RE: MySQLDump - Command line password
Hi, For confirming that password is shown or not in ps -ef, just try to connect to your server using your password ,then in a new window just do ps -ef --width 400 |grep mysql You will find the output like below which doesn't show the password -uroot -px xxx Atleast it is not showing in my case. Anurag -Original Message- From: Rich Allen [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 20, 2005 6:20 AM To: Cabbar Duzayak Cc: mysql@lists.mysql.com Subject: Re: MySQLDump - Command line password have you looked at using a my.cnf file? eMac:~ hcir$ mysqldump test /temp/test.sql eMac:~ hcir$ ls -l /temp/test.sql -rw-r--r-- 1 hcir staff 78893008 Jul 19 16:47 /temp/test.sql contents of ~/.my.cnf [client] user= username password= password # actual username and password of course are not 'username' and 'password' On Jul 19, 2005, at 3:40 PM, Cabbar Duzayak wrote: Hi, I have setup cronjobs to take daily backups of my db using mysqldump. But the problem is, mysqldump requires the password to be passed via command line, which means anyone on the same machine can take a peek at my password using top, ps -ef, etc. Is there a way of avoiding this, i.e. making it read the password from some file, etc? Or, is there any other alternative I can use? Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Wipro or [EMAIL PROTECTED] immediately and destroy all copies of this message and any attachments. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: MySQLDump - Command line password
Cabbar Duzayak wrote: ... I have setup cronjobs to take daily backups of my db using mysqldump. But the problem is, mysqldump requires the password to be passed via command line, which means anyone on the same machine can take a peek at my password using top, ps -ef, etc. Is there a way of avoiding this, i.e. making it read the password from some file, etc? Or, is there any other alternative I can use? In my backup script, I have something like this mysqldump --password=`cat /path/to/pass_file` --otherOptionsToMysqldump where pass_file is a file with only one line with the password for the username that you use, without trailing spaces, and --otherOptionsToMysqldump are the rest of the arguments that you pass to mysqldump, like -u (for username), or the DB that you want to dump. Don't forget to use the fullpath to the pass_file in case that it doesn't work (or if you want to sleep at night :)). Don't forget to restrict the read access to that file to the root (recommend) or some user (yours?). I recommend you to test the command in a command line, and see if it works, but when it works at command prompt, test if it dumps when it runs from the cron file. Rich: I won't recommend it, because it is a security hole: any user with access to a login in the Machine could access to the DB without restrictions, if he founds that the particular username that is in the my.cnf he has no restrictions to access the DB. Rich and Cabbar: But that also remembered me to set GRANT priviliges of that user only to SELECT, and then he can only read the DB (what could be bad), and not alter it, but the you would need another user to alter the DB. -- Airconditioners and computers have one thing in common: Once you open windows everything fails. Nuno Pereira email: [EMAIL PROTECTED] -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
MySQLDump - Command line password
Hi, I have setup cronjobs to take daily backups of my db using mysqldump. But the problem is, mysqldump requires the password to be passed via command line, which means anyone on the same machine can take a peek at my password using top, ps -ef, etc. Is there a way of avoiding this, i.e. making it read the password from some file, etc? Or, is there any other alternative I can use? Thanks... -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: MySQLDump - Command line password
have you looked at using a my.cnf file? eMac:~ hcir$ mysqldump test /temp/test.sql eMac:~ hcir$ ls -l /temp/test.sql -rw-r--r-- 1 hcir staff 78893008 Jul 19 16:47 /temp/test.sql contents of ~/.my.cnf [client] user= username password= password # actual username and password of course are not 'username' and 'password' On Jul 19, 2005, at 3:40 PM, Cabbar Duzayak wrote: Hi, I have setup cronjobs to take daily backups of my db using mysqldump. But the problem is, mysqldump requires the password to be passed via command line, which means anyone on the same machine can take a peek at my password using top, ps -ef, etc. Is there a way of avoiding this, i.e. making it read the password from some file, etc? Or, is there any other alternative I can use?
