Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

What does this mean

1 view
Skip to first unread message

Hardy Merrill

unread,
Mar 16, 2001, 11:46:02 AM3/16/01
to
Charles,

I think I know what's happening - your MySQL "root" user has
a password, and "mysqladmin" wants a password before it will
execute for "root". If you want to run mysqladmin through
cron(as a part of logrotate), you'll need to use an option file
in the unix "root" user's home account(.my.cnf in "root's
home directory) where you specify something like this:

[mysqladmin]
user=root
password=root_password

That way mysqladmin will run from the unix "root" user, and
will pick up the user and password from the option file, so
it can run unattended. From then on, when you run mysqladmin
from the Unix "root" user, by default it will run as the MySQL
"root" user, and you won't have to type in the MySQL "root"
user's password.

There is a GOTCHA - just be aware that when you use option
files to give defaults for things, those defaults can be
overridden on the command line, but options NOT specified
on the command line that *ARE* present in the option file
will be taken from the option file.

=================================
====== Be Aware =================
=================================
BE AWARE that it is advisable to create a UNIX *NON* "root"
lesser-privileged user for MySQL administration purposes
(running "mysqladmin" for instance) - then scheduled jobs
for MySQL can be run from that non-root user - you could
put an option file in that unix user's home directory to give
defaults for commands that it will run.

HTH.

--
Hardy Merrill
Mission Critical Linux, Inc.
http://www.missioncriticallinux.com

Charles L Hagen [cha...@execpc.com] wrote:
> Found this message from mysql in my root mailbox. What does it mean?
>
> "errors occured while rotating /var/lib/mysql/mysqld.log {
>
> ^G/usr/bin/mysqladmin: connect to server at 'localhost' failed
> error: 'Access denied for user: 'root@localhost' (Using password: NO)'
> error running postrotate script"
>
>
> --
> Charles L. Hagen
> Engineer
> Hagen IT
> 920-261-8499
>
>
> ---------------------------------------------------------------------
> Before posting, please check:
> http://www.mysql.com/manual.php (the manual)
> http://lists.mysql.com/ (the list archive)
>
> To request this thread, e-mail <mysql-th...@lists.mysql.com>
> To unsubscribe, e-mail <mysql-unsubscribe-merrill=missioncriti...@lists.mysql.com>
> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php

--
Hardy Merrill
Mission Critical Linux, Inc.
http://www.missioncriticallinux.com

---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)

To request this thread, e-mail <mysql-th...@lists.mysql.com>
To unsubscribe, e-mail <mysql-unsubscribe-mysql=sluk...@lists.mysql.com>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php

Mark Maggelet

unread,
Mar 16, 2001, 2:04:01 PM3/16/01
to
I think it would be easier to just go:
mysqladmin -uuser -ppassword

>maggelet=mminter...@lists.mysql.com>


>Trouble unsubscribing? Try:
>http://lists.mysql.com/php/unsubscribe.php

---------------------------------------------------------------------

Hardy Merrill

unread,
Mar 16, 2001, 2:54:02 PM3/16/01
to
Sure it's easier, but which is safer?

I don't have Charles first message on this topic, but I believe
his error message was from logrotate which is a cron job.
If Charles put

mysqladmin -uuser -ppassword

into a cron job, then the user's(root?) password would be in
open view to anybody who could view the crontab - granted, you
would have to be root to view the root crontab, but putting
the password to the MySQL user right in the cron command is
just a little too "loose" for me. A safer method would be to
"hide" the user/pw in the Unix user's home directory in the
.my.cnf file, as I outlined below.

Mark Maggelet

unread,
Mar 16, 2001, 3:08:01 PM3/16/01
to
On Fri, 16 Mar 2001 13:35:18 -0500, Hardy Merrill
(mer...@missioncriticallinux.com) wrote:
>Sure it's easier, but which is safer?
>
>I don't have Charles first message on this topic, but I believe
>his error message was from logrotate which is a cron job.
>If Charles put
>
> mysqladmin -uuser -ppassword
>
>into a cron job, then the user's(root?) password would be in
>open view to anybody who could view the crontab - granted, you
>would have to be root to view the root crontab, but putting
>the password to the MySQL user right in the cron command is
>just a little too "loose" for me. A safer method would be to
>"hide" the user/pw in the Unix user's home directory in the
>..my.cnf file, as I outlined below.

Uh... root can read those too. If you're imagining a situation where
someone just rooted you in order to get access to MySQL, I guess it's
possible that doing it this way will slow him down by about 5
minutes, but I don't really think it's an issue.

0 new messages