MySQL (DCS Metadata Store) on Oracle Database Appliance
FAQs on MySQL (DCS metadata store) on Oracle Database Appliance.
How do I log into MySQL on Oracle
Database Appliance as an operating system root
user?
Only valid operating system root
user can log into MySQL. The
server-side auth_socket
authentication plugin is enabled for this operating
system root
user only, who is also a MySQL user, such that MySQL server
authenticates the operating system root
user as a MySQL client that can
connect from the local host through UNIX socket file instead of using a password. Hence,
password, that is, authentication_string
is not set for the MySQL
root
user.
root
user is already authenticated,
then run the following command to log into MySQL which uses auth_socket
authentication, through the UNIX socket file from the local host:
# /opt/oracle/dcs/mysql/bin/mysql --defaults-file=/opt/oracle/dcs/mysql/etc/mysqld.cnf
How do I log into MySQL on Oracle
Database Appliance as a mysql
user?
root
user, the DCS agent
application uses three MySQL users to connect to MySQL on Oracle Database Appliance:
dcsagent
GHSUSER21
GHSUSER23
These users can log into MySQL without using a password but using a SSL
certificate that uses X509 mutual SSL authentication. The setting
--require_secure_transport=ON
in the MySQL configuration file
/opt/oracle/dcs/mysql/etc/mysqld.cnf
is enabled and it causes the server
to accept connections from these MySQL users using SSL certificate and rejects all other
connections which do not use it.
dcsagent
connects to MySQL using DCS agent client
certificates. After SSL certificates are verified, the user can access only
‘dcsagentdb
’
schema./opt/oracle/dcs/mysql/bin/mysql --defaults-file=/opt/oracle/dcs/mysql/etc/mysqldb.cnf -u dcsagent --ssl_ca=/opt/oracle/dcs/odamysqlcert/client/ca.pem --ssl_cert=/opt/oracle/dcs/odamysqlcert/client/dcsagent-client-cert.pem --ssl-key=/opt/oracle/dcs/odamysqlcert/client/dcsagent-client-key.pem
GHSUSER21
connects to MySQL using Oracle RHP client
certificates. After SSL certificates are verified, the user can access only
‘GHSUSER21
’ schema.
# /opt/oracle/dcs/mysql/bin/mysql --defaults-file=/opt/oracle/dcs/mysql/etc/mysqldb.cnf -u GHSUSER21 --ssl_ca=/opt/oracle/dcs/odamysqlcert/client/ca.pem --ssl_cert=/opt/oracle/dcs/odamysqlcert/client/rhp-client-cert.pem --ssl-key=/opt/oracle/dcs/odamysqlcert/client/rhp-client-key.pem
GHSUSER23
connects to MySQL using Oracle RHP client
certificates. After SSL certificates are verified, the user can access only
‘GHSUSER23
’ schema.
# /opt/oracle/dcs/mysql/bin/mysql --defaults-file=/opt/oracle/dcs/mysql/etc/mysqldb.cnf -u GHSUSER23 --ssl_ca=/opt/oracle/dcs/odamysqlcert/client/ca.pem --ssl_cert=/opt/oracle/dcs/odamysqlcert/client/rhp-client-cert.pem --ssl-key=/opt/oracle/dcs/odamysqlcert/client/rhp-client-key.pem
Parent topic: Oracle Database Appliance Frequently Asked Questions