Securing MySQL in Fedora

Ubuntu users must be spoilt because any MySQL installation asks you for a root password, a very good thing in my opinion. With Fedora, it just pops the thing on there with you needing to set up a service and setting the root password yourself; if I remember correctly, I think that openSUSE does the same thing. For the service management, I needed to grab system-config-services from the repositories because my Live CD installation left off a lot of stuff, OpenOffice and GIMP even. The following command line recipe addressed the service manager omission:

su -- # Change to root, entering password when asked
yum -y install system-config-services # Installs the thing without a yes/no prompt
exit # Return to normal user shell

Thereafter, the Services item from the menus at System > Administration was pressed into service and the MySQL service enabled and started. The next step was to lock down root so the following sequence was used:

mysql # Enter MySQL prompt; no need for user or password because it still is unsecured!
UPDATE mysql.user SET Password=PASSWORD(‘MyNewPass’) WHERE User=’root’;
FLUSH PRIVILEGES;
quit # Exit the mysql prompt, leaving the bare mysql command unusable

For those occasions when password problems keep you of the MySQL shell, you’ll find password resetting advice on the MySQL website but I didn’t need to go the whole hog here. MySQL Administrator might be another option for this type of thing. That thought never struck me while I was using it to set up less privileged users and allowing them access to the system. For a while, I was well stymied in my attempts to access the MySQL using any of those extra accounts until I got the idea of associating them with a host, another thing that is not needed in Ubuntu if my experience is any guide. All in all, Fedora may make you work a little extra to get things like thing done but I am not complaining if it makes you understand a little more about what is going on in the background, something that is never a disadvantage.

1 comment

Pingback: Links 05/12/2009: KDE Software Compilation 4.4 (“Kompilation”) in Beta | Boycott Novell

Leave a Reply