Showing entries 1 to 5
Displaying posts with tag: Database Administration & Monitoring (reset)
Security improvements in MySQL 5.7

If you have a look on the last mysql 5.7.4 version or later you will probably see that there are several security improvements. The list of added security features and improvements can be seen on the following page: http://dev.mysql.com/doc/refman/5.7/en/mysql-nutshell.html

There are three main improvements that are shortly described in this blog:

1. Nonempty plugin column
2. Password lifetime policy
3. mysql_install_db secured

 

Nonempty plugin column

As of MySQL 5.7.2, the server requires account rows in the mysql.user table to have a nonempty plugin column value and disables accounts with an empty value. The following error will occor when trying to connect with user having empty plugin colum:

 

2014-11-30T10:41:04.943384Z …

[Read more]
Oracle AVDF - Database Firewall Policies

The successful deployment of a Database Firewall depends on an effective policy. Oracle AVDF includes preconfigured firewall policies as described in the Firewall Policy page in the Policy tab of the Audit Vault Server console.

These include policies that log all SQL statements, or log only unique SQL statements. In addition, the Database Firewall policy editor enables you to design your own policies quickly and efficiently.

Policy rules can depend on any combination of the SQL statement type, name of the database user, IP address of the database client, operating system user name, client program name, or any exceptions you specify.

 

First policy and global concept

1. Log in to the Audit Vault Server console as an auditor, and click on the Policy tab:

 

[Read more]
Oracle AVDF post-installation configuration

In one of my last blog, named: "Oracle Audit Vault and Database Firewall (AVDF) 12.1 - installation on VirtualBox" I explained how to install AVDF on VirtualBox. Since some of you asked for a blog on "How to configure AVDF", I decided to write this posting on AVDF post-installation configuration. This one only concerns the post-installation phase, a third blog will be dedicated to practical cases concerning the configuration of Database Firewall Policies.

Specifying the Audit Vault Server Certificate and IP Address

You must associate each Database Firewall with an Audit Vault Server by specifying the server's certificate and IP address, so that the Audit Vault Server can manage the firewall. If you are using a resilient pair of Audit Vault Servers for high availability, you …

[Read more]
MySQL high availability management with ClusterControl

Installing and managing a highly available MySQL infrastructure can be really tedious. Solutions to facilitate database and system administrator’s task exist, but few of these cover the complete database lifecycle and address all the database infrastructure management requirements. Severalnines’ product ClusterControl is probably the only solution that covers the full infrastructure lifecycle and is also able to provide a full set of functionalities required by database cluster architectures. In this article, I will show how to install, monitor and administrate a database cluster with ClusterControl.


Introduction

Severalnines is a Swedish company mostly composed of ex-MySQL AB staff. Severalnines provides automation and management software for database clusters. Severalnines’ ClusterControl perfectly fits this objective by providing a full “deploy, manage, monitor, and scale” solution. …

[Read more]
Mysqldump issue - SELECT command denied to user

During one of my last MySQL mission, I encountered a "security error" with mysqldump. The mission was about migrating a MySQL database from one box to another MySQL version and from Windows to Linux with different users. In order to do that, I used mysqldump. During the import of the data, I got the following warning:

 

ERROR 1449 (HY000) at line 1860: The user specified as a definer ('cdadmin'@'%') does not exist

 

Following the migration, I did the backup strategy. During the first mysql dump, I got the following error message:

 

mysql@mysql001: [mysqld2] mysqldump test
Running mysqldump for instance mysqld2 to /u99/mysqlbackup/mysqld2/dump/2012-11-14_15-48-23, please wait...
MySQL dump of instance mysqld2 to /u99/mysqlbackup/mysqld2/dump/2012-11-14_15-48-23 has failed.
mysqldump: Couldn't execute 'show table status like …

[Read more]
Showing entries 1 to 5