Page 1 of 1

Shell commands to daemons

Posted: Tue May 22, 2007 7:19 pm
by alex.barylski
I can easily invoke the MySQL daemon:

mysql -u root -p

However it seems I cannot pass the password through the command line via a shellscript so I get prompted:

Password>

After I enter the password I'm sent to the MySQL console:

mysql>

Here I can enter arbitrary SQL commands and MySQL commands to carry out actions.

I have a sequence of commands I want to carry out each day.

Is it possible using bash (or whatever debian by default uses) to send commands to daemon consoles, so I can do somehting like:

Code: Select all

mysql -u root -p
> mypassword
mysql> use mydatabase;
mysql> GRANT blah blah
Thanks :)

Posted: Tue May 22, 2007 7:29 pm
by Weirdan

Code: Select all

mysql -u root -ppassword < script.sql

Posted: Tue May 22, 2007 7:42 pm
by alex.barylski
Cool. But I can't pass commands directly eh, so I can avoid using yet another external file?

Off topic:

I created the shell script logged in as root (su after login) so I assume root is owner. The only time I want this file read/write/execute is when user is logged in as root.

So as long as I give group or other no privs, security shouldn't be an issue eh?

The shell script is basically granting remote access to the RDBMS to a given IP address (my home) and when that isn't needed (after I've made chagnes using my locally installed DB manager) I want to disable it. That is the purpose of this shell script. :)

Posted: Tue May 22, 2007 8:10 pm
by Weirdan
Cool. But I can't pass commands directly eh, so I can avoid using yet another external file?
Read about shell redirection. '<' is just one of the shell redirection methods, you could use others if they work for you better.
So as long as I give group or other no privs, security shouldn't be an issue eh?
For a file with permission bits set to 0700 - yes. Only owner (root in your case) would be able to run, read or write that file.
The shell script is basically granting remote access to the RDBMS to a given IP address (my home) and when that isn't needed (after I've made chagnes using my locally installed DB manager) I want to disable it. That is the purpose of this shell script.
I'd rather have a ssh tunnel instead.

Posted: Tue May 22, 2007 8:43 pm
by alex.barylski
What do you mean by SSH tunnel instead?

What would the benefits to that be?

I'm using SSH to execute the shell script which is stored on the server. the script won't execute unless the user logins in as root (which I use a very secure password).

So what would the difference be? Admittedly I am not overly familiar with SSH tunneling, but I understand it to be basically a secure workaround for less secure technologies like FTP or telnet - you basically use SSH as a tunnel to pass commands through securely instead as plain text via traditional protocols???

Thanks for the advice :)

Posted: Tue May 22, 2007 8:44 pm
by redmonkey
Hockey wrote:Cool. But I can't pass commands directly eh, so I can avoid using yet another external file?
I normally wrap my SQL query routine in a function, it still uses an external file but it's created on the fly and allows you to use SQL commands directly in your scripting. Something along the lines of.....

Code: Select all

#!/bin/sh

DBUSER="databaseusername"
DBPASS="databasepassword"
DBNAME="databasename"

SQLEXEC=".sqlquery.$$"

use_db() {
    DBNAME="$1"
    return 0
}

do_query() {
    echo $1 >${SQLEXEC}
    mysql -u ${DBUSER} -p${DBPASS} ${DBNAME} < ${SQLEXEC}
    return $?
}

cleanup() {
    rm -f ${SQLEXEC}
    return $?
}

# do whatever scripting

# select a db to use
use_db databasename

# to execute a query on the database
do_query "SHOW TABLES;"

# do some more scripting

# end of script cleanup
cleanup

Posted: Wed May 23, 2007 1:29 am
by Weirdan
What would the benefits to that be?
There would be no need to change mysql server grants every time because server would believe you're connecting from the localhost.