PlanetMysql.ru — информация о СУБД MySQL

Instead of the usual text-heavy blog posts that appear here, I thought it would be fun to mix things up and do a screencast showing exactly how easy it is to upgrade MySQL to MariaDB:

Some notes:

• The laptop I’m using had MySQL 5.1.55 installed with one database (apart from the system database). Installing MariaDB does not impact existing data in any way and once the install completed I had instant access to my data.
• As part of the install you are given the option to set a new password for the root user. I choose to do it in the video, but you don’t need to. If you leave the password field blank the root password will not be changed. Other database users are preserved, of course.
• As with any database upgrade, before doing this to a production system you should have backups and test.

Links:

Links shown or mentioned in the video:

• http://kb.askmonty.org/en/installing-mariadb-deb-files
• http://downloads.askmonty.org/mariadb/
• http://downloads.askmonty.org/mariadb/repositories/
• and of course: http://mariadb.org/

Comments?

What do you think? Should we make more screencasts? If so, what would you like to see demonstrated?

PlanetMySQL Voting: Vote UP / Vote DOWN

The MySQL community have something new on their radars. First up, it looks like MySQL is now part of the Oracle Software Security Assurance and this is something all MySQL users should be happy about. Next, it is worth noting that MySQL is now part of the Oracle Critical Patch Update (Oracle CPU), as the MySQL product line has made it into its first Oracle CPU advisory for January 2012.

As part of the MySQL community, CPU’s are new to us — they are released on the Tuesday closest to the 17th day of January, April, July and October. This kind of reminds us of Patch Tuesday, but let’s not digress.

Being the first time MySQL is part of the Critical Patch Update, the advisory suggests that there are 27 new security fixes for Oracle MySQL, with one of the vulnerabilities having the possibility of remote exploitation without authentication. As developers of a MySQL branch we are naturally concerned towards the nature of this CPU’s.

For starters, its good to note that MariaDB is always based from a branch of MySQL (MySQL 5.1 for MariaDB 5.1, 5.2 & 5.3, and MySQL 5.5 for MariaDB 5.5). So whenever there are security fixes that Oracle make into MySQL 5.1 and MySQL 5.5, we inherit them. This is one of the benefits of being a branch as opposed to being a fork.

“Oracle advisories include all issues that appeared since the last advisory. But this is the first advisory for MySQL. So either Oracle found 27 new problems since October 2011 or this includes everything that’s been outstanding,” said Sergei Golubchik, VP of Architecture for MariaDB and former MySQL security contact.

Upon looking up all the CVE numbers, the reports were vague, like “Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.” They do not reference bug numbers, so from a bit of guesswork, we might assume that http://bazaar.launchpad.net/~mysql/mysql-server/5.1/revision/3560.1.3 is possibly a fix for the most serious vulnerability – the one that can be remotely exploited without authentication. That, for example, was fixed in May 2011, and has long been present in both MySQL and MariaDB, though our implementation varies from upstream.

We notice most CVE’s being reported in January 2012, but have no idea when they were reported to the Oracle bug database or bugs.mysql.com and when they were fixed. We believe that this is perhaps Oracle including MySQL into their Software Security Assurance program, which is what triggered all security bugs to be reported on cve.mitre.org, all on the same day.

Whether these 27 fixes are new or existing ones now being bundled up and reported in a Critical Patch Update remains open until more accurate information on what bugs they address is provided. We’re actively working on finding out the answer.

PlanetMySQL Voting: Vote UP / Vote DOWN

In this primer I will show how to improve the security of your MariaDB installation by using two-step verification and how to use it from your Windows GUI client.

Let’s suppose you have your data in MariaDB, installed, say, on Ubuntu. And your users connect to it to run ad hoc queries, using some sort of a Windows GUI client. You don’t want them to write the access password on post-it notes or have it auto-entered by the client. And you don’t want anyone see the password when one of the salespersons connects to the mother ship from his laptop in the Internet café. So you decide to use the two-step verification, just like Google does, to secure the access to the data.

If you don’t know what a “two-step verification” is, see, for example, this introductory video by Google.

So, 2-step verification looks great, but how can we implement it? Luckily, there is a PAM module in the Google Authenticator project, and we can use it with a MariaDB PAM authentication plugin.

Let me digress for a second. Below we will implement a 2-step verification based on Google Authenticator. But you may want to evaluate other similar solutions before putting this primer in production. There are quite a few PAM modules implementing one-time password approach (and pam_goolge_authenticator is just one of them). In particular, OPIE (and S/Key) look interesting, because they don’t require a valid Unix account and a home directory for every user. There are also hardware based solutions, where a user is required to have a small password generating device (like, for example, RSA SecurID).

But back to Google Authenticator. First, we need to install the PAM module. On Ubuntu 11.10 it is very simple: one apt-get. On distributions that don’t include it (and older Ubuntu versions), you can use manual installation instructions.

Either way, we install /lib/security/pam_google_authenticator.so (I don’t have Ubuntu 11.10, so I had to do it manually). For a 2-step verification we need to require both the normal account password and the one-time code. This can be achieved with the following PAM configuration file:

auth            required        pam_unix.so
auth            required        pam_google_authenticator.so
account         required        pam_unix.so

I had to put it in /etc/pam.d/mysql file, on your system the location may be different. Having done that, let’s install the MariaDB PAM plugin and create the user account:

Now we need to configure Google Authenticator for an account:

Time to install a password generator application. There are versions for Android, iOS, and Blackberry. Google explains the details. When the installation is finished, start the application and enter the secret key into it — manually or using the QR-code. And we’re done and can use two-step verification when connecting to MariaDB. But our users use Windows! How will it play along?

The answer depends on the Windows MariaDB client that that your users have. At the moment of writing this article, only HeidiSQL has full support for pluggable authentication. You may already have it installed — HeidiSQL is part of MariaDB Windows distribution. Alternatively, you can download it directly from the official site.

First, we use HeidiSQL session manager to configure the connection parameters. Here, we will connect as the user “serg” — the  user, that we have created above to use the PAM authentication plugin. Note that there is no special configuration for pluggable authentication on the client, it is enabled automatically when necessary.

Now we can connect to the server. It uses PAM authentication plugin, that loads Google Authenticator, that asks for a verification code. And we see HeidiSQL asking:

We start the Authenticator application, it generates the verification code:

And we use it to login! Next time the verification code will be different, and nobody looking over the shoulder will be able to steal our precious connection password.

PlanetMySQL Voting: Vote UP / Vote DOWN

Oracle WebLogic Server 12c is now available and comes with a zip installer.

This video shows how to develop and deploy a Java EE 6 application on WebLogic 12c using NetBeans. It builds a simple application using Java Persistence API 2.0, Enterprise JavaBeans 3.1, Servlets 3.0, Java API for RESTful Web Services 1.1, Java Server Faces 2.0, and Contexts & Dependency Injection 1.0. The video also explains how to configure MySQL database in NetBeans and use it for accessing the database tables in the Java EE 6 applications.

Enjoy!



You can also check out the sample code built in this application from here.

What kind of Java EE 6 applications are you deploying on WebLogic ?

What else would you like to see on this blog relating to Java EE 6 and WebLogic ?

Follow the complete series here.


PlanetMySQL Voting: Vote UP / Vote DOWN

This week we play a bunch of bloopers, some you have heard, some you haven't, as our year-end gift to you. We hope these make you laugh!

Sugus candy

PlanetMySQL Voting: Vote UP / Vote DOWN

This week, we continue our discussion about MySQL and its forks. We discuss the Percona server and MariaDB.

Percona Live comes to Washington, DC on Wednesday, January 11th, 2012 at the Walter E. Washington Convention Center. There is a 50% discount for students, faculty and staff of educational organizations, and a 35% discount for government employees. http://www.percona.com/live/dc-2012/

Percona Server
Percona software

read more

PlanetMySQL Voting: Vote UP / Vote DOWN

Parts of the world are already celebrating Christmas Eve and it’s time to relax and spend time with family and friends. Even if you don’t celebrate Christmas this is when there is time for less work. Here are a few words to round off MariaDB’s current state and where it’s heading.

This year culminated in MariaDB 5.3.3, the release candidate of 5.3. This is a significant release that makes years of work available by default in the database server. Earlier releases still required features to be explicitly switched on, but thanks to thorough testing assuring the quality of the new functionality we have now enabled them. It’s still called a release candidate which means it’s ready for general usage, but we want more user feedback before calling it stable. Make yourself familiar with the release notes.

Most of the new features and functionality of 5.3.3 are performance related making it possible to suddenly e.g. make use of subqueries, which previously has been a rare sight in MySQL® based applications due to the limitations that has existed. This is now addressed in MariaDB and we encourage you to start using subqueries. You will actually get a result to your query in a reasonable time.

Another nice addition in 5.3.3 is the new GIS (Geographic Information System) functionality. MariaDB introduces spatial functionality in accordance with the OpenGIS specification. If you have the need for GIS functionality in your application try MariaDB.

We had some challenges with the packaging of the authentication plugins and our release schedule was affected. Watch out for MariaDB 5.2.11 and MariaDB 5.5 in early 2012.

During 2011 we saw a huge increase in MariaDB popularity. We saw MariaDB being selected as the database for really critical systems (stay tuned for case studies of some of these systems). We saw some of the biggest IT companies making initial bets on MariaDB. A better basis for MariaDB’s 2012 couldn’t exist!

Thank You!

PlanetMySQL Voting: Vote UP / Vote DOWN

We have lately been talking about some upcoming features that we feel are important to MariaDB users, because the corresponding ones that will be provided with MySQL will be incompatible with MariaDB and closed source.

We’re happy to announce the following:

• The next version of MariaDB, version 5.2.10 will include an open source PAM Authentication Plugin. MariaDB 5.2.10 is scheduled for release next week.
• A Windows Authentication Plugin is in development and QA currently and will be part of MariaDB 5.2.11, which is scheduled for release before Christmas.
• MariaDB 5.5 will include both of the above plugins and an open source thread pool implementation. The soon-to-be-launched first version however will not include the thread pool.

Stay tuned for more information as soon as we start launching the above features.

Mission critical services relying on MariaDB should be aware that SkySQL has familiarized themselves with the new features and are ready to support all of the above options.

PlanetMySQL Voting: Vote UP / Vote DOWN

I just finished reading a couple of interesting, and somewhat related, blog posts which I think are worth sharing (apologies to anyone who has already seen them). One is from Jelastic and the other is from Michal Hrušecký.

I’ve written about MariaDB and the Jelastic cloud before (see MariaDB now available as a hosted database via Jelastic cloud platform). Now Jelastic has published statistics on the relative popularity of the various databases they offer. The good news is MariaDB is currently the database of choice for 14% of their customers. The bad news is that we’re in fourth place behind their other three database choices (MySQL, PostgreSQL, and MongoDB). However, MariaDB has only been available on their platform for a little over two months and we’re very happy that so many users of Jelastic’s state-of-the-art Java cloud are choosing to use MariaDB. Thanks!

In the second blog post, Michal Hrušecký shares the results of what he terms his “little MySQL survey”. This time MariaDB comes in second behind MySQL Community Server (and ahead of MySQL Cluster and Percona Server). In case you didn’t know, Michal packages MySQL and MariaDB for openSUSE, so this survey was a good way for him to judge the relative popularity of some of the more popular variants and give him ideas on how to improve things.

BTW: If you know of other interesting/informative/etc… blog posts related to MariaDB, let us know so we can add them to the Blog Posts Relevant to MariaDB page of the AskMonty Knowledgebase!

PlanetMySQL Voting: Vote UP / Vote DOWN

I suppose I should probably say “MariaDB στην Ελλάδα” which, according to Google Translate, is Greek for “MariaDB in Greece”. We’re still finalizing the arrangements, but I’m pleased to announce that the next Monty Program-sponsored MariaDB Developer Meeting will be held in (or near) Athens, Greece.

Monty Program tries to hold two MariaDB Developer Conferences / Monty Program company meetings each year. The most recent one was held in Portugal this past March and it’s past time for another one. Monty Program is a virtual company with employees scattered all around the world, and these meetings give us a chance to both get together with each other and to meet with other MariaDB developers and users.

The conference dates are Friday, Saturday, and Sunday, 11-13 November 2011. Most of us will be arriving on the 10th and leaving on the 15th. We will have an excursion day on Monday the 14th.

If you live in Greece, or would simply like to join us, please do! Nearly all of our conference sessions are open to the public, no registration required (but we would appreciate a heads up, just so we can make sure we have enough seats and power outlets). At past meetings we’ve had people from around the world join us, and we would like to continue that tradition.

As at past meetings, there will be three tracks: one focused on MariaDB development, a community track, and a documentation/infrastructure track. So there should be something of interest for anyone who would like to become involved in making MariaDB (and MySQL) better.

We’re working on the schedule right now. If there’s something you feel we should discuss, or if you are planning on attending let us know!

As soon as we have a meeting schedule put together, I’ll post it (or a link to it) here. During the conference I’ll also be posting our daily schedules and notes from the various sessions online, so watch this space!

Thanks.

PlanetMySQL Voting: Vote UP / Vote DOWN