This document details how to install MySQL on Linux,
and how to configure it to work with Caucus.
The precise details will vary slightly for different
flavors of unix.
I. Download and install MySQL
There are many ways to install MySQL, including running
update software (such as 'yum' or 'up2date'), building
from source, installing a binary package, or installing a set of
These instructions detail using the RPM files, which we believe
is the simplest method.
Adapt these instructions accordingly if you are using a
different download method.
Most linux/unix systems today include MySQL, but if your
server does not already have version 4.1 or later, you may
need to install or upgrade it.
- From www.mysql.com/downloads/mysql-4.1.html, download
the Linux RPM files listed below.
(The precise version numbers may vary; this is just an example.)
|Category ||sample file
|Server 4.1 ||MySQL-server-4.1.11-0.i386.rpm
|Libraries and header files 4.1
|Dynamic client libraries 4.1
|Client programs 4.1 ||MySQL-client-4.1.11-0.i386.rpm
- As root, install the rpm's:
rpm -i MySQL-server-4.1.11-0.i386.rpm
rpm -i MySQL-client-4.1.11-0.i386.rpm
rpm -i MySQL-devel-4.1.11-0.i386.rpm
rpm -i MySQL-shared-4.1.11-0.i386.rpm
(If you already have an earlier version of MySQL installed, you
should use "rpm -U" instead of "rpm -i", and you may need to
add "--nodeps" to several of the rpm commands.
But don't worry about it unless "rpm -i" complains!)
II. Secure MySQL
There is a great deal of literature about how to properly secure
MySQL depending on your intended use and circumstances.
MySQL Reference Manual is an excellent place to start.
In these instructions, we assume that MySQL should only be
accessible from the local host (not by other clients over the network),
and the absolute minimum of 'root' level access.
III. Set MySQL parameters
- Always start mysql for local access only.
As root, edit /etc/init.d/mysql, and find the line that actually runs
mysqld_safe. Add the "--skip-network" option.
The result should look something like:
$bindir/mysqld_safe --datadir=$datadir --pid-file=$pid_file --skip-networking &
Stop and restart mysql:
- Limit root and non-essential access.
Change the default (empty) root password.
Delete any non-localhost 'root' users, and any 'blank' users.
mysqladmin -u root password new_password
mysql -u root --password=new_password
mysql> use mysql;
mysql> delete from user where host = '%';
mysql> delete from user where user = '';
mysql> delete from db where user = '';
mysql> select user, host from user;
If you see any 'root' users other than root@localhost, delete
them -- e.g.
mysql> delete from user where user = 'root' and host='myhost.com'
Flush the privileges.
mysql> flush privileges;
If you expect to have long-running Caucus sessions (i.e. someone logged in for more than
an hour at a time), you will need to raise the MySQL session limits.
Edit /etc/my.cnf, and in the [mysqld] section, add:
interactive_timeout = 28800
wait_timeout = 28800
connect_timeout = 28800
Then restart the MySQL service.
The rest of the Caucus-related configuation is done automatically
by the Caucus 'install' script.
You will need the MySQL 'root' password.