NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > MySQL Discussion> 2003-q4

Re: secure automated access (was "Re: Backing up all databases")

From: Michael Stassen (Michael.Stassenverizon.net)
Date: Thu Nov 13 2003 - 14:57:50 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The client (mysql) reads the .my.cnf file when you start it, so
restarting mysqld and relogging in as root are not necessary.

Let's see if I have this straight: While logged in as root, you created
.my.cnf in root's home directory. This file contains the password for
the mysql user "root". Yes? Did you make sure the file was readable
only by root (`chmod 600 .my.cnf` would do the trick)?

Since I'm not sure exactly what happened, I don't know why this didn't
work for you. When you say nothing works, do you mean you cannot
connect via mysql interactively, or your cron job doesn't work? What
error did you get?

If you haven't already, try running mysql. Do you get in, or do you get
"ERROR 1045: Access denied for user: 'rootlocalhost' (Using password:
NO)", or do you get something else?

If you don't get in, try

mysql --defaults-file=/path/to/.my.cnf

If that works, then .my.cnf isn't in the right place.

If mysql works interactively, but not via cron, then the problem to be
fixed lies with cron. What error do you get from cron?

Michael

Randall Perry wrote:
> I created the .my.cnf file in root's home dir, added the directives below
> setting the correct password. Restarted mysqld, re-logged in as root, but
> nothing works. It's not getting the password.
>
>
>
>>The simplest solution is to keep the password in the .my.cnf file in
>>your home directory. See http://www.mysql.com/doc/en/Option_files.html
>>in the manual.
>>
>>In the case of root cron jobs then, you need a .my.cnf readable only by
>>root in root's home. It should include
>>
>>[client]
>>password="mysql_root_password"
>>
>>As mysql reads the .my.cnf file, this avoids the ps "sniffing" problem,
>>and also keeps the password out of the script. Because you make the
>>.my.cnf file readable only by root, other users can't see it. (If they
>>can see it, you've got bigger problems than just the mysql password).
>>
>>Michael
>
>
>

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]