How to 'gracefully' avoid MySQL login prompt information in scripts

Both development , Or operation and maintenance , Maybe we all wrote Linux Shell The logic of the script accessing the database , With MySQL For example , Sign in MySQL Database time , He will return some warning messages , How to mask these tips gracefully ？ I saw this article by Mr. Yang in the open source community of aikesheng 《 Technology sharing | MySQL Avoid annoying warnings when writing scripts 》( Ownership of copyright ： Aikesheng open source community ), Mentioned how to Linux Shell Call down MySQL Various command-line tools shield the annoying alarm information output , Such as the following ,

[email protected]:/home/ytt# mysql -uytt -proot -e "select version()"
mysql: [Warning] Using a password on the command line interface can be insecure.
+-----------+
| version() |
+-----------+
| 8.0.29    |
+-----------+

Such alarm information is very unfriendly to the output of command execution results , So how do we shield him ？

Here are some ways you can think of , For reference .

(1) Give the user a blank password ( Not recommended )

Giving the user an empty password can mask the warning information , But it's extremely unsafe , Be similar to MySQL Service initialization --initialize-insecure Options .

[email protected]:/home/ytt# mysql -u ytt_no_pass -e "select user()"
+-----------------------+
| user()                |
+-----------------------+
| [email protected] |
+-----------------------+

(2) The user name and password are added to different blocks of the configuration file ( Not recommended )

MySQL The configuration files for are my.cnf、mysql.cnf、mysqld.cnf etc. , Just add the corresponding user name and password under different blocks in these configuration files .

[email protected]:/home/ytt# cat /etc/mysql/conf.d/mysql.cnf
[mysql]
prompt=mysql:\d:\v>
user=ytt
password=root
port=3340
[mysqldump]
user=ytt
password=root
port=3340
   
[mysqladmin]
user=ytt
password=root
port=3340

above [mysql] The content under the block indicates the right mysql The command line takes effect ,[mysqldump] The content under the block indicates the right mysqldump The tool works ,[mysqladmin] The content under the block indicates the right mysqladmin The tool works . Or write simply , Unified addition [client] in , Indicates that it is effective for all clients . Note that only part of the shared content can be added here .

[email protected]:/home/ytt# cat /etc/mysql/conf.d/mysql.cnf
[mysql]
prompt=mysql:\d:\v>
[client]
user=ytt
password=root
port=3340

Because these blocks are set for the client , No need to reboot MySQL service , Effective immediately .

[email protected]:/home/ytt# mysql -e "select user()"
+---------------+
| user()        |
+---------------+
| [email protected] |
+---------------+

(3) Set up MySQL environment variable ( Not recommended )

MySQL There are some built-in environment variables , Effective for all clients .

The official list of environment variables is as follows ,

https://dev.mysql.com/doc/refman/8.0/en/environment-variables.html

Set the required environment variables for the current user , Then call the command line tool . For example, setting password environment variables MYSQL_PWD 、 Tradition TCP Port environment variables MYSQL_TCP_PORT etc. .

[email protected]:/home/ytt# export MYSQL_PWD=root MYSQL_TCP_PORT=3340 
   
[email protected]:/home/ytt# mysql -uytt -e "select user()"
+---------------+
| user()        |
+---------------+
| [email protected] |
+---------------+

This method is not recommended , environment variable MYSQL_PWD Easily accessible to other users . For example, direct use ps Commands can be easily obtained MYSQL_PWD Value .

user 1 Execute the following command ,

[email protected]:/home/ytt# mysql -uytt -e "select sleep(1000)"

user 2 perform ps aex You can print out the environment variables MYSQL_PWD and MYSQL_TCP_PORT Value ,

[email protected]:/home/ytt# ps aex| grep MYSQL_PWD| grep -v 'grep'
7592 pts/0    S+     0:00 mysql -uytt -e select sleep(1000) LS_COLORS=rs=0:... MYSQL_PWD=root ...MYSQL_TCP_PORT=3340 ...

(4) Mask standard error output , Redirect to empty device file ( recommend )

[email protected]:/home/ytt# mysql -uytt -proot -P3340 -e"select version()"  2>/dev/null
+-----------+
| version() |
+-----------+
| 8.0.29    |
+-----------+

Here use Linux The characteristics of the system itself MySQL error message , And the numbers 2 File descriptor representing the error output ,/dev/null Stands for empty equipment .

That is, redirect the error message of executing this command to an empty device instead of standard output , In this way, the warning information can be shielded in disguise .

(5) Use mysql_config_edit Tools generate different login_path( recommend )

mysql_config_edit yes MySQL A tool officially released , Specially deal with such problems that users' passwords must be exposed , It can be set once , Repeated safe use .

How to use it is as follows ： Set up a login_path, The name is user_ytt , Enter the password as prompted .

[email protected]:/home/ytt# mysql_config_editor set -G user_ytt -S /var/run/mysqld/mysqld.sock -u ytt -p
Enter password:

Next , Call any MySQL Command line tools only need to bring --login-path Option to use .

[email protected]:/home/ytt# mysql --login-path=user_ytt -e 'select user()'
+---------------+
| user()        |
+---------------+
| [email protected] |
+---------------+
   
[email protected]:/home/ytt# mysqladmin  --login-path=user_ytt ping
mysqld is alive

mysql_config_editor Tools also have a drawback ： alike login_path Cannot be shared with all system users , Other users have to add their own login_path For normal use .

(6) Use Unix socket plug-in unit ( recommend , Local only )

auth_socket The plug-in is only based on local OS Login user name and local linux socket Document to authorize authentication .

For example, modifying users [email protected] Plug in auth_socket,

mysql> alter user [email protected] identified with auth_socket ;
Query OK, 0 rows affected (0.00 sec)
   
mysql> \q
Bye

Switch to OS user ytt,

[email protected]:/home/ytt# su ytt
   
[email protected]:~$ mysql -e "select user(),current_user()"
+---------------+----------------+
| user()        | current_user() |
+---------------+----------------+
| [email protected] | [email protected]  |
+---------------+----------------+

 I need to remind you that ： For the sake of safety , operation MySQL The user rights of must be allocated according to needs .

Xiaobai studies MySQL

《 Xiaobai studies MySQL - Incremental Statistics SQL The needs of - Scheme of windowed function 》

《 Xiaobai studies MySQL - The statistical " Be opportunistic "》

《 Xiaobai studies MySQL - Incremental Statistics SQL The needs of 》

《 Xiaobai studies MySQL - You've encountered this kind of scenario where you can't log in ？》

《 Xiaobai studies MySQL - There are some differences between users created by different versions 》

《 Xiaobai studies MySQL - A tool for randomly inserting test data 》

《 Xiaobai studies MySQL - varchar Why are type fields often defined as 255？》

《 Xiaobai studies MySQL - A case of flexible index creation 》

《 Xiaobai studies MySQL - “ Be opportunistic ” The number of records in a statistical table 》

《 Xiaobai studies MySQL - Once slow SQL The positioning of 》

《 Xiaobai studies MySQL - TIMESTAMP The type field is not empty and the default value property is affected 》

《 Xiaobai studies MySQL - Talk about the importance of data backup 》

《 Xiaobai studies MySQL - InnoDB Support optimize table？》

《 Xiaobai studies MySQL - table_open_cache The role of 》

《 Xiaobai studies MySQL - Table space defragmentation method 》

《 Xiaobai studies MySQL - Case sensitive problem solving 》

《 Xiaobai studies MySQL - only_full_group_by Validation rules for 》

《 Xiaobai studies MySQL - max_allowed_packet》

《 Xiaobai studies MySQL - mysqldump Parameter differences to ensure data consistency 》

《 Xiaobai studies MySQL - The query will lock the table ？》

《 Xiaobai studies MySQL - The problem of index key length limitation 》

《 Xiaobai studies MySQL - MySQL Will be affected by “ High water level ” Influence ？》

《 Xiaobai studies MySQL - Database software and initialization installation 》

《 Xiaobai studies MySQL - Chat 》

Recently updated articles ：

《 List of domestic databases 》

《 Xiaobai studies MySQL - The statistical " Be opportunistic "》

《 Xiaobai studies MySQL - Incremental Statistics SQL The needs of 》

《 Several guesses about the design of Tencent conference number 》

《 Mystery of power bank 》

Recent hot articles ：

《" Red Alert " Game open source code brings us a shock 》

Article classification and indexing ：

《 official account 1000 Article classification and index 》