwords

Use option file for password

Change

Recover root password

Backup / Restore

Navigation menu

MySQL: Difference between revisions

Latest revision as of 06:49, 21 August 2017

References

Install & Secure

Passwords

Use option file for password

Change

Recover root password

Backup / Restore

Navigation menu

Search