Home > database >  Authenticate MySQL user against local Linux user account
Authenticate MySQL user against local Linux user account

Time:01-02

Is there a way to authenticate a remote MySQL/MariaDB user against the local Linux user account by the same username? I am thinking maybe there is a plugin that validates the user using /etc/passwd?

Hypothetical example:

CREATE USER 'newuser'@'remotehost' IDENTIFIED WITH auth_linux;

Use case: Lets say I change the password for a Linux user account. I would like to avoid having to update the password for the MySQL user as well, but having it being the same.

CodePudding user response:

You want to refer to authentication plugins in particular PAM. It looks like that is an Enterprise feature. You might be able to use the open source versions from Percona or MariaDB PAM.

INSTALL SONAME 'auth_pam';
CREATE USER username@hostname IDENTIFIED VIA pam;

CodePudding user response:

You can avoid the password complexity by using the unix_socket authentication.

CREATE USER username@localhost IDENTIFIED VIA unix_socket;

This allows the unix user matching username to authenticate but no other user can authenticate as username.

MySQL has the same with a different syntax:

CREATE USER username@localhost IDENTIFIED WITH auth_socket;
  • Related