On Thu, Apr 05, 2012 at 11:19:00PM +0100, Joe Nyland wrote:

[...]
> mysqldump --all-databases --single-transaction --delete-master-logs \
>   --flush-logs --master-data --opt -u ${DBUSER} -p${DBPASS} \
>   > ${DST}/${HOST}_${DATE}_${TIME}.sql.dmp
[...]

I don't have an answer to the problem being discussed but nonetheless
I want to offer one improvement.  Having password be passed to a program
this way is lame since when it appears on the command line it can be
read by anyone.

Of course this can be a secured box with no regular user accounts but
still a good security practice is to create a mysql configuration file
reading something like

[client]
host     = localhost
user     = bacula
password = secret
socket   = /var/run/mysqld/mysqld.sock

You then place it somewhere Bacula can read it, restrict access to it by
making it something like root:bacula 0640 (provided the user bacula is a
member of group bacula) and pass the name of this file to mysqldump
via its "--defaults-file" command-line argument, like this:

mysqldump --defaults-file=/usr/local/etc/bacula/mysql.cnf ...


------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users