Technology Tales

Adventures & experiences in contemporary technology

Securing MySQL in Fedora

4th December 2009

Ubuntu users must be spoilt because any MySQL installation asks you for a root password, a very good thing in my opinion. With Fedora, it just pops the thing on there with you needing to set up a service and setting the root password yourself; if I remember correctly, I think that openSUSE does the same thing. For the service management, I needed to grab system-config-services from the repositories because my Live CD installation left off a lot of stuff, OpenOffice and GIMP even. The following command line recipe addressed the service manager omission:

su -- # Change to root, entering password when asked
yum -y install system-config-services # Installs the thing without a yes/no prompt
exit # Return to normal user shell

Thereafter, the Services item from the menus at System > Administration was pressed into service and the MySQL service enabled and started. The next step was to lock down root so the following sequence was used:

mysql # Enter MySQL prompt; no need for user or password because it still is unsecured!
UPDATE mysql.user SET Password=PASSWORD(‘MyNewPass’) WHERE User=’root’;
quit # Exit the mysql prompt, leaving the bare mysql command unusable

For those occasions when password problems keep you of the MySQL shell, you’ll find password resetting advice on the MySQL website but I didn’t need to go the whole hog here. MySQL Administrator might be another option for this type of thing. That thought never struck me while I was using it to set up less privileged users and allowing them access to the system. For a while, I was well stymied in my attempts to access the MySQL using any of those extra accounts until I got the idea of associating them with a host, another thing that is not needed in Ubuntu if my experience is any guide. All in all, Fedora may make you work a little extra to get things like thing done but I am not complaining if it makes you understand a little more about what is going on in the background, something that is never a disadvantage.

  • All the views that you find expressed on here in postings and articles are mine alone and not those of any organisation with which I have any association, through work or otherwise. As regards editorial policy, whatever appears here is entirely of my own choice and not that of any other person or organisation.

  • Please note that everything you find here is copyrighted material. The content may be available to read without charge and without advertising but it is not to be reproduced without attribution. As it happens, a number of the images are sourced from stock libraries like iStockPhoto so they certainly are not for abstraction.

  • With regards to any comments left on the site, I expect them to be civil in tone of voice and reserve the right to reject any that are either inappropriate or irrelevant. Comment review is subject to automated processing as well as manual inspection but whatever is said is the sole responsibility of the individual contributor.