You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

IEPM-BW Database Setup

A MySQL system has its own set of users which are distinct from the unix users, although the names can be the same. The recommended users are:

  1. iepm - this is the account the monitoring system runs with
  2. readonly - this is a readonly account for general access to the data
  3. apache (or nobody) - the account used by httpd to access the database
  4. cal (or other user) - the administrator account
  5. root - used for MySQL system administration

The accounts are defined by issuing grants to the account for accessing the data base.

Create the IEPM data base. Log into MySQL with the root account and password and issue the following command: "create database iepm;".

The following grant commands can be set up in a text file for 'batch' entry into MySQL, or they can be entered one by one. The root account and password must be known to set up the grants. Make sure you put the passwords in and don't use the string 'password'. Note the host name component of the grant. All these forms may not be necessary,however I have found that they are for various means of access.

#For you mysql administrator ('cal' in this case) grant all on *.* to cal@localhost identified by 'password' with grant option;

grant all on *.* to cal@192.203.218.61 identified by 'password' with grant option;
grant all on *.* to cal@iepmbw identified by 'password' with grant option;
grant all on *.* to cal@'iepmbw.bnl.org identified by 'password' with grant option;
grant file on *.* to cal;

#For the iepm account used by iepm to load data into the data base:

grant all on iepm.* to iepm@localhost identified by 'password';
grant all on iepm.* to iepm@192.203.218.61 identified by 'password';
grant all on iepm.* to iepm@iepmbw identified by 'password';
grant all on iepm.* to iepm@'iepmbw.bnl.org' identified by 'password';
grant file on *.* to iepm;

#For the readonly account (report generation) - no password

grant select on iepm.* to readonly@localhost;
grant select on iepm.* to readonly@'192.203.218.61';
grant select on iepm.* to readonly@iepmbw;
grant select on iepm.* to readonly@'iepmbw.bnl.org';
grant file on *.* to readonly;

#For the web server account (may be nobody or apache or other) - no password

grant select on iepm.* to apache@localhost;
grant select on iepm.* to apache@'192.203.218.61';
grant select on iepm.* to apache@iepmbw;
grant select on iepm.* to apache@'iepmbw.bnl.org';
grant file on *.* to apache;    

  • No labels