For most backup operations, the mysqlbackup
command connects to the MySQL server through
--user and --password options.
This user requires certain privileges. You can either create a
new user with a minimal set of privileges, or use an
administrative account such as the root user.
The minimum privileges for the MySQL user that mysqlbackup connects as are:
RELOAD on all databases and tables.
CREATE, INSERT, and
DROP on the tables
mysql.ibbackup_binlog_marker,
mysql.backup_progress, and
mysql.backup_history.
SUPER, used to optimize locking and
minimize disruption to database processing. This privilege
is only needed to back up MySQL 5.5 and higher servers.
CREATE TEMPORARY TABLES for the
mysql database. This privilege is only
needed to back up MySQL 5.5 and higher servers.
REPLICATION CLIENT, to retrieve the
binlog position, which is
stored with the backup.
To set these privileges for a MySQL user (dba
in this example) connecting from localhost, issue statements
like the following from the mysql client
program:
$mysql -u rootmysql>GRANT RELOAD ON *.* TO 'dba'@'localhost';mysql>GRANT CREATE, INSERT, DROP ON mysql.ibbackup_binlog_marker TO 'dba'@'localhost';mysql>GRANT CREATE, INSERT, DROP ON mysql.backup_progress TO 'dba'@'localhost';mysql>GRANT CREATE, INSERT, DROP ON mysql.backup_history TO 'dba'@'localhost';mysql>GRANT REPLICATION CLIENT ON *.* TO 'dba'@'localhost';mysql>GRANT SUPER ON *.* TO 'dba'@'localhost';mysql>GRANT CREATE TEMPORARY TABLES ON mysql.* TO 'dba'@'localhost';mysql>FLUSH PRIVILEGES;