« Previous 1 2 3
Maatkit tools for database administrators
Order into Chaos
Displaying and Transferring Privileges
Staff and interns come and go, applications are retried, and you can soon forget former staff and their database access privileges. Some users don't immediately forget their passwords after leaving an organization, which can lead to a security risk. In another scenario, you might want to transfer the rights for one DBMS to another. The mk-show-grants
tool lets you query the privileges you have granted in just a couple of seconds.
The results of the query are a list of SQL instructions, just like with many other Maatkit tools. In the case of more extensive DBMSs, you can send the output to a comma-separated list, restrict the list to privileges for specific users (--only
), or exclude users from the evaluation process (--ignore
). The --revoke
switch generates REVOKE instructions to match the GRANT instructions that it discovers (Figure 7)
Conclusions
The tools I looked at in this article represent just a tiny subset of the Maatkit suite. For more information, you can browse Maatkit's documentation. All of the tools are based on production needs, have been tested multiple times, and can save administrators a huge amount of work.
Infos
- Maatkit http://www.maatkit.org
- MySQL: http://www.mysql.com
- PostgreSQL: http://www.postgresql.org
- "Memcached" by Tim Schürmann, Linux Magazine , November 2009, pg. 28, http://www.linux-magazine.com/Issues/2009/108/Memcached
- "MySQL Forks und Patches" by Caspar Clemens Mierau, Admin Network & Security , Issue 01, pg. 20
« Previous 1 2 3