Difference between revisions of "Securing mysql with a script"
From MyWiki
(Created page with "Reference - https://stackoverflow.com/questions/24270733/automate-mysql-secure-installation-with-echo-command-via-a-shell-script<br>") |
|||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Reference - https://stackoverflow.com/questions/24270733/automate-mysql-secure-installation-with-echo-command-via-a-shell-script<br> | Reference - https://stackoverflow.com/questions/24270733/automate-mysql-secure-installation-with-echo-command-via-a-shell-script<br> | ||
| + | <source lang="bash"> | ||
| + | mysql_secure_installation <<EOF | ||
| + | |||
| + | y | ||
| + | secret | ||
| + | secret | ||
| + | y | ||
| + | y | ||
| + | y | ||
| + | y | ||
| + | EOF | ||
| + | |||
| + | </source> | ||
| + | |||
| + | |||
| + | not tested the sql script below | ||
| + | <source lang="sql"> | ||
| + | #!/bin/bash | ||
| + | |||
| + | # Make sure that NOBODY can access the server without a password | ||
| + | mysql -e "UPDATE mysql.user SET Password = PASSWORD('CHANGEME') WHERE User = 'root'" | ||
| + | # Kill the anonymous users | ||
| + | mysql -e "DROP USER ''@'localhost'" | ||
| + | # Because our hostname varies we will use some Bash magic here. | ||
| + | mysql -e "DROP USER ''@'$(hostname)'" | ||
| + | # Kill off the demo database | ||
| + | mysql -e "DROP DATABASE test" | ||
| + | # Make our changes take effect | ||
| + | mysql -e "FLUSH PRIVILEGES" | ||
| + | # Any subsequent tries to run queries this way will get access denied because lack of usr/pwd param | ||
| + | |||
| + | |||
| + | |||
| + | </source> | ||
| + | Run the above like this :<br> | ||
| + | mysql -sfu root < "mysql_secure_installation.sql" <br> | ||
Latest revision as of 12:48, 28 August 2017
mysql_secure_installation <<EOF
y
secret
secret
y
y
y
y
EOF
not tested the sql script below
#!/bin/bash # Make sure that NOBODY can access the server WITHOUT a password mysql -e "UPDATE mysql.user SET Password = PASSWORD('CHANGEME') WHERE User = 'root'" # KILL the anonymous users mysql -e "DROP USER ''@'localhost'" # Because our hostname varies we will USE SOME Bash magic here. mysql -e "DROP USER ''@'$(hostname)'" # KILL off the demo DATABASE mysql -e "DROP DATABASE test" # Make our changes take effect mysql -e "FLUSH PRIVILEGES" # Any subsequent tries TO run queries this way will GET access denied because lack OF usr/pwd param
Run the above like this :
mysql -sfu root < "mysql_secure_installation.sql"
