you could put a shell script as the actual cron job, and make the file only read-able by root, using an environment variable as the password passed (defined in shell script file), so that way even if someone 'sniffs' the process via 'ps -ef' they don't see the actual password (if they happen to catch the setting of the env var that's another story, but _much_ less likely)
> -----Original Message----- > From: Randall Perry [mailto:[EMAIL PROTECTED] > Sent: Wednesday, November 12, 2003 9:10 AM > To: Cormac Tiernan > Cc: [EMAIL PROTECTED] > Subject: Re: Backing up all databases > > > Well, this command is running in a cron job -- so that's not > an option. > > > > > > Be aware that you password is visible (unix anyway with a > "ps -ef"..) when you > > pass the password like -ppassword. Usually you can enter > the password later > > if > > you use > > usr/local/mysql/bin/mysqldump --opt --all-databases -p > > which avoids the password being visible.. > > > > Cormac. > > > > On 12-Nov-2003 Randall Perry wrote: > >> Ok, I was confused about the password thing. It works now > that I'm passing > >> root's password in the command: > >> > >> /usr/local/mysql/bin/mysqldump --opt --all-databases > -prootpassword > > >> /usr/local/mysql/data/mysqldump > >> > >>> You're joking, right? (Perhaps you thought the original > question was a > >>> joke, too, as root normally has access to all dbs?) > >>> > >>> As I understand the manual > <http://www.mysql.com/doc/en/GRANT.html>, > >>> that will give root access to every db, from every host except > >>> localhost, with no password! I can't imagine that's a > good idea. And > >>> even so, I don't think this will help, as he's connecting > from localhost. > >>> > >>> If we take the question at face value, it appears he has > some dbs that > >>> root can't access. (I've never tried it, but I supppose > it's possible > >>> to revoke root's access to a particular db.) If we assume > >>> [EMAIL PROTECTED] has a password we don't want to change, the correct > >>> command would be > >>> > >>> GRANT ALL ON *.* to [EMAIL PROTECTED]; > >>> > >>> If he wants to change root's password at the same time, > he would need to > >>> add the IDENTIFIED BY clause > >>> > >>> GRANT ALL ON *.* to [EMAIL PROTECTED] IDENTIFIED BY 'newpassword'; > >>> > >>> Am I missing something? > >>> > >> > >> > >> -- > >> Randall Perry > >> sysTame > >> > >> Xserve Web Hosting/Co-location > >> Website Development/Promotion > >> Mac Consulting/Sales > >> > >> http://www.systame.com/ > >> > >> > >> > >> -- > >> MySQL General Mailing List > >> For list archives: http://lists.mysql.com/mysql > >> To unsubscribe: > >> http://lists.mysql.com/[EMAIL PROTECTED] > >> > > > > ---------------------------------- > > E-Mail: Cormac Tiernan <[EMAIL PROTECTED]> > > Date: 12-Nov-2003 > > Time: 15:01:53 > > > > This message was sent by XFMail > > ---------------------------------- > > -- > Randall Perry > sysTame > > Xserve Web Hosting/Co-location > Website Development/Promotion > Mac Consulting/Sales > > http://www.systame.com/ > > > > -- > MySQL General Mailing List > For list archives: http://lists.mysql.com/mysql > To unsubscribe: > http://lists.mysql.com/[EMAIL PROTECTED] > > -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
