mysql queries run as root - mysql

My situation is like this:
I have two servers, one is a windows server running IIS and holds my web site.
The other is a linux server that holds my mysql server.
I created a (mysql) user on the mysql server with a minimum set of privileges, and I use its credentials when connecting from my website to run queries.
But when I run a query, and check the processes that are running on the mysql server (mysql> show processlist), I see that the query I executes (from the web site) is being run under the (mysql) root account!
Any idea why this should happen??
Hituptony got it :-)
My query was processed by a SP, and turned into a prepared statement and then run...
That SP was defined with the root account (god knows why), and more ever didn't have the "invoker" security clause.
http://dev.mysql.com/doc/refman/5.5/en/stored-programs-security.html

I guess it would depend on what you are doing, if you are running a stored procedure and it is created by a root account, then when you run it it will still show the "user who created" it as the one running it, when in reality it is probably the connection user. In theory if you are running a select statement you would therein be running as the connection user, as there would be no "creator" to the select...if you catch my driftage...

Related

MySql tables disappeared and showing a table named as 'warning'

We were having a MySql Server running in Azure Windows Virtual Machine. We were not using it for the past 6 months. But recently we logged into the Virtual Machine and tried to access the database using MySql Work Bench. But it doesn't accept the password and we were unable to login. So we changed the root password by following the instructions from MySql documentation (Resetting the Root Password: Windows Systems).
Based on the instructions, the following commands were executed to reset the password:
CD C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
mysqld --no-defaults --datadir="C:\\ProgramData\\MySQL\\MySQL Server 5.7\\Data" --init-file=C:\\mysql-init.txt
After running the command, we were able to resect the password and logged into the Mysql as a Root user via the workbench. But, There were no tables other than tabled named as 'warning' in the databases. Following is the screenshot from the MySql Workbench. You can see the 'warning' tables is having four fields namely id, warning, Bitcoin_Address, and email. But there are no rows having values for these fields.
Is there anyone who knows what is exactly happened here? Any way to recover the missing tables? We were not having any other backup for these databases.
After 1 year 15 days. Most probably you have been hacked. I too had this issue in my raspberry pi server, which I used for the weather monitoring. But thanks don't have that important data to pay for it. Before coming to the conclusion check a few things.
How To Fix Corrupted Tables in MySQL, If not solved then,
log in to your mysql database in the terminal, query SHOW database, query USE database_name, query SHOW TABLES;
as mentioned, if you see only one table named WARNING,
Then, query CHECK TABLE `WARNING`;
In the displayed table, if you see under column Msg_text = OK
Then, query SELECT * FROM `WARNING`;
There you have your answer, A hacker has hacked your database, and is demanding money in bitcoin.
Solution: I don't trust them, they will not return your data. Best don't fall for the trap. Instead, use a strong password in your database, use ssh in your site (if you are using), use a python script to daily backup your database through CRON task.
Sorry, If you are a victim of a hacker. I cannot be of much help then.

multiple machine MySQL through Workbench

I have recently started using MySQL Workbench, hence I apologise if this is not the proper platform to ask this question. I tried to figure out the solution of my own, but could not find any appropriate one.
Here is my situation: At my workplace, we have a huge set of data about the operational and financial figures such as sales, employee, profit, etc for European companies spread over past 7-8 years and new data keeps coming regularly. However, the problem is we work from different remote locations, me in one city and the other two colleagues in a different city. Normally, we share our work files (.xls/.doc) etc through Dropbox. So, we thought of creating a database in MySQL wherein we all can submit/edit/add this data so that we can filter and analyse this data on several ways once the collection is complete. And we plan to use and access it thereafter. We believe that this is ease a lot of our work. So all I want to know is: can all three of us collaborate simultaeousy (in order to add or edit the data) through workbench Server administration, like the way we collaborate our work through Dropbox? I want to be the host (like the administrator) and then want to allow the access to my colleagues.
Thank you for your time and answer. You may also refer me to any site or link to read more about it.
I think you are a bit confused about what MySQL Workbench is.
MySQL workbench is just a data viewer and administration tool that connects to a MySQL server, there's no data "stored" in MySQL workbench, all the data is stored in the server.
MySQL workbench can:
Connect to a MySQL server
Send SQL instructions and show the results: You can create and drop databases, send SQL queries, create and execute stored procedures and functions... all assuming you have the right privileges.
Perform administration tasks: You can create and drop users, grant or revoke permissions, etcétera
But the fact is: all is stored in a MySQL server... so the answer to your question is: Yes, you can work simmultaneously with your colleagues, if and only if all of you can connect to the same database server (as Mike W commented).
Addressing your comments, and clarifying more details:
MySQL is a database server. When you install it in a computer, all data is stored in that computer (aside from replication and other fine details). You should make regular backups of your data (MySQL has tools for that, one is mysqldump). If you want to access the data stored in your database server, you can do it:
By ussing the command-line client,
By using MySQL workbench or another GUI client program, or
By any program that can connect to the database server (via ODBC or specific libraries).
Focusing on MySQL Workbench, and addressing your specific question: If your machine breaks down, you can install the MySQL Server in any other machine, and load the backup into it. You will have to configure that new machine so that any of your coworkers can connect to it (that may imply that a new set of connection parameters is created).

TeamCity won't create its schema in SQL Server

I've installed a new TeamCity instance and just moved from internal storage to database (SQL Server). Followed the instructions at http://confluence.jetbrains.com/display/TCD7/Setting+up+an+External+Database and I know I've done the database part correctly as it wouldn't initially connect and I had to go back and turn on TCP/IP connections for SQL Server.
From the documentation I assumed that team city would create and maintain it's own database schema, but even though it's user is dbo the database remains blank - no tables, views or any other objects have been created.
When I try to connect to it in a browser I get "Database is empty or doesn't exist", and viewing the logs shows me "Schema contains no tables". I've obviously restarted the service and connected again each time.
Is there an install script I am missing? How do I get TeamCity to install it's schema?
When you are doing it like this, you will need to migrate the initial structure over to sql server. See here

Javamelody with Tomcat and MySql

I have setup a web application in Tomcat with Javamelody and MySql. I am able to see the JDBC connection details under system info so I know that Javamelody is able to connect to the database. I have executed select/update statements from my application but nothing is ever shown on the monitoring page under statistics sql. I have executed "show full processlist" using the same user as my database connection and it works fine. I can't work out what I am doing wrong.
Any ideas?
Don't mess monitoring tool into problem.
You can check if connection works without it.
(E.g. create table and insert some data and then check if table exists).

phpMyAdmin crashing the MySQL host server

I have encountered this problem a couple of times, in the last few days. So, it happens occasionally. I have setup mysql on a remote machine, and there is a java program on another machine querying the database to read and write records every few seconds.
I am using phpMyAdmin to administer my database. And, at times, after running some SQL query, the mysql server stops responding. Even the pinging the host machine doesn't succeed. And, I have to ask someone with physical access to the machine to boot it up again.
I checked for log files but couldn't find them in the mysql directory. Is logging disabled by default? What is missing here? And, how can I go about troubleshooting this?
EDIT:
I was able to ping the server after some while. So, the server must have been temporarily busy. It's not a specific query but things like re-ordering the data of a table serially under the browse tab.
Use a mysqlclient to make a connection and keep it open.
I personally use the mysql from the commandline.
If the server becomes unresponsive execute
SHOW PROCESSLIST;
It will list all mysql processes and will show how long queries are waiting/executing.
Optionally use the KILL statement to terminate the query that locking the tables.
KILL $pid
I'd highly recommend using MySQL's own GUI tools for database management, for a vriety of reasons:
They have full support for InnoDB tables, including Foreign Key management
You can use database-level security to make sure only you get into your data (unlike phpMyAdmin, which at best can only be root access installed behind a .htaccess password)
It is official and supported. No extra binaries run on the server, so you run no risk of it crashing and taking the server down with it (unless your query itself is locking it...)