Maatkit tools for database administrators

Order into Chaos

Displaying and Transferring Privileges

Staff and interns come and go, applications are retried, and you can soon forget former staff and their database access privileges. Some users don't immediately forget their passwords after leaving an organization, which can lead to a security risk. In another scenario, you might want to transfer the rights for one DBMS to another. The mk-show-grants tool lets you query the privileges you have granted in just a couple of seconds.

The results of the query are a list of SQL instructions, just like with many other Maatkit tools. In the case of more extensive DBMSs, you can send the output to a comma-separated list, restrict the list to privileges for specific users (--only), or exclude users from the evaluation process (--ignore). The --revoke switch generates REVOKE instructions to match the GRANT instructions that it discovers (Figure 7)

Figure 7: The mk-show-grants command not only shows who has privileges for the DBMS but also gives you the SQL instructions to revoke them, if needed.

Conclusions

The tools I looked at in this article represent just a tiny subset of the Maatkit suite. For more information, you can browse Maatkit's documentation. All of the tools are based on production needs, have been tested multiple times, and can save administrators a huge amount of work.

Infos

  1. Maatkit http://www.maatkit.org
  2. MySQL: http://www.mysql.com
  3. PostgreSQL: http://www.postgresql.org
  4. "Memcached" by Tim Schürmann, Linux Magazine , November 2009, pg. 28, http://www.linux-magazine.com/Issues/2009/108/Memcached
  5. "MySQL Forks und Patches" by Caspar Clemens Mierau, Admin Network & Security , Issue 01, pg. 20

The Author

Falko Benthin is a student of medical informatics at HTW Berlin and a member of various NGOs. In his free time, he loves reading and blogging on ebook readers and other topics on http://www.e-leseratte.de.

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Stopping SQL Injection

    SQL injection can strike at any moment. GreenSQL is an effective remedy that sits between the database and application and filters out suspicious queries.

  • Blocking SQL injections with GreenSQL
    SQL injection can strike at any moment. GreenSQL is an effective remedy that sits between the database and application and filters out suspicious queries.
  • Sharding and scale-out for databases
    Apache ShardingSphere extends databases like MySQL or PostgreSQL, adding a modular abstraction layer to support horizontal sharding and scalability – but not replication or encryption at rest.
  • RSQL, a Microsoft SQL clone
    The open source relational database RSQL aims to completely replace slimmed-down instances of Microsoft SQL Server.
  • MySQL upgrade obstacles
    A number of breaking changes have been introduced between MySQL 5.7 and 8.0. We show you how to navigate this mandatory upgrade.
comments powered by Disqus