I have some confidential database in MySQL. I want to restrict user to dump database and I want to know, which user has dumped the database. I didn't get any way to know about this. I tried with general logs, but I didn't find anything in MySQL.
Please let me know is there any way to get info about this .
If you are on Linux server then you can block any command for users to take mysqldump. Find below procedure to block a command or to check mysql/bash history.
-Check mysql/bash history.
Goto home directory of user e.g. /home/user. In this directory you will find two files named .mysql_history and .bash_history. All command have stored in these files.
-Block a command
1- Try to find mysqldump command path
root#localhost:[~]: which mysqldump
/usr/bin/mysqldump
root#localhost:[~]:
As in above mysqldump command exist here /usr/bin/mysqldump
2- Remove command access from all other user except root
root#localhost:[~]: cd /usr/bin/
root#localhost:[/usr/bin]: chmod g-rwx mysqldump
root#localhost:[/usr/bin]: chmod o-rwx mysqldump
Above command will remove mysqldump command access to group and all other users except root.
Related
I am attempting to back up a MySQL database on a Linux server before I install some upgrades to the software (Omeka) which is using the database.
The command supplied by Omeka documentation for that is the following:
mysqldump -h localhost -u username -p omeka_db_name > omeka_db_backup.sql
However, when I run this, I get the ever so helpfully vague message of "permission denied." It does this if I run the command as sudo. It does this no matter what directory I try to save the backup file to. It doesn't prompt me for a MySQL password when I run mysql dump, but it does when I run "mysql" command and it accepts the password I put in so I know the issue isn't that I'm using the wrong credentials.
I cannot navigate to the MySQL folder directly in shell and when I use WinSCP to access the server, the MySQL folder is listed as owned by "MySQL" and not by "root." So I'm assuming that I don't have permission to copy anything from this folder and that is my problem. I don't want to willy nilly assign ownership of the MySQL folder to root because I'm afraid it might break MySQL's ability to read and write from this folder.
All I want to do is copy the database files somewhere as backup. Heck, I'll copy the whole MySQL folder someplace if I have to do that. How can I do that without breaking MySQL?
Root has permissions for everything. There may be some additional safeguards, depending (there is some security software that limits root permissions).
You can just use:
mysqldump -h localhost -u username -p omeka_db_name > /path/to/some/other/directory/omeka_db_backup.sql
And put backup in directory you can normally access. If you use the mysqldump you don't need to write to mysql dir.
I want periodic mysql database backup. But I don't have permission to access ssh. When I try to run mysqldump via command line in Plesk Scheduled Tasks, it only creates a blank file 0 kb sized. I'm not sure if the system finds mysqldump when I write it in command line. How can I be sure mysqldump file exists in my server? How can I find its path? It doesn't exist in bin or usr folders. Is there a way to access this file? I can backup database via PhpMyAdmin manually. But I want periodic backups. Thanks.
Osman.
You can try to create a php script with the following code block:
<?php echo `which mysqldump`; ?>
Please note, those are backticks.
This may or may not work depending on whether or not open_basedir is setup on the server. This can give you the absolute path to the mysqldump binary, which you can then reference in the plesk sched. task.
Since you don't have control over the server, if the above doesn't work, you'll need to ask the server owner to either grant you access to mysqldump or use phpMyAdmin (assuming your dataset isn't too large).
This worked for me...
exec('complete\path\to\mysqldump.exe -uUSERNAME -pPASSWORD DATABASE_NAME > output_folder_path/filename.sql');
if u want the path goto your wamp folder & search for mysqldump.exe
I'm trying to add a cronjob in the crontab (ubuntu server) that backups the mysql db.
Executing the script in the terminal as root works well, but inserted in the crontab nothing happens. I've tried to run it each minutes but no files appears in the folder /var/db_backups.
(Other cronjobs work well)
Here is the cronjob:
* * * * * mysqldump -u root -pHERE THERE IS MY PASSWORD
--all-databases | gzip > /var/db_backups/database_`date +%d%m%y`.sql.gz
what can be the problem?
You need to escape % character with \
mysqldump -u 'username' -p'password' DBNAME > /home/eric/db_backup/liveDB_`date +\%Y\%m\%d_\%H\%M`.sql
I was trying the same but I found that dump was created with 0KB. Hence, I got to know about the solution which saved my time.
Command :
0 0 * * * mysqldump -u 'USERNAME' -p'PASSWORD' DATEBASE > /root/liveDB_`date +\%Y\%m\%d_\%H\%M\%S`.sql
NOTE:
1) You can change the time setting as per your requirement. I have set every day in above command.
2) Make sure you enter your USERNAME, PASSWORD, and DATABASE inside single quote (').
3) Write down above command in Crontab.
I hope this helps someone.
Check cron logs (should be in /var/log/syslog) You can use grep to filter them out.
grep CRON /var/log/syslog
Also you can check your local mail box to see if there are any cron mails
/var/mail/username
You can also set up other receiving mail in you crontab file
MAILTO=your#mail.com
Alternatively you can create a custom command mycommand. To which you can add more options. You must give execute permissions.
It is preferable to have a folder where they store all your backups, in this case using a writable folder "backup" which first create in "your home" for example.
My command in "usr/local/bin/mycommand":
#!/bin/bash
MY_USER="your_user"
MY_PASSWORD="your_pass"
MY_HOME="your_home"
case $1 in
"backupall")
cd $MY_HOME/backup
mysqldump --opt --password=$MY_PASSWORD --user=$MY_USER --all-databases > bckp_all_$(date +%d%m%y).sql
tar -zcvf bckp_all_$(date +%d%m%y).tgz bckp_all_$(date +%d%m%y).sql
rm bckp_all_$(date +%d%m%y).sql;;
*) echo "Others";;
esac
Cron: Runs the 1st day of each month.
0 0 1 * * /usr/local/bin/mycommand backupall
I hope it helps somewhat.
Ok, I had a similar problem and was able to get it fixed.
In your case you could insert that mysqldump command to a script
then source the profile of the user who is executing the mysqldump command
for eg:
. /home/bla/.bash_profile
then use the absolute path of the mysqldump command
/usr/local/mysql/bin/mysqldump -u root -pHERE THERE IS MY PASSWORD --all-databases | gzip > /var/db_backups/database_`date +%d%m%y`.sql.gz
Local Host mysql Backup:
0 1 * * * /usr/local/mysql/bin/mysqldump -uroot -ppassword --opt database > /path/to/directory/filename.sql
(There is no space between the -p and password or -u and username - replace root with a correct database username.)
It works for me. no space between the -p and password or -u and username
Create a new file and exec the code there to dump into a file location and zip it . Run that script via a cron
I am using Percona Server (a MySQL fork) on Ubuntu. The package (very likely the regular MySQL package as well) comes with a maintenance account called debian-sys-maint. In order for this account to be used, the credentials are created when installing the package; and they are stored in /etc/mysql/debian.cnf.
And now the surprise: A symlink /root/.my.cnf pointing to /etc/mysql/debian.cnf gets installed as well.
This file is an option file read automatically when using mysql or mysqldump. So basically you then had login credentials given twice - in that file and on command line. This was the problem I had.
So one solution to avoid this condition is to use --no-defaults option for mysqldump. The option file then won't be read. However, you provide credentials via command line, so anyone who can issue a ps can actually see the password once the backup runs. So it's best if you create an own option file with user name and password and pass this to mysqldump via --defaults-file.
You can create the option file by using mysql_config_editor or simply in any editor.
Running mysqldump via sudo from the command line as root works, just because sudo usually does not change $HOME, so .my.cnf is not found then. When running as a cronjob, it is.
You might also need to restart the service to load any of your changes.
service cron restart
or
/etc/init.d/cron restart
Currently I am learning MySql using commandline in ubuntu and made a backup of my database named 'sandwich' using mysqldump command.
mysql> #mysqldump -u root -p123456 sandwich > db_backup.sql;
Where I can find this 'db_backup.sql' file on the disk. Please tell me a specific file path where i can find this file.
It depends where you were when you executed the command - db_backup.sql will be found there as you didn't specify a full path.
Try your home dir or the web dir if you can't remember - anywhere you might have been when entering mysql. If all else fails you can use find:
find / -name 'db_backup.sql'
this may take some time so if you can narrow down the area of search and replace / with ~/ for example, that would help.
run following command without logging into mysql terminal.
mysqldump -u root -p db_name > db_dump.sql
It will ask for password. Enter password.
When dump is complete type following command.
ls
You will see db_dump.sql file in the list.
I have a .sql file with some database backups inside. Now I want to restore them back to MySQL. How can I this using command line of MySqL please? I found this:
mysql -u username -p -h localhost database_name < dumpfile.sql
but I don't know what username should be, what database_name should be and how I could browse to a .sql file in another folder.
You need to replace username with your database username and it will prompt you for a password. If the dump file has the "create database [name];" and "use [name];" instructions then you dont need to specify the database_name attribute.
To pull the .sql from another folder you just need to specify the path (/home/user/Downloads/file.sql, for example).
You could also try downloading mysql administrator from the mysql website.
Check this link too
http://www.techiecorner.com/31/how-to-restore-mysql-database-from-sql-dump-file/
Redirecting a .sql file into the MySQL CLI works because that's the format that mysqldump produces. And people usually call mysqldump to dump a whole database, so they get one file afterwards.
The username and password are dependant on what's been setup on the database instance you want to reload the data in to. On a clean, empty install, the MySQL root user will work (and probably won't have a password). On an established install, you should find an appropriate user. The user you use will need substantial permissions as it needs to create and write to tables.
The .sql file may have CREATE database and USE database statements near the top. If this is present, then make sure that database does not exist before you pipe the file in. If not, you will need to find out what name is expected by whatever program will be using the database.
As for piping another file in in a different directory, this is simple shell notation. The < filename notation fully supports paths so you can do < some/other/path/filename.sql or < ~/sql/filename.sql, for example. (Note that I've assumed you're using a Unix shell.)
You can use cmd
type cmd run as adminstration (C:\windows\system32>)
give path of mysql of bin folder (C:\windows\system32>
cd `C:\xampp\mysql\bin)
C:\xampp\mysql\bin>mysql -u username -p -h localhost database_name
type-> use database_name
type-> source F:/example.sql