CS 122B: Projects in Database Management

1

CS 122B: Projects in Database ManagementWinter 2010

Notes 07: DBA -- User Management in MySQLProfessor Chen Li

Department of Computer ScienceUC Irvine

CS122B Notes 07: DBA-User Mgmt

CS122B Notes 07: DBA-User Mgmt 2

Database Administrator• “DBA”:

– Specialist for keeping data clean, available, and safe– Responsible - Planning, Testing, Installation, Tuning

• Why do we need a DBA?– Proper planning is key to setting up a database application– Proper administration is key to running effective DB applications– Neither can be accomplished without a good DBA.


DBA Basic Duties• Management - Administration procedures

– Installation and Configuration– Security Administration– Backup and Recovery

• Performance Tuning– Application Tuning– Database Tuning– Client Server Tuning– Parallel Query Tuning– Platform Specific Tuning– Long-running Job Tuning


Security Administration• User Assignments

– Create, Alter, and Drop Users– Monitor Users (Accounts, Roles, and Profiles)

• Security Roles– Set of privileges and object grants– Create, alter, and drop Profiles– Create, Alter, and Drop Roles

• Security Profiles– Be used to restrict user(s) to a specific set of resource quotas


DBA: Backup and Recovery• Normal OS Backup• Exports and Imports• Archive Logging of Redo Logs• Recovery: allows a DBA to recovery to a

specified day and time or transaction


MySQL Database Users and Privileges

• http://dev.mysql.com/doc/refman/5.1/en/user-account-management.html

http://dev.mysql.com/doc/refman/5.1/en/user-account-management.html


Using create to add user account

• General syntax: • Mysql>CREATE USER user [IDENTIFIED BY [PASSWORD]

'password'] • To use , you must have the global create user privilege or the insert

privilege for the mysql database.• Example:• Mysql> CREATE USER 'user1'@'localhost' IDENTIFIED BY 'pass1'; • (Creates user1 with no privileges)• Grant command needs to be used to assign privileges to this user


Assigning passwords

• shell> mysql --user=root –p mysql • mysql> SET PASSWORD FOR 'custom'@'localhost' = PASSWORD('biscuit');• (Only superusers like root have sufficient privileges to change passwords)

Using grant:mysql> GRANT USAGE ON *.* TO 'custom'@'localhost' IDENTIFIED BY

'biscuit';(This assigns the password without affecting the account’s current privileges)

Using insert:• We have seen how a password can be established when creating a new account

Using update:• Change password of existing users, use the update command:mysql> UPDATE user SET Password = PASSWORD('bagel') WHERE Host =

‘localhost' AND User = ‘custom'; Mysql> flush privileges;


Drop users• General syntax:• mysql> DROP USER user;• Removes privilege rows from all grant tables for user• you must have the global CREATE USER privilege or the DELETE privilege

for the mysql database.


Privileges in MySQLPrivileges in MySQL: What operations are you allowed to

perform?• Privileges are associated with identities: Your Username and

hostname are part of your identity. Ex: joe connecting from example.office.com has a separate identity from joe who connects from home.example.com and they both have separate privileges

• Privilege information is stored in the system grant tables (e.g., user, host, db, etc) of the mysql database

• These tables are read once in memory every time you start SQL server

• Access control works in 2 steps: – When you connect, are you allowed to connect? – After you connect, do you have sufficient privilege for every

statement you issue?


Privileges (grant tables)• Scope columns: Determines the context in which the row applies. EX:

when you connect as shell>mysql –u bob –p from the machine thomas.loc.gov the user table row with Host= ‘thomas.loc.gov’ and user=‘bob’ will be

used to authenticate you. If you connect as: shell >mysql –u bob –p –d reports from the machine thomas.loc.gov the Db table row with Host= ‘thomas.loc.gov’ and user=‘bob’ and

DB=‘reports’ will be used to authenticate you.• Privilege Columns: Each privilege in a separate column and is declared as

ENUM(‘Y’, ‘N’) DEFAULT ‘N’ (i.e. default is to disable the privilege)

• To check the privileges for host=localhost and user=testuser use the show grants command (assuming you have sufficient privilege to do this)

mysql>SHOW GRANTS FOR ‘testuser'@localhost;


Creating user accounts on all databasesTwo ways to create users:• By using statements intended for creating accounts, such as CREATE USER or

GRANT (Recommended way)• By manipulating the MySQL grant tables directly with statements such as

INSERT, UPDATE, or DELETE


Using “Grant” commandsshell> mysql --user=root –p mysql (connect as root to the mysql database)a. > GRANT ALL PRIVILEGES ON *.* TO 'monty'@'localhost' IDENTIFIED

BY 'some_pass' WITH GRANT OPTION; (superuser account with full privileges to do anything, can connect only from

localhost)b. > GRANT RELOAD,PROCESS ON *.* TO 'admin'@'localhost'; (allow the admin user to execute the mysqladmin reload, mysqladmin refresh, and

mysqladmin flush-xxx commands, as well as mysqladmin processlist No privileges are granted for accessing any databases)

c. > GRANT USAGE ON *.* TO 'dummy'@'localhost'; (No privileges are granted. Same effect as setting all the global privileges to 'N' )


Using “Insert” commands

• shell> mysql --user=root –p mysql• Mysql> INSERT INTO user

VALUES('localhost','monty',PASSWORD('some_pass'), 'Y','Y','Y',….. ','Y','Y'); (Number of Ys will depend on the version of MySQL.The password() function is necessary for encryption . When using grant, encryption is done automatically)

• Mysql> INSERT INTO user SET Host='localhost',User='admin', Reload_priv='Y', Process_priv='Y’, ssl_cipher='', x509_issuer='', x509_subject='' ; (last 3 required if strict SQL mode is enabled)

• Mysql> INSERT INTO user SET host='localhost', user='dummy' , password= ' ' , ssl_cipher='', x509_issuer='', x509_subject = '' ;

• Mysql> flush privileges; (This tells the server to re-read the grant tables. Otherwise, the changes go unnoticed until you restart the server. Not required when you use GRANT ).


Create db-specific accounts using a “Grant” command

• shell> mysql --user=root –p mysql • mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON

bankaccount.* TO 'custom'@'localhost' IDENTIFIED BY 'obscure'; • mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON

expenses.* TO 'custom'@'whitehouse.gov' IDENTIFIED BY 'obscure';

• mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON customer.* TO 'custom'@'server.domain' IDENTIFIED BY 'obscure';

• All 3 accounts have username = ‘custom’ and password = ‘obscure’• The first account can access the bankaccount database, but only from the

local host. • The second account can access the expenses database, but only from the

host whitehouse.gov. • The third account can access the customer database, but only from the

host server.domain.


Create db-specific accounts using a “Insert” command

• shell> mysql --user=root –p mysql • mysql> INSERT INTO user (Host,User,Password, ssl_cipher, x509_issuer,

x509_subject) VALUES('localhost','custom',PASSWORD('obscure'), '', '', '' ); • mysql> INSERT INTO user (Host,User,Password, ssl_cipher, x509_issuer,

x509_subject) VALUES('whitehouse.gov','custom',PASSWORD('obscure'), '', '', '' ); • mysql> INSERT INTO user (Host,User,Password, ssl_cipher, x509_issuer,

x509_subject) VALUES('server.domain','custom',PASSWORD('obscure'), '', '', '' );

• (No privilege assigned yet, all privileges are set to ‘N’ by default)• In addition to the user table, we also insert into the Db table for each account

• mysql> INSERT INTO db (Host,Db,User,Select_priv,Insert_priv, Update_priv,Delete_priv,Create_priv,Drop_priv) VALUES('localhost','bankaccount','custom', 'Y','Y','Y','Y','Y','Y');

• mysql> INSERT INTO db (Host,Db,User,Select_priv,Insert_priv, Update_priv,Delete_priv,Create_priv,Drop_priv) VALUES('whitehouse.gov','expenses','custom', 'Y','Y','Y','Y','Y', 'Y');

• mysql> INSERT INTO db (Host,Db,User,Select_priv,Insert_priv, Update_priv,Delete_priv,Create_priv,Drop_priv) VALUES('server.domain','customer','custom', 'Y','Y','Y','Y','Y','Y');

• mysql> FLUSH PRIVILEGES;


Revoke Privileges• mysql> revoke priv_type on [object_type] from userobject_type= * | *.* | db_name.* | db_name.tbl_name | tbl_name |

db_name.routine_name

Examples: • mysql> revoke select on *.* from 'monty'@'localhost';(you must have the GRANT OPTION privilege, and you must have the privileges that

you are revoking )• To revoke all privileges:• mysql> REVOKE ALL PRIVILEGES, GRANT OPTION FROM

'monty'@'localhost';(drops all global, database-, table-, column-, and routine-level privileges for

'monty'@'localhost') • NOTE: REVOKE does not remove an account's user table record, even if you

revoke all privileges for the account. (see example on next slide)

Documents

CS 122B: Projects in Database Management