1. Frequently Asked Questions
  2. Oracle Database Appliance Frequently Asked Questions
  3. MySQL (DCS Metadata Store) on Oracle Database Appliance

MySQL (DCS Metadata Store) on Oracle Database Appliance

FAQs on MySQL (DCS metadata store) on Oracle Database Appliance.

How do I log into MySQL on Oracle Database Appliance as an operating system root user?

Only valid operating system root user can log into MySQL. The server-side auth_socket authentication plugin is enabled for this operating system root user only, who is also a MySQL user, such that MySQL server authenticates the operating system root user as a MySQL client that can connect from the local host through UNIX socket file instead of using a password. Hence, password, that is, authentication_string is not set for the MySQL root user.

If the operating system root user is already authenticated, then run the following command to log into MySQL which uses auth_socket authentication, through the UNIX socket file from the local host: 
# /opt/oracle/dcs/mysql/bin/mysql --defaults-file=/opt/oracle/dcs/mysql/etc/mysqld.cnf

How do I log into MySQL on Oracle Database Appliance as a mysql user?

Other than operating system root user, the DCS agent application uses three MySQL users to connect to MySQL on Oracle Database Appliance:
  • dcsagent
  • GHSUSER21
  • GHSUSER23

These users can log into MySQL without using a password but using a SSL certificate that uses X509 mutual SSL authentication. The setting --require_secure_transport=ON in the MySQL configuration file /opt/oracle/dcs/mysql/etc/mysqld.cnf is enabled and it causes the server to accept connections from these MySQL users using SSL certificate and rejects all other connections which do not use it.

MySQL user dcsagent connects to MySQL using DCS agent client certificates. After SSL certificates are verified, the user can access only ‘dcsagentdb’ schema.
/opt/oracle/dcs/mysql/bin/mysql --defaults-file=/opt/oracle/dcs/mysql/etc/mysqldb.cnf -u dcsagent --ssl_ca=/opt/oracle/dcs/odamysqlcert/client/ca.pem --ssl_cert=/opt/oracle/dcs/odamysqlcert/client/dcsagent-client-cert.pem --ssl-key=/opt/oracle/dcs/odamysqlcert/client/dcsagent-client-key.pem
MySQL user GHSUSER21 connects to MySQL using Oracle RHP client certificates. After SSL certificates are verified, the user can access only ‘GHSUSER21’ schema. 
# /opt/oracle/dcs/mysql/bin/mysql --defaults-file=/opt/oracle/dcs/mysql/etc/mysqldb.cnf -u GHSUSER21 --ssl_ca=/opt/oracle/dcs/odamysqlcert/client/ca.pem --ssl_cert=/opt/oracle/dcs/odamysqlcert/client/rhp-client-cert.pem --ssl-key=/opt/oracle/dcs/odamysqlcert/client/rhp-client-key.pem
MySQL user GHSUSER23 connects to MySQL using Oracle RHP client certificates. After SSL certificates are verified, the user can access only ‘GHSUSER23’ schema. 
# /opt/oracle/dcs/mysql/bin/mysql --defaults-file=/opt/oracle/dcs/mysql/etc/mysqldb.cnf -u GHSUSER23 --ssl_ca=/opt/oracle/dcs/odamysqlcert/client/ca.pem --ssl_cert=/opt/oracle/dcs/odamysqlcert/client/rhp-client-cert.pem --ssl-key=/opt/oracle/dcs/odamysqlcert/client/rhp-client-key.pem

Parent topic: Oracle Database Appliance Frequently Asked Questions