On 6 Apr 2012, at 23:52, Konstantin Khomoutov wrote:

> On Thu, Apr 05, 2012 at 11:19:00PM +0100, Joe Nyland wrote:
> 
> [...]
>> mysqldump --all-databases --single-transaction --delete-master-logs \
>>  --flush-logs --master-data --opt -u ${DBUSER} -p${DBPASS} \
>>> ${DST}/${HOST}_${DATE}_${TIME}.sql.dmp
> [...]
> 
> I don't have an answer to the problem being discussed but nonetheless
> I want to offer one improvement.  Having password be passed to a program
> this way is lame since when it appears on the command line it can be
> read by anyone.
> 
> Of course this can be a secured box with no regular user accounts but
> still a good security practice is to create a mysql configuration file
> reading something like
> 
> [client]
> host     = localhost
> user     = bacula
> password = secret
> socket   = /var/run/mysqld/mysqld.sock
> 
> You then place it somewhere Bacula can read it, restrict access to it by
> making it something like root:bacula 0640 (provided the user bacula is a
> member of group bacula) and pass the name of this file to mysqldump
> via its "--defaults-file" command-line argument, like this:
> 
> mysqldump --defaults-file=/usr/local/etc/bacula/mysql.cnf ...
> 

Konstantin,

Thank you very much for this tidbit of information - I really appreciate it. 
I'll be sure to build this into my backup routine, once I sort out by binary 
logging issues :-).

Thanks,

Joe
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users