ืื ืืืืจืื ืฉืืกืืกืื ืืืืื ืืืืชืจ ืืื ืื ืฉืืื ื ืฆืจืื ืืืืืจ. ืืืงืจื ืฉื MySQL ืื ืืคืฉืจื ืืืืืช ืืคืืืืื
ืฉื ื ืืชืืกืคืื ืืืื ืืื ื ืืืฉืื ืืื; ืืจืื ื ืืืจ ืขืืืื ืืืืชื ืืืื, ืืืฉื ืืืืืจ ืขื
ืืคื ืฉืืืจืชื, ืื ืื ืืืฉืืช, ืืืืฉืจ ืืชืงืื ืื ืืช MySQL ืืืืฆืขืืช ืืืืืืช ื-.deb ืื ืชืืืืช ืขื ืืื ืฆืืืช ืืืืื, ื ืืฆืจ ืืฉืชืืฉ ืฉืืจืฉ ืืืืืืช socket. ืื ื ืืื ืื ืขืืืจ MySQL ืืื ืขืืืจ MariaDB.
root@app:~# apt-cache show mysql-server-5.7 | grep -i maintainers
Original-Maintainer: Debian MySQL Maintainers <[email protected]>
Original-Maintainer: Debian MySQL Maintainers <<a href="mailto:[email protected]">[email protected]</a>>
ืขื ืืืืืืช Debian ืขืืืจ MySQL, ืืฉืชืืฉ ืืฉืืจืฉ ืืืืืช ืืืืคื ืืื:
root@app:~# whoami
root=
root@app:~# mysql
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 4
Server version: 5.7.27-0ubuntu0.16.04.1 (Ubuntu)
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
mysql> select user, host, plugin, authentication_string from mysql.user where user = 'root';
+------+-----------+-------------+-----------------------+
| user | host | plugin | authentication_string |
+------+-----------+-------------+-----------------------+
| root | localhost | auth_socket | |
+------+-----------+-------------+-----------------------+
1 row in set (0.01 sec)
ืืืชื ืืืืจ ืขื ืืืืืช ื-.deb ืขืืืจ MariaDB:
10.0.38-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04
MariaDB [(none)]> show grants;
+------------------------------------------------------------------------------------------------+
| Grants for root@localhost |
+------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED VIA unix_socket WITH GRANT OPTION |
| GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION |
+------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
ืืืืืืช ื-.deb ืืืืืืจ ืืจืฉืื ืฉื Percona ืืืืืจืื ืื ืืืืืช ืืฉืชืืฉ ืฉืืจืฉ ืชืืช aut-socket ืืขืืืจ Percona Server. ืืืื ื ืืชื ืืืืื ืขื
root@app:~# whoami
root
root@app:~# mysql
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 9
Server version: 8.0.16-7 Percona Server (GPL), Release '7', Revision '613e312'
Copyright (c) 2009-2019 Percona LLC and/or its affiliates
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
mysql> select user, host, plugin, authentication_string from mysql.user where user ='root';
+------+-----------+-------------+-----------------------+
| user | host | plugin | authentication_string |
+------+-----------+-------------+-----------------------+
| root | localhost | auth_socket | |
+------+-----------+-------------+-----------------------+
1 row in set (0.00 sec)
ืื ืื ืืงืกื? ืืชืืกืฃ ืืืืง ืฉืืฉืชืืฉ ืืืื ืืงืก ืืชืืื ืืืฉืชืืฉ MySQL ืืืืฆืขืืช ืืคืฉืจืืช ืืฉืงืข SO_PEERCRED ืืื ืืืกืืฃ ืืืืข ืขื ืืืฉืชืืฉ ืืืจืืฅ ืืช ืชืืื ืืช ืืืงืื. ืืคืืื, ื ืืชื ืืืฉืชืืฉ ืืชืืกืฃ ืจืง ืืืขืจืืืช ืืชืืืืืช ืืืคืฉืจืืช SO_PEERCRED, ืืื ืืื ืืงืก. ืืคืฉืจืืช ืืฉืงืข SO_PEERCRED ืืืคืฉืจืช ืื ืืืืืช ืืช ื-uid ืฉื ืืชืืืื ืืืฉืืื ืืฉืงืข. ืืื ืืื ืืืจ ืืงืื ืืช ืฉื ืืืฉืชืืฉ ืืืฉืืื ื-uid ืืื.
ืื ื ืืืืื ืขื ืืืฉืชืืฉ "ื ืืื":
vagrant@mysql1:~$ whoami
vagrant
vagrant@mysql1:~$ mysql
ERROR 1698 (28000): Access denied for user 'vagrant'@'localhost'
ืืืืืื ืฉืืื ืืฉืชืืฉ "ื ืืื" ื-MySQL, ื ืื ืขืช ืืืฉื. ืืืื ื ืืฆืืจ ืืฉืชืืฉ ืืื ืื ื ืกื ืฉืื:
MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO 'vagrant'@'localhost' IDENTIFIED VIA unix_socket;
Query OK, 0 rows affected (0.00 sec)
vagrant@mysql1:~$ mysql
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 45
Server version: 10.0.38-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> show grants;
+---------------------------------------------------------------------------------+
| Grants for vagrant@localhost |
+---------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'vagrant'@'localhost' IDENTIFIED VIA unix_socket |
+---------------------------------------------------------------------------------+
1 row in set (0.00 sec)
ืงืจื!
ืืืื, ืื ืืืื ืืคืฆื ืฉืืื ื ืืืืื ืฉืื ืื ืื ืืกืืคืง ืืืจืืจืช ืืืื? ืืืื ื ื ืกื ืืช Percona Server ืขืืืจ MySQL 8 ืืืืชืงื ื- CentOS 7:
mysql> show variables like '%version%comment';
+-----------------+---------------------------------------------------+
| Variable_name | Value |
+-----------------+---------------------------------------------------+
| version_comment | Percona Server (GPL), Release 7, Revision 613e312 |
+-----------------+---------------------------------------------------+
1 row in set (0.01 sec)
mysql> CREATE USER 'percona'@'localhost' IDENTIFIED WITH auth_socket;
ERROR 1524 (HY000): Plugin 'auth_socket' is not loaded
ืืืกื. ืื ืืื ืืกืจ? ืืคืืืืื ืื ื ืืขื:
mysql> pager grep socket
PAGER set to 'grep socket'
mysql> show plugins;
47 rows in set (0.00 sec)
ืืืื ื ืืกืืฃ ืชืืกืฃ ืืชืืืื:
mysql> nopager
PAGER set to stdout
mysql> INSTALL PLUGIN auth_socket SONAME 'auth_socket.so';
Query OK, 0 rows affected (0.00 sec)
mysql> pager grep socket; show plugins;
PAGER set to 'grep socket'
| auth_socket | ACTIVE | AUTHENTICATION | auth_socket.so | GPL |
48 rows in set (0.00 sec)
ืขืืฉืื ืืฉ ืื ื ืืช ืื ืื ืฉืื ืื ื ืฆืจืืืื. ืืื ื ื ืกื ืฉืื:
mysql> CREATE USER 'percona'@'localhost' IDENTIFIED WITH auth_socket;
Query OK, 0 rows affected (0.01 sec)
mysql> GRANT ALL PRIVILEGES ON *.* TO 'percona'@'localhost';
Query OK, 0 rows affected (0.01 sec)
ืืขืช ืชืืื ืืืชืืืจ ืืืืฆืขืืช ืฉื ืืืฉืชืืฉ "percona".
[percona@ip-192-168-1-111 ~]$ whoami
percona
[percona@ip-192-168-1-111 ~]$ mysql -upercona
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 19
Server version: 8.0.16-7 Percona Server (GPL), Release 7, Revision 613e312
Copyright (c) 2009-2019 Percona LLC and/or its affiliates
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
mysql> select user, host, plugin, authentication_string from mysql.user where user ='percona';
+---------+-----------+-------------+-----------------------+
| user | host | plugin | authentication_string |
+---------+-----------+-------------+-----------------------+
| percona | localhost | auth_socket | |
+---------+-----------+-------------+-----------------------+
1 row in set (0.00 sec)
ืืื ืขืื ืฉืื!
ืฉืืื: ืืื ื ืืชื ืืืื ืืืืื ืก ืืืขืจืืช ืืืืชื ืืชืืืจืืช ืฉื percona, ืื ืืืฉืชืืฉ ืืืจ?
[percona@ip-192-168-1-111 ~]$ logout
[root@ip-192-168-1-111 ~]# mysql -upercona
ERROR 1698 (28000): Access denied for user 'percona'@'localhost'
ืื, ืื ืื ืืขืืื.
ืคืื
MySQL ืื ืืืืฉ ืืืื ืืืืืื, ืืื ืืื ืืื ืฉืืืช ืืืืืืช. ืืคื ืฉื ืืชื ืืจืืืช ืืคืืกื ืื, ื ืืชื ืืงืื ืืืฉื ืืื ืกืืกืืืืช, ืืืชืืกืก ืขื ืืฉืชืืฉื ืืขืจืืช ืืืคืขืื. ืื ืืืื ืืืืืช ืฉืืืืฉื ืืชืจืืืฉืื ืืกืืืืื, ืืืื ืืื ืืื ืืขืช ืืืืจื ื-RDS/Aurora ื-MySQL ืจืืื ืืืืฆืขืืช
ืืงืืจ: www.habr.com