advertisement

Article:
  Web Apps with Tiger: Security and MySQL
Subject:   a little more bluntly for noobs would be appreciated . . .
Date:   2009-08-02 15:12:11
From:   gentooq
I am nearly virginal in my noobness with MySQL (but not computers themselves) and searched high and low for specific instructions on "How to run mysql_secure_installation" to no avail.


Some background:


I read a post somewhere that said "For the obsessively observant, you will notice I am running the tcsh shell." I had no idea what he was talking about, and I am obsessively observant.


So my first pointer is, figure out what shell you are using. I looked around to see if there were an easy way to differentiate. There probably is, but I could not find it. Since I could not find such a method, I decided to ask . . .


scott-penguindreams-us:~ gentoo$ ?
bash: ?: command not found


[scott-penguindreams-us:~] gentoo% ?
tcsh: ?: No match.


by typing a literal question mark (?) at the default prompt and hitting the return. I thought I might get some kind of Help output. As you can see above, what I got was equally useful.


On to the specifics . . . in order to get this good script to run, you must start MySQL. In order to do this, you must assume root. The easiest way to assume root is to type "sudo echo" (without the quotes) at the prompt in Terminal. You will be asked for your root user password. (If you have used root or don't know what I am talking about, here's the word from the horse's mouth - http://support.apple.com/kb/HT1528.)


Because success does not have any overt indicators, here's two examples:


FAILURE
[scott-penguindreams-us:~] gentoo% sudo echo
Password:
Sorry, try again.
Password:
sudo: 1 incorrect password attempt
[scott-penguindreams-us:~] gentoo%


SUCCESS
[scott-penguindreams-us:~] gentoo% sudo echo
Password:


[scott-penguindreams-us:~] gentoo%



There are two ways to start MySQL - the long "I type the path every time" way, and the shorter "I type 'mysql' every time" way. It is your preference as to which you will use, but here are both methods.


Go to the MySQL directory and tell it to run
[scott-penguindreams-us:~] gentoo% cd /usr/local/mysql/bin
[scott-penguindreams-us:local/mysql/bin] gentoo% mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.1.36 MySQL Community Server (GPL)


Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


mysql>


OR


Just type "mysql" at any Terminal prompt you are at
[scott-penguindreams-us:local/mysql/bin] gentoo% mysql
tcsh: mysql: Command not found.
[scott-penguindreams-us:local/mysql/bin] gentoo%


I did that one on purpose because I am sure that there are a number of folks out there who have done this already (just like I did the first 10 or 15 times . . . I learn some things slowly). For all of their prowess, computers are still like children . . . you must tell them what you expect them to do when you yell short commands at them. This is where knowing which shell you are in comes in handy.


There are two possibilities for telling your computer what the short command 'mysql' should do, and the one you should use is shell-dependent. They are:


For bash
echo 'export PATH=/usr/local/mysql/bin:$PATH' >> ~/.bash_profile


For tsch
echo 'setenv PATH /usr/local/mysql/bin:$PATH' >> ~/.tcshrc


Once you have committed this minor act of magic, you may be brief to your heart's content:


[scott-penguindreams-us:local/mysql/bin] gentoo% mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.1.36 MySQL Community Server (GPL)


Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


mysql>


Now, the coup de grace on this "comment" (I admit it was long, but hopefully helpful to someone). . .


mysql> system mysql_secure_installation;


and you are off to the races with the original post. If you follow the recommendations (and I echo the original writer's exhortations that you should), then every subsequent start of MySQL will require credentials, as shown below:


[scott-penguindreams-us:~] gentoo% mysql
ERROR 1045 (28000): Access denied for user 'gentoo'@'localhost' (using password: NO)
[scott-penguindreams-us:~] gentoo% mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.1.36 MySQL Community Server (GPL)


Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


mysql>