Showing entries 1 to 10 of 11
1 Older Entries »
Displaying posts with tag: roles (reset)
Roles on MySQL 8.0

This is a blogpost about MySQL 8.0.0, the content here could be subject to changes in the future since this is not a stable release.

This is a feature that will make life the many DevOps and DBAs easier. Believe it or not, a lot of people control access to the database by sharing the same username and password. Which is completely insecure for a number of reasons:

  • If someone is fired, they still have access
  • If you get hacked for using the same password, well, I only can say: good luck

That also means: no more querying to Stack Overflow to get that giant GRANT statement for each user you need to create. (Thank you @mwop for reminding me of this).

Creating a Role

This is a group of privileges that will be assigned to users:

CREATE ROLE …
[Read more]
ClusterControl 1.2.8 Released

September 17, 2014 By Severalnines

The Severalnines team is pleased to announce the release of ClusterControl 1.2.8. This release contains key new features along with performance improvements and bug fixes. We have outlined some of the key new features below. 

 

Highlights of ClusterControl 1.2.8 include:

  • YUM/APT repositories for ClusterControl
  • Deployment and scaling of single-node MySQL, MariaDB and MongoDB
  • Alerts and incident tracking with PagerDuty 
  • Unified Event Viewer
  • New flexible alarms/email notification system
  • Audit logging - Administrator activity tracking
  • Global MySQL User Management
  • New default dashboards for MySQL/MariaDB
  • Puppet Module …
[Read more]
ClusterControl 1.2.6 Released

April 22, 2014 By Severalnines

 

Join our upcoming webinar New Features Webinar on ClusterControl 1.2.6 - May 13th 2014 with live demo. Click on following banner to register:

 

The Severalnines team is pleased to announce the release of ClusterControl 1.2.6. This release contains key new features along with performance improvements and bug fixes. We have outlined some of the key features below. 

 

Highlights of ClusterControl 1.2.6 include:

  • Centralized Authentication using LDAP or Active Directory
  • Role-Based Access Control 
  • OpenStack: Galera Deployment Automation
  • Hybrid setups with Galera and Asynchronous MySQL Replication
  • Manage multiple Galera …
[Read more]
Securich 0.3.0

Around these days last year I presented `securich` for the first time. It was at froscon 2009, barely knowing anybody, spending my 27th birthday in a hostel in Germany fixing some bugs before the actual presentation on a 10 inch netbook (my mac had some problems at the time but thats another story :)). I got a beating, verbally of course! Many of the people listening to the presentation were expecting something else since another presentation was supposed to be running at that time, some even started dozing off (encouraging? not really hehe) but after a few minutes people started getting interested and asking all kind of questions. “This awesome” I thought to myself, “questions are good, it means people are understanding and want to know more”, but the more they learnt the more they realised how young securich was as a tool, lacking fundamental features like …

[Read more]
MySQL University: Securich - Security Plugin for MySQL

This Thursday (February 25th, 13:00 UTC - way earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL. According to Darren, the author of the plugin, Securich is an incredibly handy and versatile tool for managing user privileges on MySQL through the use of roles. It basically makes granting and revoking rights a piece of cake, not to mention added security it provides through password expiry and password history, the customization level it permits, the fact that it runs on any MySQL 5.0 or later and it's easily deployable on any official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.

For MySQL University sessions, point your …

[Read more]
MySQL University: Securich - Security Plugin for MySQL

This Thursday (February 25th, 13:00 UTC - way earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL. According to Darren, the author of the plugin, Securich is an incredibly handy and versatile tool for managing user privileges on MySQL through the use of roles. It basically makes granting and revoking rights a piece of cake, not to mention added security it provides through password expiry and password history, the customization level it permits, the fact that it runs on any MySQL 5.0 or later and it's easily deployable on any official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.

For MySQL University sessions, point your …

[Read more]
MySQL University: Securich - Security Plugin for MySQL

This Thursday (February 25th, 13:00 UTC - way earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL. According to Darren, the author of the plugin, Securich is an incredibly handy and versatile tool for managing user privileges on MySQL through the use of roles. It basically makes granting and revoking rights a piece of cake, not to mention added security it provides through password expiry and password history, the customization level it permits, the fact that it runs on any MySQL 5.0 or later and it's easily deployable on any official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.

For MySQL University sessions, point your …

[Read more]
Securich – 0.1.4

Just a small note to advise that Securich reached 0.1.4.
Some new tools include:
* Added Password complexity
* Enhanced `set_password` – Old password is now necessary to replace it by a new one
* Enhanced Revoke privileges to accept regexp
* Added Block user@hostname on a database level
* Added Creation of reserved usernames
* Added Help stored procedure displays help for each stored proc
* Enhanced `create_update_role` to include the removal of privilages from roles
* Enhanced `grant_priveleges` on `alltables` for a database without tables would terminate with an error instead of gracefully (now fixed)
* Added Restore user@hostname on a database level
* Removed ’show warnings’ from sql installation

The database design using workbench is also available in the db folder (for easier understanding of what lies …

[Read more]
MySQL Proxy: Roles

On the MySQL Proxy channel we get questions from time to time if the authentication can be intercepted and replaced data from a external source.

From now on, you can. For example if you want to get data from a external source (like LDAP) or want to implement roles.

Mapping Accounts to “Roles”

There isn’t much needed to implement Roles for MySQL with the help of the MySQL Proxy.

  • mysql.user doesn’t contain users, but roles instead
  • the proxy maps user-accounts to role-accounts with a script like above

It works like this:

  1. login to the proxy

     $ mysql --user=jan --password=secret --port=4040
    
  2. proxy looks up username password, finds a role for him

  3. proxy replaces credentials ad hoc

  4. mysql-server …

[Read more]
Securich – The MySQL Security Package step by step run through

I would like to start off by excusing myself for having had a broken link on http://www.securich.com/downloads.html when I published the latest blog post about Securich.

The tool is downloadable from there and anyone can use it for free in accordance to GPLv2.

I wanted to throw out tutorial about how to install it and use it (Note this tutorial is for version securich version 0.1.2):

Showing entries 1 to 10 of 11
1 Older Entries »