Archive for the ‘MySQL’ Category

« Older Entries
Newer Entries »

Mysql: How to disable single database without dropping or renaming it

Wednesday, January 22nd, 2014

mysql rename forbid disable database howto logo, how to disable single database without dropping it
A colleague of mine working on MySQL database asked me How it is possible to disable a MySQL database. He is in situation where the client has 2 databases and application and is not sure which of the two databases the application uses. Therefore the client asked one of the database is disabled and wait for few hours and see if something will break / stop working and in that way determine which of the two database is used by application.

My first guess was to backup both databases and drop one of them, then if it is the wrong one to restore from the SQL dump backup, however this wasn't acceptable solution. So second I though of RENAME of database to another one and then reverting the name, however as it is written in MySQL documentation RENAME database function was removed from MySQL (found to be dangerous) since version 5.1.23 onwards. Anyhow there is a quick hack to rename mysql database using a for loop shell script one below:

mysql -e "CREATE DATABASE \`new_database\`;"
for table in `mysql -B -N -e "SHOW TABLES;" old_database`
do
  mysql -e "RENAME TABLE \`old_database\`.\`$table\` to \`new_database\`.\`$table\`"
  done
  mysql -e "DROP DATABASE \`old_database\`;"

Other possible solution was to change permissions of Application used username, however this was also complicated from mysql cli, hence I thought of installing and using PHPMyAdmin to make modify of db user permissions easier but on this server there wasn't Apache installed and MySQL is behind a firewall and only accessible via java tomcat host.

Finally after some pondering what can be done I came with solution to request to disable mysql database using chmod in /var/lib/mysql/data/, i.e.:

sql-server:~# chmod 0 /var/lib/mysql/databasename
Where databasename is the same as the database is named listable via mysql cli.

After doing it that way with no need to restart MySQL server database stopped to appear in show databases; and client confirmed that disabled database is no longer needed so we proceeded dropping it.

Hope this little article will help someone out there. Cheers :

Tags: , , , , , , , , , , , , , , , , , ,
Posted in MySQL, System Administration, Various, Web and CMS | 4 Comments »

MySQL SSL Configure Howto – How to Make MySQL communication secured

Wednesday, January 15th, 2014

mysql-over-ssl-how-to-configure-logo how to configure ssl on mysql server

Recently I've been asked How to make communication to MySQL database encrypted. The question was raised by a fellow developer who works on developing a Desktop standalone application in Delphi Programming Language with DevArt an (SQL Connection Component capable to connect Delphi applications to multiple databases like MySQL, Oracle, PostgreSQL, Interbase, Firebird etc.

Communicating in Secured form to MySQL database is not common task to do, as MySQL usually communicates to applications hosted on same server or applications to communicate to MySQL are in secured DMZ or administrated via phpMyAdmin web interface.

MySQL supports encrypted connections to itself using Secure Socket Layer (SSL) encryption. Setting up MySQL db to be communicated encrypted is a must for standalone Desktop applications which has to extract / insert data via remote SQL.
Configuring SQL to support communicated queries encrpytion is supported by default and easily configured on most standard Linux version distributions (Debian, RHEL, Fedora) with no need to recompile it.
1. Generate SSL Certificates

$ mkdir /etc/mysql-ssl && cd mysql-ssl

# Create CA certificate
$ openssl genrsa 2048 > ca-key.pem
$ openssl req -new -x509 -nodes -days 3600 \
         -key ca-key.pem -out ca-cert.pem

Create server certificate, remove passphrase, and sign it
server-cert.pem is public key, server-key.pem is private key
$ openssl req -newkey rsa:2048 -days 3600 \
         -nodes -keyout server-key.pem -out server-req.pem
$ openssl rsa -in server-key.pem -out server-key.pem
$ openssl x509 -req -in server-req.pem -days 3600 \
         -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem

Create client certificate, remove passphrase, and sign it
client-cert.pem is public key and client-key.pem is private key
$ openssl req -newkey rsa:2048 -days 3600 \
         -nodes -keyout client-key.pem -out client-req.pem
$ openssl rsa -in client-key.pem -out client-key.pem
$ openssl x509 -req -in client-req.pem -days 3600 \
         -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem
After generating the certificates, verify them:

$ openssl verify -CAfile ca-cert.pem server-cert.pem client-cert.pem
 

2. Add SSL support variables to my.cnf

Once SSL key pair files are generated in order to active SSL encryption support in MySQL server, add to (/etc/my.cnf,  /etc/mysql/my.cnf, /usr/local/etc/my.cnf … ) or wherever config is depending on distro

# SSL
ssl-ca=/etc/mysql-ssl/ca-cert.pem
ssl-cert=/etc/mysql-ssl/server-cert.pem
ssl-key=/etc/mysql-ssl/server-key.pem
3. Restart MySQL server

/etc/init.d/mysqld restart
...

4. Create SQL user to require SSL login

Create new user with access to database;

GRANT ALL ON Sql_User_DB.* TO Sql_User@localhost;
FLUSH PRIVILEGES;
To create administrator privileges user:

GRANT ALL PRIVILEGES ON *.* TO ‘ssluser’@'%’ IDENTIFIED BY ‘pass’ REQUIRE SSL;
FLUSH PRIVILEGES;
5. Test SSL Connection with MySQL CLI client or with few lines of PHP

To use mysql cli for testing whether SSL connection works:

$ mysql -u ssluser -p'pass' –ssl-ca /etc/mysql-ssl/client-cert.pem –ssl-cert /etc/mysql-ssl/client-key.pem

Once connected to MySQL to verify SSL connection works fine:

mysql> SHOW STATUS LIKE 'Ssl_Cipher';
 +---------------+--------------------+
| Variable_name | Value              |
 +---------------+--------------------+
| Ssl_cipher    | DHE-RSA-AES256-SHA |
+---------------+--------------------+

If you get this output this means MySQL SSL Connection is working as should.

Alternative way is to use test-mysqli-ssl.php script to test availability to mysql over SSL.

$conn=mysqli_init();
mysqli_ssl_set($conn, '/etc/mysql-ssl/client-key.pem', '/etc/mysql-ssl/client-cert.pem', NULL, NULL, NULL);
if (!mysqli_real_connect($conn, '127.0.0.1', 'ssluser', 'pass')) { die(); }
$res = mysqli_query($conn, 'SHOW STATUS like "Ssl_cipher"');
print_r(mysqli_fetch_row($res));
mysqli_close($conn);
Note: Change username password according to your user / pass before using the script

That's all now you have mysql communicating queries data over SSL

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in MySQL, System Administration, Web and CMS | No Comments »

Fix CREATE command denied to user ‘mailuser’@’localhost’ for table ‘virtual_domains’

Saturday, July 13th, 2013

I'm doing a new postfix + dovecot installation and after following workaround.org guide, to create MySQL databases and testing by logging in with mysql cli and trying to create databases as pointed by guide I stubmed on error:

CREATE command denied to user 'mailuser'@'localhost' for table 'virtual_domains'

The error is because, mailuser doesn't have permissions to create tables in mailserver DB to fix that: I had to login in MySQL server as root and issue GRANT PRIVILEGES on table, i.e.:

mysql -u root -p
password:
mysql> GRANT ALL PRIVILEGES ON `mailserver`.* TO 'mailuser'@'localhost';
 

Problem Solved! 😉

Tags: , , ,
Posted in MySQL, Postfix | No Comments »

Alternative way to enter as administrator in MySQL if you forgot MySQL root password on Debian Linux

Wednesday, July 10th, 2013

Forgot MySQL password root alternative way to enter as administrator in MyQL MySQL logo with 2 dolphins

Whether you have to administrate a bunch of chaotic organized MySQL servers and amount of work is more than you can bear it is very common you make stupid mistakes, like loosing MySQL root adminsitrator password. There is way to recover password by stopping SQL server and starting it with –skip-grant-tables options via SSH , however if you do it that way there is at least few seconds of down time and as its not a good idea on productive servers Debian and Ubuntu Linux admins have better way to do it by using MySQL default user used to check whether all is fine with database on MySQL server initialization via /etc/init.d/mysql. User with GRANT PRIVILEGES, (all MySQL administrator users have grant privileges) on Debian based distributions is debian-sys-maint and whether you have root access to server you can easily obtain password with:

# grep -i -E 'user|pass' /etc/mysql/debian.cnf |uniq

user = debian-sys-maint

password = k6x6tBUBfHN3ZxHv

Using this password then you can login via mysql cli or via PhpMyAdmin, whether installed and do any normal SQL operation you do as root. Of course having this password in plain text file can be very dangerous, by default it is configured to be only red by root be careful not to change this permissions by default as anyone who has access to system can then access your SQL as administrator.
To reset MySQL root password once logged in run:

UPDATE USER set password=PASSWORD('NEW_PASS_WORD') where USER='root';
FLUSH PRIVILEGES;

Enjoy 😉
 

Tags: , , , , , , , , , ,
Posted in Computer Security, Linux, MySQL, System Administration, Various | No Comments »

How to add a new MySQL user to have INSERT,UPDATE,DELETE permissions to a Database

Tuesday, October 25th, 2011

I needed to add a newly created MySQL user with no access to any database with no special permissions (user is created from phpmyadmin) with some permissions to a specific database which is used for the operation of a website, here are the MySQL CLI client commands I issued to make it work:

# mysql -u root -p
mysql> GRANT ALL ON Sql_User_DB.* TO Sql_User@localhost;
mysql> FLUSH PRIVILEGES;

Where in the Example Sql_User_DB is my example database to which the user is granted access and my sample user is Sql_User .
Note that without FLUSH PRIVILEGES; new privileges might not be active. 

To test further if all is fine login with Sql_User and try to list database tables.

$ mysql -u Sql_User -p
password:
mysql> USE Sql_User_DB;
mysql> SHOW TABLES;
...

Tags: , , , , , , , , , , , , , , , , , , , ,
Posted in Linux, MySQL, System Administration, Various, Web and CMS | No Comments »

Make daily Linux MySQL database backups with shell script

Thursday, May 23rd, 2013

Creating database backup with MySQL with mysqlbackupper and mysqlback shell scripts easy create mysql backups

Some time ago, I've written a tiny shell script which does dumps of Complete (SQL Script) MySQL databases. There are plenty of ways to backup MySQL database and plenty of scripts on the net but I like doing it my own way. I have few backup scripts. I prefer script database over keeping binary logs, or using some un-traditional backup methods like backing all binary data in /var/lib/mysql.

One was intended to backup with mysqldump whole database and later upload to a central server running tsh (shell). Using tsh maybe not the best method to upload, but the script can easily be modified to use ssh passwordless authentication as a method to upload.

I'm not a pro shell scripter, but MySQLBackupper script can be used as useful for learning some simple bash  shell scripting.

To use the script as intended you will have to build tsh from source. Tsh is in very early development stage (ver 0.2) but as far as I tested it before some years it does great what it is intended for. You can  MySQLBackupper.sh script from here.
Earlier, I used MysqlBackupper.sh to upload all SQL dumps to /backups directory on central backup storage server, thus I had written secondary script to classify uploaded backups based on backup archive name. Script used is mysqldumps-classify.sh and can be viewed here. Though this way of making backups, needs a bit of custom work for managing backups up to 10 / 20 servers it worked well.

I have written also another mysqlbackup script which is much more simplistic and only dumps with mysqldump and stores copies on hard disk in tar.gz archive. You can download my other simple mysqkbackup.sh here.

Only inconvenient thing about above scripts is they dump all SQL databases. Hence whether necessary to get content for single database from (complete) All database SQL (script backup), I use SED (stream editor) one liner script.

It is interesting to hear how others prepare their MySQL db backups.

Tags: , , , , , , , , , , , , , ,
Posted in MySQL, System Administration | 2 Comments »

How to extract database from a whole MySQL database dump with sed

Tuesday, February 12th, 2013

If you have a configured mysql dumps to be prepared regularly via cronjob
and you happen to experience crash or lost of data and need to restore only a certain
database from a whole bunch of MySQL data SCRIPT file letes say mysql-fulldump.sql, you might be wondering how.
Here is how:

# sed -n '/^-- Current Database: `DATABASE_NAME`/,/^-- Current Database: `/p' mysql-fulldump.sql > DATABASE_NAME.sql

Change DATABASE_NAME with whatever your required database name is.
mysql-fulldump.sql – is the name of whole database file dump file
DATABASE_NAME.sql – will contain the extracted database from complete SQL dump.
TThat's all, now import new dump to MySQL and Enjoy 🙂

Tags: , , ,
Posted in MySQL, System Administration, Web and CMS | No Comments »

How to fix problems with encoding not showing umlauts in after import of sql data to MySQL

Thursday, October 1st, 2009

I’m restoring some websites from backups this days. One of the swiss websites had a serious problem with umlauts not showing up.
This happened right after I’ve used an old dump from a MySQL Server running version 4.x, the imported data was to MySQL server version 5. The problem consisted in that everywhere an umault was placed the shown content was ü.

You can imagine how annoying and ugly that looked, the whole text was crappy.
After some googling with a help of one of my colleagues (a programmer). I was pointed to this nice article Mysql Latin1 Utf8 Conversion .
What happens is that for some reason the dump I’ve made had latin1 character-set even though the data inside was in utf8.
Thus importing the dump would try to import the data as latin1 and make a crap out of it. The fix is as simple as substituting latin8 to utf8 in your mysql dump file and then reimporting it again.
In my case the browser displayed by default the website characters in iso8859 instead of utf8, so I had to specificly to change the browser encoding to UTF8 to realize all is okay.
Then it was necessery to modify all the templates to use UTF8 instead of the wrong character encoding. I have no clue how does it happened that the same umlaut encoding on the old server, what I suspect is there was something with the Apache’s default character encoding probably I have it set there by default set to utf8.
Well so far so good, let’s see how much trashy stuff I have to deal with today.
END—–

Tags: , , , , , , , , , , , , , ,
Posted in MySQL, System Administration | No Comments »

Howto import a UTF8 textbook (book) in MySQL table / A simple step by step guide through on howto import books in MySQL

Tuesday, March 23rd, 2010

I was looking forward to import a textbook I own to MySQL in order to be able later to easily manipulate the text with MySQL queries. After some time spend on trying hard. Here is the steps I took to import the textbook:

1. First we create necessery database and set default charset to UTF8:

freebsd$ mysql -u root -p
# create database textbook in mysql and change it to your likings
mysql$ CREATE database "textbook";
mysql$ use textbook;
mysql$ SET NAMES UTF8;

2. Then we CREATE Necessery database that will use further as a table to import the textbook into:
Below we create the table “textbook” with one column “sentence”

mysql$ CREATE table textbook (sentence varchar(5000);

3. Now we import the book:

mysql$ LOAD DATA INFILE '/path/to/file/textbook.txt' INTO TABLE textbook;

4. Last it might be a good idea to add some extra numbered column to be able to track the lines of the textbook as below:

mysql$ ALTER table textbook ADD COLUMN ID INT NOT NULL auto_increment FIRST, ADD PRIMARY KEY(ID);

In my case the book was in cyrillic and after I’ve taken the above steps I didn’t have any problems with cyrillic letters in the table.
Of course the above method is a bit dump since it’s not flexible enough and doesn’t track the textbook parts or titles, however it’s still a good way to store example on how to store text data in mysql table and could help somebody further in his journey in learning MySQL and next to that serving some simple daily SQL taks.

Tags: , , , , , , ,
Posted in MySQL, System Administration | No Comments »

Few MySQL helpful commands in MySQL maintenance (MySQL rename Table, Empty MySQL Table Contents / Null Table records, Get info about variables in a Table, Change record in existing MySQL table, Get MySQL table privileges info, Some basic commands for MySQL issues debugging)

Monday, March 29th, 2010

This days I’m playing with MySQL trying out stuff. I decided it could be helpful to somebody to share few things I learned. So there we go:

1. To Rename MySQL existent table name

RENAME TABLE old_table_name to new_table_name;

2. To completely wipe out the content of an existing Table in MySQL

TRUNCATE TABLE table_name; table_name = your table name to truncate

3. To RENAME column name in MySQL to another one

ALTER TABLE your_table_name CHANGE current_column_name new_column_name VARCHAR(100);

Note that in the above example to rename column in MySQL you should always specify the new column variable type e.g. VARCHAR(100) or anything else you like.

4. To get information about a table e.g. variables and there type in a MySQL table DESCRIBE table_name;

5. To change some Value in a Column to another one based on another value UPDATE table_name column_name SET column_name=’Lecturer’ WHERE other_column_name=’some_value’; Here; column_name = is your column name other_column_name = is some other column_name which you’re going to search in for a certain some_value content

6. To get a thorougful information about MySQL table, it’s variables and the privileges SHOW FULL COLUMNS from Table; Here Table should be your table name.

7. To get information about privileges of some mysql user SHOW GRANTS FOR your_user@host; 8. To create new user and grant certain privileges to some Database grant CREATE,INSERT,DELETE,UPDATE,SELECT on database_name.* to username@localhost; set password for username@host = password('mysecretpassword');

Where: database_name = is your desired database username = is your user of choice CREATE,INSERT,DELETE,UPDATE,SELECT = is your preferred privileges to the database_name for the selected username In case if you want to grant all possible user privileges that could be assigned to a table use the following code:

GRANT ALL ON database_name.* TO username identified by 'mysecretpassword' with grant option;

9. Another really helpful few commands on daily basis whever you’re responsible for MySQL server are:
SHOW warnings;
Which is always helpful in debugging in MySQL. And: SHOW status; SHOW processlist;
That two would inform you about the status of various key variables and could also be a precious debugging tool.

Tags: , , , , , , , ,
Posted in MySQL, System Administration | 1 Comment »

« Older Entries
Newer Entries »