Upload
databaseguys
View
679
Download
3
Embed Size (px)
Citation preview
1
CS 122B: Projects in Database ManagementWinter 2010
Notes 07: DBA -- User Management in MySQLProfessor Chen Li
Department of Computer ScienceUC Irvine
CS122B Notes 07: DBA-User Mgmt
CS122B Notes 07: DBA-User Mgmt 2
Database Administrator• “DBA”:
– Specialist for keeping data clean, available, and safe– Responsible - Planning, Testing, Installation, Tuning
• Why do we need a DBA?– Proper planning is key to setting up a database application– Proper administration is key to running effective DB applications– Neither can be accomplished without a good DBA.
CS122B Notes 07: DBA-User Mgmt 3
DBA Basic Duties• Management - Administration procedures
– Installation and Configuration– Security Administration– Backup and Recovery
• Performance Tuning– Application Tuning– Database Tuning– Client Server Tuning– Parallel Query Tuning– Platform Specific Tuning– Long-running Job Tuning
CS122B Notes 07: DBA-User Mgmt 4
Security Administration• User Assignments
– Create, Alter, and Drop Users– Monitor Users (Accounts, Roles, and Profiles)
• Security Roles– Set of privileges and object grants– Create, alter, and drop Profiles– Create, Alter, and Drop Roles
• Security Profiles– Be used to restrict user(s) to a specific set of resource quotas
CS122B Notes 07: DBA-User Mgmt 5
DBA: Backup and Recovery• Normal OS Backup• Exports and Imports• Archive Logging of Redo Logs• Recovery: allows a DBA to recovery to a
specified day and time or transaction
CS122B Notes 07: DBA-User Mgmt 6
MySQL Database Users and Privileges
• http://dev.mysql.com/doc/refman/5.1/en/user-account-management.html
CS122B Notes 07: DBA-User Mgmt 7
Using create to add user account
• General syntax: • Mysql>CREATE USER user [IDENTIFIED BY [PASSWORD]
'password'] • To use , you must have the global create user privilege or the insert
privilege for the mysql database.• Example:• Mysql> CREATE USER 'user1'@'localhost' IDENTIFIED BY 'pass1'; • (Creates user1 with no privileges)• Grant command needs to be used to assign privileges to this user
CS122B Notes 07: DBA-User Mgmt 8
Assigning passwords
• shell> mysql --user=root –p mysql • mysql> SET PASSWORD FOR 'custom'@'localhost' = PASSWORD('biscuit');• (Only superusers like root have sufficient privileges to change passwords)
Using grant:mysql> GRANT USAGE ON *.* TO 'custom'@'localhost' IDENTIFIED BY
'biscuit';(This assigns the password without affecting the account’s current privileges)
Using insert:• We have seen how a password can be established when creating a new account
Using update:• Change password of existing users, use the update command:mysql> UPDATE user SET Password = PASSWORD('bagel') WHERE Host =
‘localhost' AND User = ‘custom'; Mysql> flush privileges;
CS122B Notes 07: DBA-User Mgmt 9
Drop users• General syntax:• mysql> DROP USER user;• Removes privilege rows from all grant tables for user• you must have the global CREATE USER privilege or the DELETE privilege
for the mysql database.
CS122B Notes 07: DBA-User Mgmt 10
Privileges in MySQLPrivileges in MySQL: What operations are you allowed to
perform?• Privileges are associated with identities: Your Username and
hostname are part of your identity. Ex: joe connecting from example.office.com has a separate identity from joe who connects from home.example.com and they both have separate privileges
• Privilege information is stored in the system grant tables (e.g., user, host, db, etc) of the mysql database
• These tables are read once in memory every time you start SQL server
• Access control works in 2 steps: – When you connect, are you allowed to connect? – After you connect, do you have sufficient privilege for every
statement you issue?
CS122B Notes 07: DBA-User Mgmt 11
Privileges (grant tables)• Scope columns: Determines the context in which the row applies. EX:
when you connect as shell>mysql –u bob –p from the machine thomas.loc.gov the user table row with Host= ‘thomas.loc.gov’ and user=‘bob’ will be
used to authenticate you. If you connect as: shell >mysql –u bob –p –d reports from the machine thomas.loc.gov the Db table row with Host= ‘thomas.loc.gov’ and user=‘bob’ and
DB=‘reports’ will be used to authenticate you.• Privilege Columns: Each privilege in a separate column and is declared as
ENUM(‘Y’, ‘N’) DEFAULT ‘N’ (i.e. default is to disable the privilege)
• To check the privileges for host=localhost and user=testuser use the show grants command (assuming you have sufficient privilege to do this)
mysql>SHOW GRANTS FOR ‘testuser'@localhost;
CS122B Notes 07: DBA-User Mgmt 12
Creating user accounts on all databasesTwo ways to create users:• By using statements intended for creating accounts, such as CREATE USER or
GRANT (Recommended way)• By manipulating the MySQL grant tables directly with statements such as
INSERT, UPDATE, or DELETE
CS122B Notes 07: DBA-User Mgmt 13
Using “Grant” commandsshell> mysql --user=root –p mysql (connect as root to the mysql database)a. > GRANT ALL PRIVILEGES ON *.* TO 'monty'@'localhost' IDENTIFIED
BY 'some_pass' WITH GRANT OPTION; (superuser account with full privileges to do anything, can connect only from
localhost)b. > GRANT RELOAD,PROCESS ON *.* TO 'admin'@'localhost'; (allow the admin user to execute the mysqladmin reload, mysqladmin refresh, and
mysqladmin flush-xxx commands, as well as mysqladmin processlist No privileges are granted for accessing any databases)
c. > GRANT USAGE ON *.* TO 'dummy'@'localhost'; (No privileges are granted. Same effect as setting all the global privileges to 'N' )
CS122B Notes 07: DBA-User Mgmt 14
Using “Insert” commands
• shell> mysql --user=root –p mysql• Mysql> INSERT INTO user
VALUES('localhost','monty',PASSWORD('some_pass'), 'Y','Y','Y',….. ','Y','Y'); (Number of Ys will depend on the version of MySQL.The password() function is necessary for encryption . When using grant, encryption is done automatically)
• Mysql> INSERT INTO user SET Host='localhost',User='admin', Reload_priv='Y', Process_priv='Y’, ssl_cipher='', x509_issuer='', x509_subject='' ; (last 3 required if strict SQL mode is enabled)
• Mysql> INSERT INTO user SET host='localhost', user='dummy' , password= ' ' , ssl_cipher='', x509_issuer='', x509_subject = '' ;
• Mysql> flush privileges; (This tells the server to re-read the grant tables. Otherwise, the changes go unnoticed until you restart the server. Not required when you use GRANT ).
CS122B Notes 07: DBA-User Mgmt 15
Create db-specific accounts using a “Grant” command
• shell> mysql --user=root –p mysql • mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON
bankaccount.* TO 'custom'@'localhost' IDENTIFIED BY 'obscure'; • mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON
expenses.* TO 'custom'@'whitehouse.gov' IDENTIFIED BY 'obscure';
• mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON customer.* TO 'custom'@'server.domain' IDENTIFIED BY 'obscure';
• All 3 accounts have username = ‘custom’ and password = ‘obscure’• The first account can access the bankaccount database, but only from the
local host. • The second account can access the expenses database, but only from the
host whitehouse.gov. • The third account can access the customer database, but only from the
host server.domain.
CS122B Notes 07: DBA-User Mgmt 16
Create db-specific accounts using a “Insert” command
• shell> mysql --user=root –p mysql • mysql> INSERT INTO user (Host,User,Password, ssl_cipher, x509_issuer,
x509_subject) VALUES('localhost','custom',PASSWORD('obscure'), '', '', '' ); • mysql> INSERT INTO user (Host,User,Password, ssl_cipher, x509_issuer,
x509_subject) VALUES('whitehouse.gov','custom',PASSWORD('obscure'), '', '', '' ); • mysql> INSERT INTO user (Host,User,Password, ssl_cipher, x509_issuer,
x509_subject) VALUES('server.domain','custom',PASSWORD('obscure'), '', '', '' );
• (No privilege assigned yet, all privileges are set to ‘N’ by default)• In addition to the user table, we also insert into the Db table for each account
• mysql> INSERT INTO db (Host,Db,User,Select_priv,Insert_priv, Update_priv,Delete_priv,Create_priv,Drop_priv) VALUES('localhost','bankaccount','custom', 'Y','Y','Y','Y','Y','Y');
• mysql> INSERT INTO db (Host,Db,User,Select_priv,Insert_priv, Update_priv,Delete_priv,Create_priv,Drop_priv) VALUES('whitehouse.gov','expenses','custom', 'Y','Y','Y','Y','Y', 'Y');
• mysql> INSERT INTO db (Host,Db,User,Select_priv,Insert_priv, Update_priv,Delete_priv,Create_priv,Drop_priv) VALUES('server.domain','customer','custom', 'Y','Y','Y','Y','Y','Y');
• mysql> FLUSH PRIVILEGES;
CS122B Notes 07: DBA-User Mgmt 17
Revoke Privileges• mysql> revoke priv_type on [object_type] from userobject_type= * | *.* | db_name.* | db_name.tbl_name | tbl_name |
db_name.routine_name
Examples: • mysql> revoke select on *.* from 'monty'@'localhost';(you must have the GRANT OPTION privilege, and you must have the privileges that
you are revoking )• To revoke all privileges:• mysql> REVOKE ALL PRIVILEGES, GRANT OPTION FROM
'monty'@'localhost';(drops all global, database-, table-, column-, and routine-level privileges for
'monty'@'localhost') • NOTE: REVOKE does not remove an account's user table record, even if you
revoke all privileges for the account. (see example on next slide)