|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: ~/.my.cnf syntax for multiple MySQL user accounts per login account?
From: Paul DuBois (paul
mysql.com)
Date: Sun Oct 02 2005 - 20:57:09 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
At 18:50 -0600 10/2/05, s. keeling wrote:
>Incoming from Paul DuBois:
>>
>> At 16:39 -0600 10/2/05, s. keeling wrote:
>> >
>> >The admin account, with no password, doesn't function at all. perl
>> >programs appear to ignore ~/.my.cnf forcing me to open() them and
>> >slurp username and password that way.
>> >
>> >How is this supposed to work? Surely, you're not all embedding
>> >passwords in your source, are you? How can I have separate user and
>> >admin accounts working via ~/.my.cnf from the same login account?
>>
>> I think I'd probably set up aliases that invoke mysql or mysqladmin
>> with a --defaults-extra-file option that contains the username/password
>> for the appropriate account.
>
>Groan. More stuff to learn, configure, maintain, and memorize. I'm
>trying to replicate Unix's "root vs. mere user" security paradigm in
>MySQL. I can do "drop table" as sbk without hurting myself. Doing it
>as keeling risks data loss.
I think your analogy is flawed. If you really want the root vs mere
user distinction, the anolgy would be that you su to the appropriate
user before running MySQL programs. If you did that, the .my.cnf
for each user would be read correctly.
>How about if I submit a feature request? Parse the command line. If
>command == bar and MySQL user == foo, find foo's password stanza for
>bar in ~/.my.cnf, and use that password. That shouldn't be difficult.
If you submit a feature request, I hope that it would be more detailed
than that. I suspect it's not so easy as you think.
>
>Why does a perl program run by my login username ignore MySQL's
>~/.my.cnf? Are MySQL users really embedding passwords in their code?
Because you're not using the mysql_read_default_group or
mysql_read_default_file option in your connect string, most likely.
This is what I do after parsing command line arguments:
# construct data source
my $dsn = "DBI:mysql:sampdb";
$dsn .= ";host=$host_name" if $host_name;
$dsn .= ";port=$port_num" if $port_num;
$dsn .= ";mysql_socket=$socket_name" if $socket_name;
$dsn .= ";mysql_read_default_group=client";
# connect to server
my $dbh = DBI->connect ($dsn, $user_name, $password,
{ RaiseError => 1, PrintError => 0, AutoCommit => 1 });
--
Paul DuBois, MySQL Documentation Team
Madison, Wisconsin, USA
MySQL AB, www.mysql.com
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]