Question & Answer
Question
We would like to create a read-only account so that we can check the data in the RTM 'cacti' database. We don't want to use the cacti account as this can modify the data. We would like to query the DB with out modifying it. How can we do this?
Answer
1. Local 'cacti' database
This section applies to the case where your cacti database is located locally on your RTM web server. You can easily find out if your RTM is using local MySQL database by checking the parameter DB_Host in /opt/rtm/etc/lsfpollerd.conf, on your RTM web server.
- # grep localhost /opt/rtm/etc/lsfpollerd.conf
# | DB_Host 'localhost' or socket file for Unix |
DB_Host localhost
1. Login to your MySQL server as root account and use the mysql database:
# mysql
- NOTE: By default, RTM installation does not set any password for root user access to mysql server. In your environment, if root user does required a password, you must obtain it from your RTM or DB administrator, before proceeding to step 2.
Alternatively, you can reset root password yourself following steps in this article. This may affect security of your RTM server, so use your best judgement before proceeding.
2. Crate a read-only user and define a password for it:
# CREATE USER 'some-user-name'@'localhost' IDENTIFIED BY 'some-password';
3. Give the read-only privilege (i.e. SELECT statement) to the new user:
# GRANT SELECT ON cacti.* TO 'some-user'@'localhost';
4. Confirm the user was created correctly.
# SHOW GRANTS FOR 'some-user'@'localhost';
- +----------------------------------------------------------------------------------------------------------------+
| Grants for cactiro@localhost |
+----------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'cactiro'@'localhost' IDENTIFIED BY PASSWORD '*8E6B0FB0841FCD5C636BF3B9C5ECA2858B863575' |
| GRANT SELECT ON `cacti`.* TO 'cactiro'@'localhost' |
+----------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
You should see the 'GRANT SELECT' line similar to the output above.
2. Remote 'cacti' database
If your cacti database sits on a different server from the RTM web server, then you need to make a small change to the above process. Instead of using 'localhost' in steps 2 - 4, you must use '%'. For example, in step 2 you need to execute following statement:
- # CREATE USER 'some-user-name'@'%' IDENTIFIED BY 'some-password';
You can check that you've set the read-only permissions correctly, similarly to step 4 above.
In the output, you should see the 'GRANT SELECT' referring to 'some-user'@'%'.
Related Information
[{"Product":{"code":"SSVMSD","label":"Platform RTM"},"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Component":"--","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"","label":""}},{"Product":{"code":"SSZT2D","label":"IBM Spectrum LSF RTM"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}},{"Product":{"code":"SSZT2D","label":"IBM Spectrum LSF RTM"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
isg3T1020608