MySQL Instance Manager has been deprecated and is removed in MySQL 5.4.
The Instance Manager stores its user information in a password
file. On Windows, the default is
mysqlmanager.passwd
in the directory where
Instance Manager is installed. On Unix, the default file is
/etc/mysqlmanager.passwd
. To specify a
different location for the password file, use the
--password-file
option.
If the password file does not exist or contains no password entries, you cannot connect to the Instance Manager.
Any Instance Manager process that is running to monitor server instances does not notice changes to the password file. You must stop it and restart it after making password entry changes.
Entries in the password file have the following format, where the two fields are the account user name and encrypted password, separated by a colon:
petr:*35110DC9B4D8140F5DE667E28C72DD2597B5C848
Instance Manager password encryption is the same as that used by MySQL Server. It is a one-way operation; no means are provided for decrypting encrypted passwords.
Instance Manager accounts differ somewhat from MySQL Server accounts:
MySQL Server accounts are associated with a host name, user name, and password (see Section 5.5.1, “User Names and Passwords”).
Instance Manager accounts are associated with a user name and password only.
This means that a client can connect to Instance Manager with a
given user name from any host. To limit connections so that
clients can connect only from the local host, start Instance
Manager with the
--bind-address=127.0.0.1
option so that it listens only to the local network interface.
Remote clients will not be able to connect. Local clients can
connect like this:
shell> mysql -h 127.0.0.1 -P 2273
Before MySQL 5.1.12, the only option for creating password file
entries is
--passwd
,
which causes Instance Manager to prompt for user name and
password values and display the resulting entry. You can save
the output in the /etc/mysqlmanager.passwd
password file to store it. Here is an example:
shell>mysqlmanager --passwd >> /etc/mysqlmanager.passwd
Creating record for new user. Enter user name:mike
Enter password:mikepass
Re-type password:mikepass
At the prompts, enter the user name and password for the new Instance Manager user. You must enter the password twice. It does not echo to the screen, so double entry guards against entering a different password than you intend (if the two passwords do not match, no entry is generated).
The preceding command causes the following line to be added to
/etc/mysqlmanager.passwd
:
mike:*BBF1F551DD9DD96A01E66EC7DDC073911BAD17BA
Use of the --password
option fails if mysqlmanager is invoked
directly from an IBM 5250 terminal. To work around this, use a
command like the following from the command line to generate the
password entry:
shell>mysql -B --skip-column-name \
-e 'SELECT CONCAT("
user_name
",":",PASSWORD("pass_val
"));'
The output from the command can be used an entry in the
/etc/mysqlmanager.passwd
file.
Beginning with MySQL 5.1.12, the
--passwd
option is renamed to
--print-password-line
and
there are several other options for managing user accounts from
the command line. For example, the
--username
and
--password
options are
available on the command line for specifying the user name and
password for an account entry. You can use them to generate an
entry with no prompting like this (type the command on a single
line):
shell>mysqlmanager --print-password-line
--username=mike --password=mikepass >> /etc/mysqlmanager.passwd
If you omit the --username
or --password
option,
Instance Manager prompts for the required value.
--print-password-line
causes Instance Manager to send the resulting account entry to
its output, which you can append to the password file. The
following list describes other account-management options that
cause Instance Manager to operate directly on the password file.
(These options make Instance Manager scriptable for
account-management purposes.) For operations on the password
file to succeed, the file must exist and it must be accessible
by Instance Manager. (The exception is
--clean-password-file
,
which creates the file if it does not exist. Alternatively, if
there is no password file, manually create it as an empty file
and ensure that its ownership and access modes allow it to be
read and written by Instance Manager.) The default password file
is used unless you specify a
--password-file
option.
To ensure consistent treatment of the password file, it should be owned by the system account that you use for running Instance Manager to manage server instances, and you should invoke it from that account when you use it to manage accounts in the password file.
Create a new user:
mysqlmanager --add-user --username=user_name
[--password=password
]
This command adds a new entry with the given user name and
password to the password file. The
--username
(or
-u
) option is required.
mysqlmanager prompts for the password if
it is not given on the command line with the
--password
(or
-p
) option. The command fails if the user
already exists.
Drop an existing user:
mysqlmanager --drop-user --username=user_name
This command removes the entry with the given user name from the password file. The user name is required. The command fails if the user does not exist.
Change the password for an existing user:
mysqlmanager --edit-user --username=user_name
[--password=password
]
This command changes the given user's password in the password file. The user name is required. mysqlmanager prompts for the password it is not given on the command line. The command fails if the user does not exist.
List existing users:
mysqlmanager --list-users
This command lists the user names of the accounts in the password file.
Check the password file:
mysqlmanager --check-password-file
This command performs a consistency and validity check of the password file. The command fails if there is something wrong with the file.
Empty the password file:
mysqlmanager --clean-password-file
This command empties the password file, which has the effect of dropping all users listed in it. The option creates the password file if it does not exist, so it can be used to initialize a new password file to be used for other account-management operations. Take care not to use this option to reinitialize a file containing accounts that you do not want to drop.
User Comments
Add your own comment.